analysis/

directory
v2.0.0+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 15, 2019 License: GPL-3.0

README

Rita Analysis

Analysis Packages

Rita contains several analysis packages designed to extract useful intelligence from raw bro logs.

  • Unique Connections
    • Provides a list of who talked to whom in the dataset
  • Hosts
    • Provides a list of ip addresses in the dataset
  • Hostnames
    • Provides a mapping from hostnames to ip addresses
  • Exploded DNS
    • Provides a count of how many subdomains were associated with a given domain name
  • Beacons
    • Provides a statistical view on connections, looking for regularity
  • Blacklisted
    • Provides a list of ip addresses and domain names that were blacklisted by other authorities
  • User Agent
    • Provides a list of the user agent strings in the dataset and how many times they were used
  • Internal Cross Reference
    • Provides an aggregate view of the other modules which are related to internal hosts
  • External Cross Reference
    • Provides an aggregate view of the other modules which are related to external hosts

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.