[Bro-Dev] #610: topic/seth/syslog-analyzer-updates - Updates for syslog analyzer
Bro Tracker
bro at tracker.bro-ids.org
Mon Sep 12 12:31:33 PDT 2011
#610: topic/seth/syslog-analyzer-updates - Updates for syslog analyzer
---------------------------+--------------------
Reporter: seth | Owner:
Type: Merge Request | Status: new
Priority: Normal | Milestone: Bro1.6
Component: Bro | Version:
Keywords: beta |
---------------------------+--------------------
- Supports "Octet Stuffing" mode for Syslog over TCP (untested!). If
someone has a tracefile with TCP syslog, I'd appreciate getting a
few packets.
- DPD support for syslog. Calls ProtocolConfirmation when detected
and
includes signatures for UDP and TCP syslog.
- Removing newlines and nulls from EOL when syslog implementation has
included those in the actual message.
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/610>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list