`Intel` Namespace¶

Namespace: Intel.

class zlogging.enum.intel.Type(value, names=<not given>, *values, module=None, qualname=None, type=None, start=1, boundary=None)[source]

Bases: IntFlag

Enum: Intel::Type.

Enum type to represent various types of intelligence data.

See also

base/frameworks/intel/main.zeek

IN_ANYWHERE = 1: A catchall value to represent data of unknown provenance.

Conn_IN_ORIG = 2: Conn::IN_ORIG (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

Conn_IN_RESP = 4: Conn::IN_RESP (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

Files_IN_HASH = 8: Files::IN_HASH (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

Files_IN_NAME = 16: Files::IN_NAME (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

DNS_IN_REQUEST = 32: DNS::IN_REQUEST (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

DNS_IN_RESPONSE = 64: DNS::IN_RESPONSE (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

HTTP_IN_HOST_HEADER = 128: HTTP::IN_HOST_HEADER (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

HTTP_IN_REFERRER_HEADER = 256: HTTP::IN_REFERRER_HEADER (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

HTTP_IN_USER_AGENT_HEADER = 512: HTTP::IN_USER_AGENT_HEADER (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

HTTP_IN_X_FORWARDED_FOR_HEADER = 1024: HTTP::IN_X_FORWARDED_FOR_HEADER (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

HTTP_IN_URL = 2048: HTTP::IN_URL (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMTP_IN_MAIL_FROM = 4096: SMTP::IN_MAIL_FROM (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMTP_IN_RCPT_TO = 8192: SMTP::IN_RCPT_TO (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMTP_IN_FROM = 16384: SMTP::IN_FROM (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMTP_IN_TO = 32768: SMTP::IN_TO (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMTP_IN_CC = 65536: SMTP::IN_CC (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMTP_IN_RECEIVED_HEADER = 131072: SMTP::IN_RECEIVED_HEADER (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMTP_IN_REPLY_TO = 262144: SMTP::IN_REPLY_TO (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMTP_IN_X_ORIGINATING_IP_HEADER = 524288: SMTP::IN_X_ORIGINATING_IP_HEADER (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMTP_IN_MESSAGE = 1048576: SMTP::IN_MESSAGE (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SSH_IN_SERVER_HOST_KEY = 2097152: SSH::IN_SERVER_HOST_KEY (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SSL_IN_SERVER_NAME = 4194304: SSL::IN_SERVER_NAME (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMTP_IN_HEADER = 8388608: SMTP::IN_HEADER (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

X509_IN_CERT = 16777216: X509::IN_CERT (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SMB_IN_FILE_NAME = 33554432: SMB::IN_FILE_NAME (present if policy/frameworks/intel/seen/where-locations.zeek is loaded)

SSH_SUCCESSFUL_LOGIN = 67108864: SSH::SUCCESSFUL_LOGIN (present if policy/protocols/ssh/detect-bruteforcing.zeek is loaded) An indicator of the login for the intel framework.

static _generate_next_value_(name, start, count, last_values)

Generate the next value when not given.

name: the name of the member start: the initial start value or None count: the number of existing members last_values: the last value assigned or None

`Intel` Namespace¶

ZLogging

Navigation

Related Topics

Intel Namespace¶

`Intel` Namespace¶