Scribd Logo
Upload

Welcome to Scribd!

  • New Text Document

    Uploaded by

    Jorn Hatcher
    5 views2 pages
    The document contains configuration settings for Zeek log files. It lists over 30 different types of log files that are enabled, and specifies the file path for each one under the "/opt/zeek/logs/current/" directory.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document contains configuration settings for Zeek log files. It lists over 30 different types of log files that are enabled, and specifies the file path for each one under the "/opt/zeek/logs/current/" directory.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    5 views2 pages

    New Text Document

    Uploaded by

    Jorn Hatcher
    The document contains configuration settings for Zeek log files. It lists over 30 different types of log files that are enabled, and specifies the file path for each one under the "/opt/zeek/logs/current/" directory.

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 2

    capture_loss:

    enabled: true
    var.paths: ["/opt/zeek/logs/current/capture_loss.logs"]
    connection:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/coon.logs"]
    dce_rpc:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/dce_rpc.logs"]
    dhcp:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/dhcp.logs"]
    dnp3:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/dnp3.logs"]
    dns:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/dns.logs"]
    dpd:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/dpd.logs"]
    files:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/files.logs"]
    ftp:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/ftp.logs"]
    http:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/http.logs"]
    intel:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/intel.logs"]
    irc:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/irc.logs"]
    kerberos:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/kerberos.logs"]
    modbus:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/modbus.logs"]
    mysql:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/mysql.logs"]
    notice:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/notice.logs"]
    ntp:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/ntp.logs"]
    ntlm:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/ntlm.logs"]
    ocsp:
    enabled: true
    var.paths:["/opt/zeek/logs/current/ocsp.logs"]
    pe:
    enabled: true
    var.paths:["/opt/zeek/logs/current/pe.logs"]
    radius:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/radius.logs"]
    rdp:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/rdp.logs"]
    rfb:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/rfb.logs"]
    signature:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/signatures.logs"]
    sip:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/sip.logs"]
    smb_cmd:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/smb_cmd.logs"]
    smb_files:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/smb_files.logs"]
    smb_mapping:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/smb_mapping.logs"]
    smtp:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/smtp.logs"]
    snmp:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/snmp.logs"]
    socks:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/socks.logs"]
    ssh:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/ssh.logs"]
    ssl:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/ssl.logs"]
    stats:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/stats.logs"]
    syslog:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/syslog.logs"]
    traceroute:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/traceroute.logs"]
    tunnel:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/tunnel.logs"]
    weird:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/weird.logs"]
    x509:
    enabled: true
    var.paths: ["/opt/zeek/logs/current/x509.log"]

    You might also like