Actions
Feature #4175
opendcerpc: higher level logging
Effort:
Difficulty:
Label:
Description
At the 2020 brainstorm it was suggested that the DCERPC logging would support a higher level logging, as both dcerpc and smb can be very verbose. Zeek was mentioned as an example to look at. Concern was that it might hide evasion attempts.
A good start would be to get some examples.
Updated by Victor Julien about 4 years ago
- Related to Task #4097: Suricon 2020 brainstorm added
Updated by Victor Julien over 2 years ago
- Related to Feature #5413: DCERPC logging is not easy to use in analysis added
Updated by Jason Ish 7 months ago
- Related to Feature #4213: smb: higher level logging added
Actions