base/protocols/dnp3/main.zeek
- DNP3
A very basic DNP3 analysis script that just logs requests and replies.
- Namespace
DNP3
- Imports
base/protocols/conn/removal-hooks.zeek, base/protocols/dnp3/consts.zeek
Summary
Types
Redefinitions
|
|
Events
Event that can be handled to access the DNP3 record as it is sent on to the logging framework. |
Hooks
DNP3 finalization hook. |
|
Detailed Interface
Types
- DNP3::Info
- Type
-
- ts:
time
&log
Time of the request.
- uid:
string
&log
Unique identifier for the connection.
- id:
conn_id
&log
Identifier for the connection.
- fc_request:
string
&log
&optional
The name of the function message in the request.
- fc_reply:
string
&log
&optional
The name of the function message in the reply.
- iin:
count
&log
&optional
The response’s “internal indication number”.
- ts:
Events
- DNP3::log_dnp3
- Type
event
(rec:DNP3::Info
)
Event that can be handled to access the DNP3 record as it is sent on to the logging framework.
Hooks
- DNP3::finalize_dnp3
- Type
DNP3 finalization hook. Remaining DNP3 info may get logged when it’s called.