Hi
Just enable SMB analyzer , works great
I have a problem with the Hebrew language , it’s looks like it’s not supported , I’m getting this files name in log file :
Test\hello\*xd7\x92\xd7\x99\xd7\x95\xd7\x9c \xd7\x9b\xd7\x9e\xd7\x95\xd7\xaa\xd7\x99*.csv
The \*xd7\x92\xd7\x99\xd7\x95\xd7\x9c* - is Hebrew words
is there a way to fix it ?
Hi
Just enable SMB analyzer , works great
I have a problem with the Hebrew language , it's looks like it's not supported , I'm getting this files name in log file :
Test\hello\\\xd7\x92\xd7\x99\xd7\x95\xd7\x9c \xd7\x9b\xd7\x9e\xd7\x95\xd7\xaa\xd7\x99.csv
The \\\xd7\x92\xd7\x99\xd7\x95\xd7\x9c - is Hebrew words
is there a way to fix it ?
That's just an escaped utf-8 string:
s='Test\hello\\\xd7\x92\xd7\x99\xd7\x95\xd7\x9c \xd7\x9b\xd7\x9e\xd7\x95\xd7\xaa\xd7\x99.csv'
print s
Test\hello\גיול כמותי.csv
(or in python3)
s=b'Test\hello\\\xd7\x92\xd7\x99\xd7\x95\xd7\x9c \xd7\x9b\xd7\x9e\xd7\x95\xd7\xaa\xd7\x99.csv'
print(s.decode('utf-8'))
Test\hello\גיול כמותי.csv
Can I add utf-8 encoding to bro ?
Is there other option ?
I'm forward the log file to SIEM system , and it's not readable in that way
Thanks
Bro's strings are purely ascii at this time. You would have to interpret the string as UTF8 in whatever you have receiving logs with.
.Seth