[Zeek] Where to get detect-webapps log file?
Sachinji Giri
sachin.giribuva at niyuj.com
Fri Jun 21 03:50:08 PDT 2019
Hi there,
I am using zeek in a container with hosts network. My bro/zeek version is
following. Bold text are the commands that get executed in the container.
# docker run --cap-add=NET_RAW --net=host --rm blacktop/*zeek --version*
bro version 2.6-255
I ran zeek with detect-webapps bro script from policy. I browsed a couple
of phpadmin websites etc but *I could not get any logs specific to
detect-webapps.*
# docker run --cap-add=NET_RAW --net=host --rm blacktop/*zeek -i 'enp2s0'
protocols/http/detect-webapps*
listening on enp2s0
~~~~~
It runs forever and I got following log files :
conn.log dns.log packet_filter.log weird.log
dhcp.log files.log ssl.log x509.log
*Where to get detect-webapps log file?*
*What does detect-webapps do and where it logs its data?*
Any help will be much appreciated.
--
Regards,
Sachin Giri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190621/8d6234e6/attachment.html
More information about the Zeek
mailing list