base/protocols/irc/main.bro

IRC

Implements the core IRC analysis support. The logging model is to log IRC commands along with the associated response and some additional metadata about the connection if it’s available.

Namespace:IRC
Source File:/scripts/base/protocols/irc/main.bro

Summary

Types

IRC::Info: record  

Events

IRC::irc_log: event Event that can be handled to access the IRC record as it is sent on to the logging framework.

Detailed Interface

Types

IRC::Info
Type:

record

ts: time &log

Timestamp when the command was seen.

uid: string &log

Unique ID for the connection.

id: conn_id &log

The connection’s 4-tuple of endpoint addresses/ports.

nick: string &log &optional

Nickname given for the connection.

user: string &log &optional

Username given for the connection.

command: string &log &optional

Command given by the client.

value: string &log &optional

Value for the command given by the client.

addl: string &log &optional

Any additional data for the command.

dcc_file_name: string &log &optional

(present if base/protocols/irc/dcc-send.bro is loaded)

DCC filename requested.

dcc_file_size: count &log &optional

(present if base/protocols/irc/dcc-send.bro is loaded)

Size of the DCC transfer as indicated by the sender.

dcc_mime_type: string &log &optional

(present if base/protocols/irc/dcc-send.bro is loaded)

Sniffed mime type of the file.

fuid: string &log &optional

(present if base/protocols/irc/files.bro is loaded)

File unique ID.

Events

IRC::irc_log
Type:event (rec: IRC::Info)

Event that can be handled to access the IRC record as it is sent on to the logging framework.


Copyright 2016, The Bro Project. Last updated on December 13, 2017. Created using Sphinx 1.5.2.