[Zeek] Help,About Packet Filter
Justin Azoff
justin at corelight.com
Thu Jan 23 08:15:22 PST 2020
Is your traffic encapsulated with vlan tags? Does changing the filter to
vlan and host 123.2.15.75
work any better?
On Tue, Jan 21, 2020 at 9:44 PM my <manyiant at 163.com> wrote:
> Hi,friends:
>
> I use restrict_filters to filter the traffic. but the settings did not take effect, all of the traffic was filtered. What should I do?
>
> My script is as follows:
>
> redef restrict_filters += {
>
> ["unmonitored host"] = "host 123.2.15.75"
> };
>
>
> I am looking forwoard to your replay. Thakns.
>
>
>
>
> _______________________________________________
> Zeek mailing list
> zeek at zeek.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek
--
Justin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200123/df576670/attachment.html
More information about the Zeek
mailing list