-
zeek-7 changed the way global IDs are written from `GLOBAL::XYZ` to `::XYZ`. This syntax is not supported by e.g., `zeek-format`.
```zeek
type r: record { };
event zeek_init()
{
local x: ::…
-
Would it be possible to integrate Bro/Zeek logs into pfelk?
Bro/Zeek is another IDS like Snort/Suricata but it looks for anomalous traffic. pfSense currently supports it but the logs are barely u…
-
Surprisingly, this script compiles fine:
```
type r: record {
a: count &default=3;
b: string &default="missing";
};
global x1: r;
type r: record {
d: count &default…
-
### Actual behavior
Experienced that when trying to update an existing warninglist through API (Using PyMISP) the actual warninglist is not getting updated
### Expected behavior
When the POST is ma…
-
### Implementing #99
Configured to run
- [x] Working ELK Stack (Elasticsearch, Logstash, Kibana)
- [x] Bro/Zeek traffic analyzer working
- [ ] Moloch/Arkime - configured to listen on the ops r…
-
I discovered a strange effect of using `EnumType` as arguments for events. Apparently our type checking allows something like this to succeed:
```
event test(t : PacketAnalyzer::Tag) {
print "3"…
-
I'm trying to use *only Pipelines* to process logs from Zeek (Bro IDS) and has hit a dead end. The JSON log has key pairs that have dot "." in their name. The JSON log I get in $message.message is as …
-
Hi, I'm a TSN beginner and I'm getting an error while compiling zeek in a reproduction project and the VM gets laggy why is that?
-
|Wazuh version|Component|Install type|Install method|Platform|
|---|---|---|---|---|
| 4.1 >= | Filebeat | Manager | Any | Linux |
Hi Team!,
Some alerts are being generated and stored in the…
-
Not able to install zeek or zeek-lts due to missing dependencies on Pi3B+