Hi,
I need a sample spicy script for IEC 61850 or similar protocol which will atleast detect the protocol. There are few goose implementation available like one by J-Gras Goose analyzer but these are either meant for zeek 2.6 or zeek 5.0 and as discussed with @ J-Gras , it seems very difficult to port it for zeek 6.0.Porting discussion So it will helpful if anyone can throw some lights on this and provide basic spicy script to start with.
Thanks
Biswa
The Zeek package template comes with a basic Spicy setup to get your own development started. Once you have that set up I would suggest you go through the Spicy documentation[1][2] to learn how to write such an analyzer and how to integrate it with Zeek.
Hi @Benjamin_Bannier , I mistakenly posted my doubt in the zeek GitHub issue list. Can you please go through the spicy script once and suggest the changes!
Thanks
Biswa
I answered over in the Spicy repo. As you correctly mentioned, a better place for such discussions would be here in the Discourse instance.