c_meyer/KasperskyLab-TinyCheck
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed field mapping @ zeekengine.py (#143)

Browse Source 
Fixed field mapping @ zeekengine.py: resp_h is destination host, please refer to https://docs.zeek.org/en/current/log-formats.html
This commit is contained in:
Eugeny Ablesov 2023-08-14 15:14:42 +03:00 committed by GitHub
parent 9939dc3bf4
commit 4f989dcd94
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
analysis/classes/zeekengine.py
View File

@ -270,7 +270,7 @@ class ZeekEngine(object):
if record is not None: if record is not None:
f = {"filename": record["filename"], f = {"filename": record["filename"],
"ip_src": record["id.orig_h"], "ip_src": record["id.orig_h"],
"ip_dst": record["id.orig_p"], "ip_dst": record["id.resp_h"],
"mime_type": record["mime_type"], "mime_type": record["mime_type"],
"sha1": record["sha1"]} "sha1": record["sha1"]}
if f not in self.files: if f not in self.files: