[Bro-Dev] [JIRA] (BIT-1218) misc/dump-events only dumps events handled by other scripts

grigorescu (JIRA) jira at bro-tracker.atlassian.net
Fri Jul 11 18:06:07 PDT 2014


grigorescu created BIT-1218:
-------------------------------

             Summary: misc/dump-events only dumps events handled by other scripts
                 Key: BIT-1218
                 URL: https://bro-tracker.atlassian.net/browse/BIT-1218
             Project: Bro Issue Tracker
          Issue Type: Improvement
          Components: Bro
    Affects Versions: git/master
            Reporter: grigorescu
            Priority: Low


misc/dump-events is a very handy script, and I often use it as a script writing tool. If I have a PCAP, I run it with misc/dump-events to get a quick sense of which events fire on it, and how many times each event fires. This helps me pick out the best event to handle.

The issue is that events that aren't handled elsewhere don't get reported, as unhandled events aren't generated. Would it be possible to have dump-events (or perhaps dump-all-events) pretend like all events are handled, to get a more complete event listing?



--
This message was sent by Atlassian JIRA
(v6.3-OD-08-005-WN#6328)


More information about the bro-dev mailing list