[Zeek] HTTP/2 analyzer
Eric Ooi
ericooi at gmail.com
Wed Aug 21 10:52:41 PDT 2019
Has anyone tried the HTTP/2 analyzer from MITRE?:
https://github.com/MITRECND/bro-http2
I've installed it but it doesn't seem to generate any http2.log files. I
have a Palo Alto firewall performing decryption and mirroring this
decrypted traffic to my Zeek sensor. Zeek has no issue analyzing the
decrypted HTTP/1.1 traffic but I haven't yet seen decrypted HTTP/2 traffic
show up which is what the majority of my decrypted traffic seems to be.
Curious if anyone else has tried this or if the developers of the plugin
are on the list for me to bug. :P
Thanks!
Eric
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190821/29b71975/attachment.html
More information about the Zeek
mailing list