From ba302920174084738d33ddd36d0fcba125cf07ba Mon Sep 17 00:00:00 2001
From: Seth Grover <seth.d.grover@gmail.com>
Date: Wed, 20 Mar 2024 10:02:37 -0600
Subject: [PATCH] point TDS plugin back upstream to amazon's github repo;
 rename log policy to match merge from upstream

---
 shared/bin/zeek_install_plugins.sh | 2 +-
 zeek/config/local.zeek             | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/shared/bin/zeek_install_plugins.sh b/shared/bin/zeek_install_plugins.sh
index 209a2dd2e..525b0827f 100755
--- a/shared/bin/zeek_install_plugins.sh
+++ b/shared/bin/zeek_install_plugins.sh
@@ -67,7 +67,7 @@ ZKG_GITHUB_URLS=(
   "https://github.com/0xxon/cve-2020-0601"
   "https://github.com/0xxon/cve-2020-13777"
   "https://github.com/mmguero-dev/zeek-plugin-profinet|master"
-  "https://github.com/mmguero-dev/zeek-plugin-tds|master"
+  "https://github.com/amzn/zeek-plugin-tds|master"
   "https://github.com/cisagov/icsnpp-bacnet"
   "https://github.com/cisagov/icsnpp-bsap"
   "https://github.com/cisagov/icsnpp-dnp3"
diff --git a/zeek/config/local.zeek b/zeek/config/local.zeek
index 74cf86787..64a332455 100644
--- a/zeek/config/local.zeek
+++ b/zeek/config/local.zeek
@@ -306,7 +306,7 @@ redef CVE_2021_44228::log = F;
 ##! Other logs we're just disabling unilaterally
 
 # amzn/zeek-plugin-profinet's profinet_dce_rpc.log is covered by cisagov/icsnpp-profinet-io-cm
-hook Profinet::log_policy_profinet_dce_rpc(
+hook Profinet::log_policy_dce_rpc(
   rec: Profinet::Profinet_DCE_RPC,
   id: Log::ID,
   filter: Log::Filter) {