New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

misc/dump-events only dumps events handled by other scripts #169

Open
jsiwek opened this Issue Sep 17, 2018 · 0 comments

Comments

Projects
None yet
1 participant
@jsiwek
Copy link
Member

jsiwek commented Sep 17, 2018

Moved from https://bro-tracker.atlassian.net/browse/BIT-1218

Created by Vlad Grigorescu at 2014-07-11T20:06:01.469-0500:

misc/dump-events is a very handy script, and I often use it as a script writing tool. If I have a PCAP, I run it with misc/dump-events to get a quick sense of which events fire on it, and how many times each event fires. This helps me pick out the best event to handle.

The issue is that events that aren't handled elsewhere don't get reported, as unhandled events aren't generated. Would it be possible to have dump-events (or perhaps dump-all-events) pretend like all events are handled, to get a more complete event listing?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment