[Bro] [bro] smtp log strangeness
seth at icir.org
Sun Apr 3 12:12:10 PDT 2016
> On Mar 25, 2016, at 12:49 PM, Jan Grashöfer <jan.grashoefer at gmail.com> wrote:
>> Why am I getting all of this extra info in these fields?
> The subject headers seem to look that strange to support other encodings
> than ASCII (see
Yep! There is a hacky script I wrote a while to deal with this stuff too (we need to integrate it into the analyzer at some point though)
If you load that script, it adds another field to smtp.log named "decoded_subject".
International Computer Science Institute
(Bro) because everyone has a network
More information about the Bro