[Bro-Dev] question & meta-question regarding "path" field in smtp.log
Vern Paxson
vern at icir.org
Wed Nov 30 15:24:25 PST 2011
The question is: what's the semantics of this log field? In the
trace slice I'm looking at, it's just the server,client. Is it meant
to have the Received chain?
The meta-question is: how am I supposed to find documentation for stuff
like this? Searching on "smtp path" from bro-ids.org didn't bring up
obvious hits. It wasn't that hard to navigate my way to:
http://bro-ids.org/documentation-beta/bro-scripts/scripts/base/protocols/smtp/main.html
but there all I find is a listing of the type of "path", but not its meaning:
path: vector &log &optional
Is this just because the documentation hasn't yet caught up this far?
Vern
More information about the bro-dev
mailing list