Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 18:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge remote-tracking branch 'origin/topic/timw/150-to-json'

Browse source 
* origin/topic/timw/150-to-json:
  Update submodules for JSON work
  Update unit tests for JSON logger to match new output
  Modify JSON log writer to use the external JSON library
  Update unit test output to match json.zeek being deprecated and slight format changes to JSON output
  Add proper JSON serialization via C++, deprecate json.zeek
  Add new method for escaping UTF8 strings for JSON output
  Move do_sub method from zeek.bif to StringVal class method
  Move record_fields method from zeek.bif to Val class method
  Add ToStdString method for StringVal
This commit is contained in:
Johanna Amann 2019-07-11 11:06:42 -07:00
commit 1f329ad541
29 changed files with 740 additions and 413 deletions
Download patch file Download diff file Expand all files Collapse all files

59
testing/btest/scripts/base/frameworks/logging/ascii-json-utf8.zeek Normal file
View file

@ -0,0 +1,59 @@
#
# @TEST-EXEC: zeek -b %INPUT
# @TEST-EXEC: btest-diff ssh.log
#
# Testing all possible types.
redef LogAscii::use_json = T;
module SSH;
export {
redef enum Log::ID += { LOG };
type Log: record {
s: string;
} &log;
}
event zeek_init()
{
Log::create_stream(SSH::LOG, [$columns=Log]);
# Strings taken from https://stackoverflow.com/a/3886015
# Valid ASCII and valid ASCII control characters
Log::write(SSH::LOG, [$s="a"]);
Log::write(SSH::LOG, [$s="\b\f\n\r\t\x00\x15"]);
# Valid 2 Octet Sequence
Log::write(SSH::LOG, [$s="\xc3\xb1"]);
# Invalid 2 Octet Sequence
Log::write(SSH::LOG, [$s="\xc3\x28"]);
# Invalid Sequence Identifier
Log::write(SSH::LOG, [$s="\xa0\xa1"]);
# Valid 3 Octet Sequence
Log::write(SSH::LOG, [$s="\xe2\x82\xa1"]);
# Invalid 3 Octet Sequence (in 2nd Octet)
Log::write(SSH::LOG, [$s="\xe2\x28\xa1"]);
# Invalid 3 Octet Sequence (in 3rd Octet)
Log::write(SSH::LOG, [$s="\xe2\x82\x28"]);
# Valid 4 Octet Sequence
Log::write(SSH::LOG, [$s="\xf0\x90\x8c\xbc"]);
# Invalid 4 Octet Sequence (in 2nd Octet)
Log::write(SSH::LOG, [$s="\xf0\x28\x8c\xbc"]);
# Invalid 4 Octet Sequence (in 3rd Octet)
Log::write(SSH::LOG, [$s="\xf0\x90\x28\xbc"]);
# Invalid 4 Octet Sequence (in 4th Octet)
Log::write(SSH::LOG, [$s="\xf0\x28\x8c\x28"]);
}