Skip to content

Commit

Permalink
Merge pull request #104 from nttcom/fix_zeek_dns
Browse files Browse the repository at this point in the history 
dns.logの集約機能追加
  • Loading branch information
Takuma Tsubaki authored Mar 2, 2023
2 parents 6f494a0 + 2533442 commit 0b3d410
Show file tree
Hide file tree
Showing 3 changed files with 918 additions and 2 deletions.
3 changes: 2 additions & 1 deletion osect_sensor/Infrastructure/edge_cron/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -213,10 +213,11 @@ RUN mkdir /opt/ot_tools \
&& cp -p ot_tools/broscript/ns.zeek /opt/zeek/share/zeek/site/ \
&& cp -p ot_tools/broscript/main_bacnet.zeek /opt/zeek/share/zeek/site/ \
&& cp -p ot_tools/broscript/consts_bacnet.zeek /opt/zeek/share/zeek/site/ \
&& cp -p ot_tools/broscript/dns.zeek /opt/zeek/share/zeek/base/protocols/dns/main.zeek \
&& cp -p ot_tools/*.sh /opt/ot_tools/ \
&& cp -p ot_tools/tsharkfields2bacnetservicelog_dict.awk /opt/ot_tools/ \
&& cp -p ot_tools/yaf.awk /opt/ot_tools/ \
&& cp -pr ot_tools/p0f /opt/
&& cp -pr ot_tools/p0f /opt/

# 環境変数
RUN printenv | grep -e https_proxy -e HTTPS_PROXY -e http_proxy -e HTTP_PROXY -e no_proxy -e NO_PROXY| awk '{print "export " $1}' > /opt/ot_tools/proxy_env.txt \
Expand Down
2 changes: 1 addition & 1 deletion osect_sensor/Infrastructure/edge_cron/work/ot_tools/broscript/arp.zeek
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ export {
redef enum Log::ID += { LOG };

type Info: record {
ts: time &optional &log;
ts: time &log &optional;
orig_mac: string &log &optional;
orig_ip: addr &log &optional;
resp_mac: string &log &optional;
Expand Down
Loading

0 comments on commit 0b3d410

Please sign in to comment.