50 lines
1.5 KiB
Markdown
50 lines
1.5 KiB
Markdown
# 【AppsketchWorks】webshark和explore中相同会话ID的会话内容不一致
|
||
|
||
| ID | Creation Date | Assignee | Status |
|
||
|----|----------------|----------|--------|
|
||
| OMPUB-1436 | 2024-08-27T17:05:36.000+0800 | 方顺健 | 已解决 |
|
||
|
||
|
||
---
|
||
|
||
webshark和explore中相同会话ID的会话内容不一致
|
||
|
||
!image-2024-08-27-17-00-45-403.png|width=881,height=644!
|
||
|
||
!image-2024-08-27-17-04-26-330.png|width=882,height=624!**fangshunjian** commented on *2024-08-27T18:40:36.657+0800*:
|
||
|
||
[https://community.zeek.org/t/conn-log-timestamps-order-of-appearance/6452/3]
|
||
{quote}However, the log line is written after the connection terminates. Thus, it is expected, and completely normal, that the the timestamps will not be ordered chronologically.
|
||
{quote}
|
||
|
||
|
||
|
||
---
|
||
|
||
**fangshunjian** commented on *2024-09-02T09:34:13.648+0800*:
|
||
|
||
1、开发zeek script修改stream id实现方式,conn.log 能够准确记录stream id
|
||
|
||
2、尝试将webshark 升级到最新版本,仍存在 tcp.stream eq xxx 查询错误的情况。
|
||
|
||
鉴于此功能非当前核心功能,暂不修复
|
||
|
||
|
||
|
||
---
|
||
|
||
|
||
|
||
# Attachments
|
||
|
||
Attachment: image-2024-08-27-17-00-45-403.png
|
||
|
||
|
||
|
||
|
||
Attachment: image-2024-08-27-17-04-26-330.png
|
||
|
||
|
||
|
||
|