-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Enable ssl-log-ext by default #12
Comments
This issue is being transferred to the newer build-zeek repo where we're able to build current Zeek releases and hence could actually take up this work now. |
Verified with an artifact based on build-zeek commit dc10ee9 created from this Actions run. After processing this test wrccdc pcap with that Zeek artifact, here's how the
|
A community user inquired on a Slack thread:
Per the docs at https://docs.zeek.org/en/master/scripts/policy/protocols/ssl/ssl-log-ext.zeek.html, this is one of the additional fields that's disabled by default. I confirmed with a separate Zeek install that adding the config
@load policy/protocols/ssl/ssl-log-ext
tolocal.zeek
added these additional fields.When informed of this, the community user said:
When we get to updating the bundled Zeek, we could consider enabling this by default.
The text was updated successfully, but these errors were encountered: