Thanks to visit codestin.com
Credit goes to github.com

Skip to content

incorporate new s7comm known devices log #622

New issue
New issue
Closed
Feature
Closed
incorporate new s7comm known devices log#622
Feature
Assignees
mmguero
Labels
arkimeRelating to Malcolm's use of ArkimedashboardsRelating to Malcolm's OpenSearch Dashboards interfaceenhancementNew feature or requesticsRelating to ICS (Industrial Control Systems) deviceslogstashRelating to Malcolm's use of LogstashzeekRelating to Malcolm's use of Zeek
Milestone
v25.03.1
@mmguero

Description

@mmguero
mmguero
opened on Mar 19, 2025

cisagov/icsnpp-s7comm#18 added a new s7comm_known_devices.log file that identifies s7comm devices. This is now integrated into the schema:

  • zeek.s7comm_known_devices.automation_system_name
  • zeek.s7comm_known_devices.module_name
  • zeek.s7comm_known_devices.plant_name
  • zeek.s7comm_known_devices.module_serial

and the s7comm dashboard:

Image

Metadata

Metadata

Assignees

Labels

arkimeRelating to Malcolm's use of ArkimedashboardsRelating to Malcolm's OpenSearch Dashboards interfaceenhancementNew feature or requesticsRelating to ICS (Industrial Control Systems) deviceslogstashRelating to Malcolm's use of LogstashzeekRelating to Malcolm's use of Zeek

Type

Feature

Projects

Malcolm

Status

Released

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions