Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-08 01:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

change Log enum to Input enum.

Browse source
This commit is contained in:
Bernhard Amann 2011-11-28 13:28:44 -08:00
parent be1b3ce5e1
commit 4975584e01
9 changed files with 35 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

10
scripts/base/frameworks/input/main.bro
View file

@ -58,28 +58,28 @@ module Input;
#global filters: table[ID, string] of Filter; #global filters: table[ID, string] of Filter;
function create_stream(id: Log::ID, description: Input::StreamDescription) : bool function create_stream(id: Input::ID, description: Input::StreamDescription) : bool
{ {
return __create_stream(id, description); return __create_stream(id, description);
} }
function remove_stream(id: Log::ID) : bool function remove_stream(id: Input::ID) : bool
{ {
return __remove_stream(id); return __remove_stream(id);
} }
function force_update(id: Log::ID) : bool function force_update(id: Input::ID) : bool
{ {
return __force_update(id); return __force_update(id);
} }
function add_tablefilter(id: Log::ID, filter: Input::TableFilter) : bool function add_tablefilter(id: Input::ID, filter: Input::TableFilter) : bool
{ {
# filters[id, filter$name] = filter; # filters[id, filter$name] = filter;
return __add_tablefilter(id, filter); return __add_tablefilter(id, filter);
} }
function remove_tablefilter(id: Log::ID, name: string) : bool function remove_tablefilter(id: Input::ID, name: string) : bool
{ {
# delete filters[id, name]; # delete filters[id, name];
return __remove_tablefilter(id, name); return __remove_tablefilter(id, name);

10
src/input.bif
View file

@ -11,31 +11,31 @@ type StreamDescription: record;
type TableFilter: record; type TableFilter: record;
type EventFilter: record; type EventFilter: record;
function Input::__create_stream%(id: Log::ID, description: Input::StreamDescription%) : bool function Input::__create_stream%(id: Input::ID, description: Input::StreamDescription%) : bool
%{ %{
InputReader *the_reader = input_mgr->CreateStream(id->AsEnumVal(), description->AsRecordVal()); InputReader *the_reader = input_mgr->CreateStream(id->AsEnumVal(), description->AsRecordVal());
return new Val( the_reader != 0, TYPE_BOOL ); return new Val( the_reader != 0, TYPE_BOOL );
%} %}
function Input::__remove_stream%(id: Log::ID%) : bool function Input::__remove_stream%(id: Input::ID%) : bool
%{ %{
bool res = input_mgr->RemoveStream(id->AsEnumVal()); bool res = input_mgr->RemoveStream(id->AsEnumVal());
return new Val( res, TYPE_BOOL ); return new Val( res, TYPE_BOOL );
%} %}
function Input::__force_update%(id: Log::ID%) : bool function Input::__force_update%(id: Input::ID%) : bool
%{ %{
bool res = input_mgr->ForceUpdate(id->AsEnumVal()); bool res = input_mgr->ForceUpdate(id->AsEnumVal());
return new Val( res, TYPE_BOOL ); return new Val( res, TYPE_BOOL );
%} %}
function Input::__add_tablefilter%(id: Log::ID, filter: Input::TableFilter%) : bool function Input::__add_tablefilter%(id: Input::ID, filter: Input::TableFilter%) : bool
%{ %{
bool res = input_mgr->AddTableFilter(id->AsEnumVal(), filter->AsRecordVal()); bool res = input_mgr->AddTableFilter(id->AsEnumVal(), filter->AsRecordVal());
return new Val( res, TYPE_BOOL ); return new Val( res, TYPE_BOOL );
%} %}
function Input::__remove_tablefilter%(id: Log::ID, name: string%) : bool function Input::__remove_tablefilter%(id: Input::ID, name: string%) : bool
%{ %{
bool res = input_mgr->RemoveTableFilter(id->AsEnumVal(), name->AsString()->CheckString()); bool res = input_mgr->RemoveTableFilter(id->AsEnumVal(), name->AsString()->CheckString());
return new Val( res, TYPE_BOOL); return new Val( res, TYPE_BOOL);

1
src/types.bif
View file

@ -180,7 +180,6 @@ enum Event %{
EVENT_REMOVED, EVENT_REMOVED,
%} %}
enum ID %{ enum ID %{
Unknown, Unknown,
%} %}

8
testing/btest/scripts/base/frameworks/input/basic.bro
View file

@ -15,7 +15,7 @@ redef InputAscii::empty_field = "EMPTY";
module A; module A;
export { export {
redef enum Log::ID += { LOG }; redef enum Input::ID += { INPUT };
} }
type Idx: record { type Idx: record {
@ -45,8 +45,8 @@ global servers: table[int] of Val = table();
event bro_init() event bro_init()
{ {
# first read in the old stuff into the table... # first read in the old stuff into the table...
Input::create_stream(A::LOG, [$source="input.log"]); Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_tablefilter(A::LOG, [$name="ssh", $idx=Idx, $val=Val, $destination=servers]); Input::add_tablefilter(A::INPUT, [$name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::force_update(A::LOG); Input::force_update(A::INPUT);
print servers; print servers;
} }

8
testing/btest/scripts/base/frameworks/input/event.bro
View file

@ -20,7 +20,7 @@
module A; module A;
export { export {
redef enum Log::ID += { LOG }; redef enum Input::ID += { INPUT };
} }
type Val: record { type Val: record {
@ -36,7 +36,7 @@ event line(tpe: Input::Event, i: int, b: bool) {
event bro_init() event bro_init()
{ {
Input::create_stream(A::LOG, [$source="input.log"]); Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_eventfilter(A::LOG, [$name="input", $fields=Val, $ev=line]); Input::add_eventfilter(A::INPUT, [$name="input", $fields=Val, $ev=line]);
Input::force_update(A::LOG); Input::force_update(A::INPUT);
} }

8
testing/btest/scripts/base/frameworks/input/onecolumn-norecord.bro
View file

@ -15,7 +15,7 @@ redef InputAscii::empty_field = "EMPTY";
module A; module A;
export { export {
redef enum Log::ID += { LOG }; redef enum Input::ID += { INPUT };
} }
type Idx: record { type Idx: record {
@ -31,8 +31,8 @@ global servers: table[int] of Val = table();
event bro_init() event bro_init()
{ {
# first read in the old stuff into the table... # first read in the old stuff into the table...
Input::create_stream(A::LOG, [$source="input.log"]); Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_tablefilter(A::LOG, [$name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F]); Input::add_tablefilter(A::INPUT, [$name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F]);
Input::force_update(A::LOG); Input::force_update(A::INPUT);
print servers; print servers;
} }

8
testing/btest/scripts/base/frameworks/input/onecolumn-record.bro
View file

@ -15,7 +15,7 @@ redef InputAscii::empty_field = "EMPTY";
module A; module A;
export { export {
redef enum Log::ID += { LOG }; redef enum Input::ID += { INPUT };
} }
type Idx: record { type Idx: record {
@ -31,8 +31,8 @@ global servers: table[int] of Val = table();
event bro_init() event bro_init()
{ {
# first read in the old stuff into the table... # first read in the old stuff into the table...
Input::create_stream(A::LOG, [$source="input.log"]); Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_tablefilter(A::LOG, [$name="input", $idx=Idx, $val=Val, $destination=servers]); Input::add_tablefilter(A::INPUT, [$name="input", $idx=Idx, $val=Val, $destination=servers]);
Input::force_update(A::LOG); Input::force_update(A::INPUT);
print servers; print servers;
} }

8
testing/btest/scripts/base/frameworks/input/predicate.bro
View file

@ -21,7 +21,7 @@ redef InputAscii::empty_field = "EMPTY";
module A; module A;
export { export {
redef enum Log::ID += { LOG }; redef enum Input::ID += { INPUT };
} }
type Idx: record { type Idx: record {
@ -37,11 +37,11 @@ global servers: table[int] of Val = table();
event bro_init() event bro_init()
{ {
# first read in the old stuff into the table... # first read in the old stuff into the table...
Input::create_stream(A::LOG, [$source="input.log"]); Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_tablefilter(A::LOG, [$name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F, Input::add_tablefilter(A::INPUT, [$name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F,
$pred(typ: Input::Event, left: Idx, right: bool) = { return right; } $pred(typ: Input::Event, left: Idx, right: bool) = { return right; }
]); ]);
Input::force_update(A::LOG); Input::force_update(A::INPUT);
if ( 1 in servers ) { if ( 1 in servers ) {
print "VALID"; print "VALID";
} }

10
testing/btest/scripts/base/frameworks/input/twofilters.bro
View file

@ -21,7 +21,7 @@ redef InputAscii::empty_field = "EMPTY";
module A; module A;
export { export {
redef enum Log::ID += { LOG }; redef enum Input::ID += { INPUT };
} }
type Idx: record { type Idx: record {
@ -38,13 +38,13 @@ global destination2: table[int] of Val = table();
event bro_init() event bro_init()
{ {
# first read in the old stuff into the table... # first read in the old stuff into the table...
Input::create_stream(A::LOG, [$source="input.log"]); Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_tablefilter(A::LOG, [$name="input", $idx=Idx, $val=Val, $destination=destination1, $want_record=F, Input::add_tablefilter(A::INPUT, [$name="input", $idx=Idx, $val=Val, $destination=destination1, $want_record=F,
$pred(typ: Input::Event, left: Idx, right: bool) = { return right; } $pred(typ: Input::Event, left: Idx, right: bool) = { return right; }
]); ]);
Input::add_tablefilter(A::LOG, [$name="input2",$idx=Idx, $val=Val, $destination=destination2]); Input::add_tablefilter(A::INPUT, [$name="input2",$idx=Idx, $val=Val, $destination=destination2]);
Input::force_update(A::LOG); Input::force_update(A::INPUT);
if ( 1 in destination1 ) { if ( 1 in destination1 ) {
print "VALID"; print "VALID";
} }