Merge remote-tracking branch 'origin/topic/seth/metrics-merge' into topic/bernhard/hyperloglog-with-measurement

scripts/base/frameworks/measurement/main.bro

@@ -1,6 +1,4 @@
-##! The metrics framework provides a way to count and measure data.  
-
-@load base/utils/queue
+##! The measurement framework provides a way to count and measure data.  
 
 module Measurement;
 
@@ -12,7 +10,7 @@ export {
 
 	## Represents a thing which is having measurement results collected for it.
 	type Key: record {
-		## A non-address related metric or a sub-key for an address based metric.
+		## A non-address related measurement or a sub-key for an address based measurement.
 		## An example might be successful SSH connections by client IP address
 		## where the client string would be the key value.
 		## Another example might be number of HTTP requests to a particular

scripts/base/frameworks/measurement/plugins/average.bro

@@ -1,3 +1,4 @@
+@load base/frameworks/measurement
 
 module Measurement;
 

scripts/base/frameworks/measurement/plugins/max.bro

@@ -1,3 +1,4 @@
+@load base/frameworks/measurement
 
 module Measurement;
 

scripts/base/frameworks/measurement/plugins/min.bro

@@ -1,3 +1,4 @@
+@load base/frameworks/measurement
 
 module Measurement;
 

scripts/base/frameworks/measurement/plugins/sample.bro

@@ -1,3 +1,4 @@
+@load base/frameworks/measurement
 @load base/utils/queue
 
 module Measurement;
@@ -10,40 +11,41 @@ export {
 	};
 
 	redef record ResultVal += {
-		## A sample of something being measured.  This is helpful in 
-		## some cases for collecting information to do further detection
-		## or better logging for forensic purposes.
-		samples: vector of Measurement::DataPoint &optional;
+		# This is the queue where samples
+		# are maintained.  Use the :bro:see:`Measurement::get_samples`
+		## function to get a vector of the samples.
+		samples: Queue::Queue &optional;
 	};
+
+	## Get a vector of sample DataPoint values from a ResultVal.
+	global get_samples: function(rv: ResultVal): vector of DataPoint;
 }
 
-redef record ResultVal += {
-	# Internal use only.  This is the queue where samples
-	# are maintained since the queue is self managing for
-	# the number of samples requested.
-	sample_queue: Queue::Queue &optional;
-};
+function get_samples(rv: ResultVal): vector of DataPoint
+	{
+	local s: vector of DataPoint = vector();
+	if ( rv?$samples )
+		Queue::get_vector(rv$samples, s);
+	return s;
+	}
 
 hook add_to_reducer_hook(r: Reducer, val: double, data: DataPoint, rv: ResultVal)
 	{
 	if ( r$samples > 0 )
 		{
-		if ( ! rv?$sample_queue )
-			rv$sample_queue = Queue::init([$max_len=r$samples]);
 		if ( ! rv?$samples )
-			rv$samples = vector();
-		Queue::put(rv$sample_queue, data);
-		Queue::get_vector(rv$sample_queue, rv$samples);
+			rv$samples = Queue::init([$max_len=r$samples]);
+		Queue::put(rv$samples, data);
 		}
 	}
 
 hook compose_resultvals_hook(result: ResultVal, rv1: ResultVal, rv2: ResultVal)
 	{
-	# Merge $sample_queue
-	if ( rv1?$sample_queue && rv2?$sample_queue )
-		result$sample_queue = Queue::merge(rv1$sample_queue, rv2$sample_queue);
-	else if ( rv1?$sample_queue )
-		result$sample_queue = rv1$sample_queue;
-	else if ( rv2?$sample_queue )
-		result$sample_queue = rv2$sample_queue;
+	# Merge $samples
+	if ( rv1?$samples && rv2?$samples )
+		result$samples = Queue::merge(rv1$samples, rv2$samples);
+	else if ( rv1?$samples )
+		result$samples = rv1$samples;
+	else if ( rv2?$samples )
+		result$samples = rv2$samples;
 	}

scripts/base/frameworks/measurement/plugins/std-dev.bro

@@ -1,5 +1,5 @@
-@load ./sum
 @load ./variance
+@load base/frameworks/measurement
 
 module Measurement;
 

scripts/base/frameworks/measurement/plugins/sum.bro

@@ -1,3 +1,4 @@
+@load base/frameworks/measurement
 
 module Measurement;
 

scripts/base/frameworks/measurement/plugins/unique.bro

@@ -1,3 +1,4 @@
+@load base/frameworks/measurement
 
 module Measurement;
 

scripts/base/frameworks/measurement/plugins/variance.bro

@@ -1,4 +1,5 @@
 @load ./average
+@load base/frameworks/measurement
 
 module Measurement;
 

scripts/base/frameworks/measurement/simple.bro

@@ -1,6 +0,0 @@
-
-module Metrics;
-
-export {
-	
-}

scripts/base/protocols/ftp/main.bro

@@ -56,10 +56,10 @@ export {
 		tags:             set[string] &log &default=set();
 		
 		## Current working directory that this session is in.  By making
-		## the default value '/.', we can indicate that unless something
+		## the default value '.', we can indicate that unless something
 		## more concrete is discovered that the existing but unknown
 		## directory is ok to use.
-		cwd:                string  &default="/.";
+		cwd:                string  &default=".";
 		
 		## Command that is currently waiting for a response.
 		cmdarg:             CmdArg  &optional;
@@ -172,7 +172,12 @@ function ftp_message(s: Info)
 		
 		local arg = s$cmdarg$arg;
 		if ( s$cmdarg$cmd in file_cmds )
-			arg = fmt("ftp://%s%s", addr_to_uri(s$id$resp_h), build_path_compressed(s$cwd, arg));
+			{
+			local comp_path = build_path_compressed(s$cwd, arg);
+			if ( s$cwd[0] != "/" )
+				comp_path = cat("/", comp_path);
+			arg = fmt("ftp://%s%s", addr_to_uri(s$id$resp_h), comp_path);
+			}
 		
 		s$ts=s$cmdarg$ts;
 		s$command=s$cmdarg$cmd;

scripts/base/utils/paths.bro

@@ -19,7 +19,7 @@ function extract_path(input: string): string
 	}
 
 ## Compresses a given path by removing '..'s and the parent directory it
-## references and also removing '/'s.
+## references and also removing dual '/'s and extraneous '/./'s.
 ## dir: a path string, either relative or absolute
 ## Returns: a compressed version of the input path
 function compress_path(dir: string): string
@@ -41,7 +41,7 @@ function compress_path(dir: string): string
 		return compress_path(dir);
 		}
 
-	const multislash_sep = /(\/){2,}/;
+	const multislash_sep = /(\/\.?){2,}/;
 	parts = split_all(dir, multislash_sep);
 	for ( i in parts )
 		if ( i % 2 == 0 )