[Zeek] MAC Address In Logs
Michael Shirk
shirkdog.bsd at gmail.com
Tue Feb 19 06:29:46 PST 2019
You need to add the following to your local.bro script to enable it,
as it is not on by default:
@load policy/protocols/conn/mac-logging
On Tue, Feb 19, 2019 at 2:07 AM TQ <nothinrandom at gmail.com> wrote:
>
> Is there a way to include MAC address in all of the logs or custom written logs? I saw the documentation (https://docs.zeek.org/en/latest/scripts/policy/protocols/conn/mac-logging.bro.html), but didn't see any MAC addresses even though I could see them in Wireshark.
>
> Thanks,
> _______________________________________________
> Zeek mailing list
> zeek at zeek.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek
--
Michael Shirk
Daemon Security, Inc.
https://www.daemon-security.com
More information about the Zeek
mailing list