Allow logging filters to inherit default path from stream.

This allows the path for the default filter to be specified explicitly when creating a stream and reduces the need to rely on the default path function to magically supply the path. The default path function is now only used if, when a filter is added to a stream, it has neither a path nor a path function already. Adapted the existing Log::create_stream calls to explicitly specify a path value. Addresses BIT-1324
2025-10-14 12:38:20 +00:00 · 2015-03-19 14:49:55 -05:00 · 2015-03-19 14:49:55 -05:00 · 186e67ec1d
commit 186e67ec1d
parent 4c00729104
45 changed files with 358 additions and 403 deletions
--- a/scripts/policy/protocols/conn/known-hosts.bro
+++ b/scripts/policy/protocols/conn/known-hosts.bro
@ -38,7 +38,7 @@ export {

 event bro_init()
 	{
-	Log::create_stream(Known::HOSTS_LOG, [$columns=HostsInfo, $ev=log_known_hosts]);
+	Log::create_stream(Known::HOSTS_LOG, [$columns=HostsInfo, $ev=log_known_hosts, $path="known_hosts"]);
 	}

 event connection_established(c: connection) &priority=5
--- a/scripts/policy/protocols/conn/known-services.bro
+++ b/scripts/policy/protocols/conn/known-services.bro
@ -49,7 +49,8 @@ redef record connection += {
 event bro_init() &priority=5
 	{
 	Log::create_stream(Known::SERVICES_LOG, [$columns=ServicesInfo,
-	                                         $ev=log_known_services]);
+	                                         $ev=log_known_services,
+	                                         $path="known_services"]);
 	}
 	
 event log_it(ts: time, a: addr, p: port, services: set[string])
--- a/scripts/policy/protocols/modbus/known-masters-slaves.bro
+++ b/scripts/policy/protocols/modbus/known-masters-slaves.bro
@ -35,7 +35,7 @@ export {

 event bro_init() &priority=5
 	{
-	Log::create_stream(Known::MODBUS_LOG, [$columns=ModbusInfo, $ev=log_known_modbus]);
+	Log::create_stream(Known::MODBUS_LOG, [$columns=ModbusInfo, $ev=log_known_modbus, $path="known_modbus"]);
 	}

 event modbus_message(c: connection, headers: ModbusHeaders, is_orig: bool)
--- a/scripts/policy/protocols/modbus/track-memmap.bro
+++ b/scripts/policy/protocols/modbus/track-memmap.bro
@ -54,7 +54,7 @@ redef record Modbus::Info += {

 event bro_init() &priority=5
 	{
-	Log::create_stream(Modbus::REGISTER_CHANGE_LOG, [$columns=MemmapInfo]);
+	Log::create_stream(Modbus::REGISTER_CHANGE_LOG, [$columns=MemmapInfo, $path="modbus_register_change"]);
 	}

 event modbus_read_holding_registers_request(c: connection, headers: ModbusHeaders, start_address: count, quantity: count)
--- a/scripts/policy/protocols/ssl/known-certs.bro
+++ b/scripts/policy/protocols/ssl/known-certs.bro
@ -43,7 +43,7 @@ export {

 event bro_init() &priority=5
 	{
-	Log::create_stream(Known::CERTS_LOG, [$columns=CertsInfo, $ev=log_known_certs]);
+	Log::create_stream(Known::CERTS_LOG, [$columns=CertsInfo, $ev=log_known_certs, $path="known_certs"]);
 	}

 event ssl_established(c: connection) &priority=3