Making a zeek log file to input to RITA

Question

Making a zeek log file to input to RITA

fearanp opened this issue a year ago · 0 comments

Hi,

Not a issue as such more a technical question. Just wondering if there are mandatory headings that are required to get value from the tool with your own custom formatted log file.

I have dns/sni logs that I am translating into a zeek log format and have mapped the headings . I don't have all the headings with values, so the question is will that have an impact on the output of the RITA tool ?

Is there a list of headings in the zeek log that are mandatory to use the tool?

Thanks in advance