policy/protocols/modbus/track-memmap.bro
-
Modbus
This script tracks the memory map of holding (read/write) registers and logs changes as they are discovered.
Todo
Not all register read and write functions are supported yet.
| Namespace: | Modbus |
|---|---|
| Imports: | base/protocols/modbus, base/utils/directions-and-hosts.bro |
| Source File: | /scripts/policy/protocols/modbus/track-memmap.bro |
Summary
Options
Modbus::track_memmap: Host &redef |
The hosts that should have memory mapping enabled. |
State Variables
Modbus::device_registers: table |
The memory map of slaves is tracked with this variable. |
Types
Modbus::MemmapInfo: record |
|
Modbus::RegisterValue: record |
|
Modbus::Registers: table |
Indexed on the device register value and yielding the register value. |
Redefinitions
Log::ID: enum |
|
Modbus::Info: record |
Events
Modbus::changed_register: event |
This event is generated every time a register is seen to be different than it was previously seen to be. |
Detailed Interface
Options
State Variables
-
Modbus::device_registers Type: table[addr] ofModbus::RegistersDefault: {}The memory map of slaves is tracked with this variable.
Types
-
Modbus::MemmapInfo Type: - ts:
time&log Timestamp for the detected register change.
- uid:
string&log Unique ID for the connection.
- id:
conn_id&log Connection ID.
- register:
count&log The device memory offset.
- old_val:
count&log The old value stored in the register.
- new_val:
count&log The new value stored in the register.
- delta:
interval&log The time delta between when the old_val and new_val were seen.
- ts:
-
Modbus::Registers Type: table[count] ofModbus::RegisterValueIndexed on the device register value and yielding the register value.
Copyright 2016, The Bro Project.
Last updated on December 07, 2018.
Created using Sphinx 1.8.2.