Software NamespaceΒΆ
Namespace: Software.
- class zlogging.enum.Software.Type(value)[source]
Bases:
IntFlagEnum:
Software::Type.Scripts detecting new types of software need to redef this enum to add their own specific software types which would then be used when they create
Software::Inforecords.See also
- UNKNOWN = 1
A placeholder type for when the type of software is not known.
- OS_WINDOWS = 2
OS::WINDOWS (present if policy/frameworks/software/windows-version-detection.zeek is loaded) Identifier for Windows operating system versions
- DHCP_SERVER = 4
DHCP::SERVER (present if policy/protocols/dhcp/software.zeek is loaded) Identifier for web servers in the software framework.
- DHCP_CLIENT = 8
DHCP::CLIENT (present if policy/protocols/dhcp/software.zeek is loaded) Identifier for web browsers in the software framework.
- FTP_CLIENT = 16
FTP::CLIENT (present if policy/protocols/ftp/software.zeek is loaded) Identifier for FTP clients in the software framework.
- FTP_SERVER = 32
FTP::SERVER (present if policy/protocols/ftp/software.zeek is loaded) Not currently implemented.
- HTTP_WEB_APPLICATION = 64
HTTP::WEB_APPLICATION (present if policy/protocols/http/detect-webapps.zeek is loaded) Identifier for web applications in the software framework.
- HTTP_BROWSER_PLUGIN = 128
HTTP::BROWSER_PLUGIN (present if policy/protocols/http/software-browser-plugins.zeek is loaded) Identifier for browser plugins in the software framework.
- HTTP_SERVER = 256
HTTP::SERVER (present if policy/protocols/http/software.zeek is loaded) Identifier for web servers in the software framework.
- HTTP_APPSERVER = 512
HTTP::APPSERVER (present if policy/protocols/http/software.zeek is loaded) Identifier for app servers in the software framework.
- HTTP_BROWSER = 1024
HTTP::BROWSER (present if policy/protocols/http/software.zeek is loaded) Identifier for web browsers in the software framework.
- MySQL_SERVER = 2048
MySQL::SERVER (present if policy/protocols/mysql/software.zeek is loaded) Identifier for MySQL servers in the software framework.
- SMTP_MAIL_CLIENT = 4096
SMTP::MAIL_CLIENT (present if policy/protocols/smtp/software.zeek is loaded)
- SMTP_MAIL_SERVER = 8192
SMTP::MAIL_SERVER (present if policy/protocols/smtp/software.zeek is loaded)
- SMTP_WEBMAIL_SERVER = 16384
SMTP::WEBMAIL_SERVER (present if policy/protocols/smtp/software.zeek is loaded)
- SSH_SERVER = 32768
SSH::SERVER (present if policy/protocols/ssh/software.zeek is loaded) Identifier for SSH clients in the software framework.
- SSH_CLIENT = 65536
SSH::CLIENT (present if policy/protocols/ssh/software.zeek is loaded) Identifier for SSH servers in the software framework.
