policy/protocols/conn/disable-unknown-ip-proto-support.zeek

This script filters the ip_proto field out of the conn.log and disables logging of connections with unknown IP protocols.

Imports

base/frameworks/analyzer/main.zeek, base/protocols/conn

Summary

Redefinitions

Conn::Info: record

Detailed Interface