[Bro-Dev] Bro byte and packet counting in devel
Seth Hall
seth at icir.org
Tue Mar 8 09:30:00 PST 2011
On Mar 8, 2011, at 12:13 PM, Vern Paxson wrote:
> Yep, exactly. I grepped around for osize/rsize and didn't find it. In
> fact, I'm still not finding it. So is this an informal term, or am I not
> looking in the right place?
c$orig$size and c$resp$size
type endpoint: record {
size: count;
state: count;
};
type connection: record {
id: conn_id;
orig: endpoint;
resp: endpoint;
start_time: time;
duration: interval;
service: string_set; # if empty, service hasn't been determined
addl: string;
hot: count; # how hot; 0 = don't know or not hot
history: string;
};
.Seth
More information about the bro-dev
mailing list