policy/integration/barnyard2/types.bro

Barnyard2

This file is separate from the base script so that dependencies can be loaded in the correct order.

Namespace:Barnyard2
Source File:/scripts/policy/integration/barnyard2/types.bro

Summary

Events

Barnyard2::barnyard_alert: event This is the event that Barnyard2 instances will send if they’re configured with the bro_alert output plugin.

Detailed Interface

Types

Barnyard2::AlertData
Type:

record

sensor_id: count &log

Sensor that originated this event.

ts: time &log

Timestamp attached to the alert.

signature_id: count &log

Sig id for this generator.

generator_id: count &log

Which generator generated the alert?

signature_revision: count &log

Sig revision for this id.

classification_id: count &log

Event classification.

classification: string &log

Descriptive classification string.

priority_id: count &log

Event priority.

event_id: count &log

Event ID.

Attributes:

&log

Barnyard2::PacketID
Type:

record

src_ip: addr &log

src_p: port &log

dst_ip: addr &log

dst_p: port &log

Attributes:

&log

Events

Barnyard2::barnyard_alert
Type:event (id: Barnyard2::PacketID, alert: Barnyard2::AlertData, msg: string, data: string)

This is the event that Barnyard2 instances will send if they’re configured with the bro_alert output plugin.

Copyright 2016, The Bro Project. Last updated on January 10, 2019. Created using Sphinx 1.7.5.