Add ecat, enip, cip, and opcua

2025-12-20 07:53:06 +01:00 · 2022-11-11 12:15:54 -08:00
parent 85d30520ce
commit 73b1e5949b
31 changed files with 591 additions and 3 deletions
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -3020,6 +3020,43 @@ zeek_logs_enabled() {
 			"    - modbus_read_write_multiple_registers"\
 			"    - bacnet"\
 			"    - bacnet_discovery"\
-			"    - bacnet_property" >> "$zeeklogs_pillar"
+			"    - bacnet_property"
+			"    - ecat_registers"\
+                        "    - ecat_log_address"\
+                        "    - ecat_dev_info"\
+                        "    - ecat_aoe_info"\
+                        "    - ecat_coe_info"\
+                        "    - ecat_foe_info"\
+                        "    - ecat_soe_info"\
+                        "    - ecat_arp_info"\
+                        "    - enip"\
+                        "    - cip"\
+                        "    - cip_io"\
+                        "    - cip_identity"\
+                        "    - opcua_binary"\
+                        "    - opcua_binary_status_code_detail"\
+                        "    - opcua_binary_diag_info_detail"\
+                        "    - opcua_binary_get_endpoints"\
+                        "    - opcua_binary_get_endpoints_discovery"\
+                        "    - opcua_binary_get_endpoints_user_token"\
+                        "    - opcua_binary_get_endpoints_description"\
+                        "    - opcua_binary_get_endpoints_locale_id"\
+                        "    - opcua_binary_get_endpoints_profile_uri"\
+                        "    - opcua_binary_create_session"\
+                        "    - opcua_binary_create_session_user_token"\
+                        "    - opcua_binary_create_session_endpoints"\
+                        "    - opcua_binary_create_session_discovery"\
+                        "    - opcua_binary_activate_session"\
+                        "    - opcua_binary_activate_session_client_software_cert"\
+                        "    - opcua_binary_activate_session_locale_id"\
+                        "    - opcua_binary_activate_session_diagnostic_info"\
+                        "    - opcua_binary_browse"\
+                        "    - opcua_binary_browse_description"\
+                        "    - opcua_binary_browse_request_continuation_point"\
+                        "    - opcua_binary_browse_result"\
+                        "    - opcua_binary_browse_response_references"\
+                        "    - opcua_binary_browse_diagnostic_info"\
+                        "    - opcua_binary_create_subscription"\
+                        "    - opcua_binary_read" >> "$zeeklogs_pillar"
 	fi
 }
--- a/setup/so-whiptail
+++ b/setup/so-whiptail
@@ -1312,7 +1312,58 @@ whiptail_manager_adv_service_zeeklogs() {
 	"weird" "Zeek Weird Logs" ON \
 	"mysql" "MySQL Logs" ON \
 	"socks" "SOCKS Logs" ON \
-	"x509" "x.509 Logs" ON 3>&1 1>&2 2>&3)
+	"x509" "x.509 Logs" ON \
+	"modbus_detailed" "MODBUS Details" ON \
+        "modbus_mask_write_register" "MODBUS Write Register" ON \
+        "modbus_read_write_multiple_registers" "MODBUS Multi Registers" ON \
+        "dnp3_objects" "DNP3 Objections" ON \
+        "bacnet" "BACnet" ON \
+        "bacnet_discovery" "BACnet Discovery" ON \
+        "bacnet_property" "BACnet Property" ON \
+        "bsap_ip_header" "BSAP IP Header" ON \
+        "bsap_ip_rdb" "BSAP IP RDB" ON \
+        "bsap_ip_unknown" "BSAP IP Unknown" ON \
+        "bsap_serial_header" "BSAP Serial Header" ON \
+        "bsap_serial_rdb" "BSAP Serial RDB" ON \
+        "bsap_serial_rdb_ext" "BSAP Serial RDB Extenstion" ON \
+        "bsap_serial_unknown" "BSAP Serial Unknown" ON \
+	"ecat_registers" "Ethercat Registers" ON \
+        "ecat_log_address" "Ethercat Address Read Write" ON \
+        "ecat_dev_info" "Ethercat Device Info" ON \
+        "ecat_aoe_info" "Ethercat AoE Info" ON \
+        "ecat_coe_info" "Ethercat CoE Info" ON \
+        "ecat_foe_info" "Ethercat FoE Info" ON \
+        "ecat_soe_info" "Ethercat SoE Info" ON \
+        "ecat_arp_info" "Ethercat ARP Info" ON \
+        "enip" "ENIP Header" ON \
+        "cip" "CIP Header" ON \
+        "cip_io" "CIP I/O" ON \
+        "cip_identity" "CIP Identity" ON \
+        "opcua_binary" "OPC UA Binary Encoding" ON \
+        "opcua_binary_status_code_detail" "OPC UA Detail" ON \
+        "opcua_binary_diag_info_detail" "OPC UA Diag" ON \
+        "opcua_binary_get_endpoints" "OPC UA Endpoints" ON \
+        "opcua_binary_get_endpoints_discovery" "OPC UA Endpoints" ON \
+        "opcua_binary_get_endpoints_user_token" "OPC UA Endpoints" ON \
+        "opcua_binary_get_endpoints_description" "OPC UA Endpoints" ON \
+        "opcua_binary_get_endpoints_locale_id" "OPC UA Endpoints" ON \
+        "opcua_binary_get_endpoints_profile_uri" "OPC UA Endpoints" ON \
+        "opcua_binary_create_session" "OPC UA Session" ON \
+        "opcua_binary_create_session_user_token" "OPC UA Session" ON \
+        "opcua_binary_create_session_endpoints" "OPC UA Session" ON \
+        "opcua_binary_create_session_discovery" "OPC UA Session" ON \
+        "opcua_binary_activate_session" "OPC UA Session" ON \
+        "opcua_binary_activate_session_client_software_cert" "OPC UA Session" ON \
+        "opcua_binary_activate_session_locale_id" "OPC UA Session" ON \
+        "opcua_binary_activate_session_diagnostic_info" "OPC UA Session" ON \
+        "opcua_binary_browse" "OPC UA Browse" ON \
+        "opcua_binary_browse_description" "OPC UA Browse" ON \
+        "opcua_binary_browse_request_continuation_point" "OPC UA Browse" ON \
+        "opcua_binary_browse_result" "OPC UA Browse" ON \
+        "opcua_binary_browse_response_references" "OPC UA Browse" ON \
+        "opcua_binary_browse_diagnostic_info" "OPC UA Browse" ON \
+        "opcua_binary_create_subscription" "OPC UA UA Browse" ON \
+        "opcua_binary_read" "OPC UA Read" ON 3>&1 1>&2 2>&3)

 	local exitstatus=$?
 	whiptail_check_exitstatus $exitstatus