From fad6c46e7caf12638da83a701022fac114d7ae32 Mon Sep 17 00:00:00 2001 From: Doug Burks Date: Fri, 25 Nov 2022 09:35:00 -0500 Subject: [PATCH] fix zeek ics logs in so-zeek-logs --- salt/common/tools/sbin/so-zeek-logs | 70 ++++++++++++++--------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/salt/common/tools/sbin/so-zeek-logs b/salt/common/tools/sbin/so-zeek-logs index 0d84040e9..6e2f0629a 100755 --- a/salt/common/tools/sbin/so-zeek-logs +++ b/salt/common/tools/sbin/so-zeek-logs @@ -44,10 +44,6 @@ whiptail_manager_adv_service_zeeklogs() { "mysql" "" ON \ "socks" "" ON \ "x509" "" ON \ - "modbus_detailed" "" ON \ - "modbus_mask_write_register" "" ON \ - "modbus_read_write_multiple_registers" "" ON \ - "dnp3_objects" "" ON \ "bacnet" "" ON \ "bacnet_discovery" "" ON \ "bacnet_property" "" ON \ @@ -58,56 +54,60 @@ whiptail_manager_adv_service_zeeklogs() { "bsap_serial_rdb" "" ON \ "bsap_serial_rdb_ext" "" ON \ "bsap_serial_unknown" "" ON \ - "ecat_registers" "" ON \ - "ecat_log_address" "" ON \ - "ecat_dev_info" "" ON \ + "cip" "" ON \ + "cip_identity" "" ON \ + "cip_io" "" ON \ + "cotp" "" ON \ + "dnp3_objects" "" ON \ + "ecat_arp_info" "" ON \ "ecat_aoe_info" "" ON \ "ecat_coe_info" "" ON \ + "ecat_dev_info" "" ON \ "ecat_foe_info" "" ON \ + "ecat_log_address" "" ON \ + "ecat_registers" "" ON \ "ecat_soe_info" "" ON \ - "ecat_arp_info" "" ON \ "enip" "" ON \ - "cip" "" ON \ - "cip_io" "" ON \ - "cip_identity" "" ON \ + "modbus_detailed" "" ON \ + "modbus_mask_write_register" "" ON \ + "modbus_read_write_multiple_registers" "" ON \ "opcua_binary" "" ON \ - "opcua_binary_status_code_detail" "" ON \ - "opcua_binary_diag_info_detail" "" ON \ - "opcua_binary_get_endpoints" "" ON \ - "opcua_binary_get_endpoints_discovery" "" ON \ - "opcua_binary_get_endpoints_user_token" "" ON \ - "opcua_binary_get_endpoints_description" "" ON \ - "opcua_binary_get_endpoints_locale_id" "" ON \ - "opcua_binary_get_endpoints_profile_uri" "" ON \ - "opcua_binary_create_session" "" ON \ - "opcua_binary_create_session_user_token" "" ON \ - "opcua_binary_create_session_endpoints" "" ON \ - "opcua_binary_create_session_discovery" "" ON \ "opcua_binary_activate_session" "" ON \ "opcua_binary_activate_session_client_software_cert" "" ON \ - "opcua_binary_activate_session_locale_id" "" ON \ "opcua_binary_activate_session_diagnostic_info" "" ON \ + "opcua_binary_activate_session_locale_id" "" ON \ "opcua_binary_browse" "" ON \ "opcua_binary_browse_description" "" ON \ - "opcua_binary_browse_request_continuation_point" "" ON \ - "opcua_binary_browse_result" "" ON \ - "opcua_binary_browse_response_references" "" ON \ "opcua_binary_browse_diagnostic_info" "" ON \ + "opcua_binary_browse_request_continuation_point" "" ON \ + "opcua_binary_browse_response_references" "" ON \ + "opcua_binary_browse_result" "" ON \ + "opcua_binary_create_session" "" ON \ + "opcua_binary_create_session_discovery" "" ON \ + "opcua_binary_create_session_endpoints" "" ON \ + "opcua_binary_create_session_user_token" "" ON \ "opcua_binary_create_subscription" "" ON \ + "opcua_binary_diag_info_detail" "" ON \ + "opcua_binary_get_endpoints" "" ON \ + "opcua_binary_get_endpoints_description" "" ON \ + "opcua_binary_get_endpoints_discovery" "" ON \ + "opcua_binary_get_endpoints_locale_id" "" ON \ + "opcua_binary_get_endpoints_profile_uri" "" ON \ + "opcua_binary_get_endpoints_user_token" "" ON \ "opcua_binary_read" "" ON \ - "cotp" "" ON \ - "s7comm" "" ON \ - "s7comm_read_szl" "" ON \ - "s7comm_upload_download" "" ON \ - "s7comm_plus" "" ON \ - "tds" "" ON \ - "tds_rpc" "" ON \ - "tds_sql_batch" "" ON \ + "opcua_binary_status_code_detail" "" ON \ "profinet" "" ON \ "profinet_dce_rpc" "" ON \ "profinet_debug" "" ON \ + "s7comm" "" ON \ + "s7comm_read_szl" "" ON \ + "s7comm_plus" "" ON \ + "s7comm_upload_download" "" ON \ "stun" "" ON \ "stun_nat" "" ON \ + "tds" "" ON \ + "tds_rpc" "" ON \ + "tds_sql_batch" "" ON \ "wireguard" "" ON 3>&1 1>&2 2>&3 ) local exitstatus=$?