Table of Contents
conn.log
uid
dns.log
http.log
files.log
ftp.log
ssl.log
x509.log
smtp.log
pe.log
net user
notice.log
dce_rpc.log
kerberos.log
smb_mapping.log
extract_files/
smb_files.log
smb_mapping
ntlm.log
irc.log
rdp.log
traceroute.log
tunnel.log
dpd.log
known_certs.log
known_hosts.log
known_services.log
software.log
weird.log
capture_loss.log
reporter.log
init-plugin
If an RDP session is “upgraded” to SSL, this will be indicated with this script in a new field added to the RDP log.
RDP
base/protocols/rdp, base/protocols/ssl
RDP::Info: record
RDP::Info
record
bool
&log
&default
F
&optional
Flag the connection if it was seen over SSL.