policy/protocols/modbus/known-masters-slaves.zeek
- Known
Script for tracking known Modbus masters and slaves.
Todo
This script needs a lot of work. What might be more interesting is to track master/slave relationships based on commands sent and successful (non-exception) responses.
- Namespace:
Known
- Imports:
Summary
State Variables
|
The Modbus nodes being tracked. |
Types
Redefinitions
Events
Event that can be handled to access the loggable record as it is sent on to the logging framework. |
Hooks
Detailed Interface
State Variables
- Known::modbus_nodes
- Type:
- Attributes:
&create_expire
=1.0 day
&redef
- Default:
{}
The Modbus nodes being tracked.
Types
Events
- Known::log_known_modbus
- Type:
event
(rec:Known::ModbusInfo
)
Event that can be handled to access the loggable record as it is sent on to the logging framework.