base/bif/plugins/Zeek_Ident.events.bif.zeek¶
-
GLOBAL¶
- Namespace
GLOBAL
Summary¶
Events¶
Generated for Ident error replies. |
|
Generated for Ident replies. |
|
Generated for Ident requests. |
Detailed Interface¶
Events¶
-
ident_error¶ - Type
event(c:connection, lport:port, rport:port, line:string)
Generated for Ident error replies.
See Wikipedia for more information about the Ident protocol.
- C
The connection.
- Lport
The corresponding request’s local port.
- Rport
The corresponding request’s remote port.
- Line
The error description returned by the reply.
See also:
ident_reply,ident_requestTodo
Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.
-
ident_reply¶ -
Generated for Ident replies.
See Wikipedia for more information about the Ident protocol.
- C
The connection.
- Lport
The corresponding request’s local port.
- Rport
The corresponding request’s remote port.
- User_id
The user id returned by the reply.
- System
The operating system returned by the reply.
See also:
ident_error,ident_requestTodo
Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.
-
ident_request¶ - Type
event(c:connection, lport:port, rport:port)
Generated for Ident requests.
See Wikipedia for more information about the Ident protocol.
- C
The connection.
- Lport
The request’s local port.
- Rport
The request’s remote port.
See also:
ident_error,ident_replyTodo
Zeek’s current default configuration does not activate the protocol analyzer that generates this event; the corresponding script has not yet been ported. To still enable this event, one needs to register a port for it or add a DPD payload signature.