Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 17:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

change Log enum to Input enum.

Browse source
This commit is contained in:
Bernhard Amann 2011-11-28 13:28:44 -08:00
parent be1b3ce5e1
commit 4975584e01
9 changed files with 35 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

10
scripts/base/frameworks/input/main.bro
View file

@ -58,28 +58,28 @@ module Input;
#global filters: table[ID, string] of Filter;
function create_stream(id: Log::ID, description: Input::StreamDescription) : bool
function create_stream(id: Input::ID, description: Input::StreamDescription) : bool
{
return __create_stream(id, description);
}
function remove_stream(id: Log::ID) : bool
function remove_stream(id: Input::ID) : bool
{
return __remove_stream(id);
}
function force_update(id: Log::ID) : bool
function force_update(id: Input::ID) : bool
{
return __force_update(id);
}
function add_tablefilter(id: Log::ID, filter: Input::TableFilter) : bool
function add_tablefilter(id: Input::ID, filter: Input::TableFilter) : bool
{
# filters[id, filter$name] = filter;
return __add_tablefilter(id, filter);
}
function remove_tablefilter(id: Log::ID, name: string) : bool
function remove_tablefilter(id: Input::ID, name: string) : bool
{
# delete filters[id, name];
return __remove_tablefilter(id, name);

10
src/input.bif
View file

@ -11,31 +11,31 @@ type StreamDescription: record;
type TableFilter: record;
type EventFilter: record;
function Input::__create_stream%(id: Log::ID, description: Input::StreamDescription%) : bool
function Input::__create_stream%(id: Input::ID, description: Input::StreamDescription%) : bool
%{
InputReader *the_reader = input_mgr->CreateStream(id->AsEnumVal(), description->AsRecordVal());
return new Val( the_reader != 0, TYPE_BOOL );
%}
function Input::__remove_stream%(id: Log::ID%) : bool
function Input::__remove_stream%(id: Input::ID%) : bool
%{
bool res = input_mgr->RemoveStream(id->AsEnumVal());
return new Val( res, TYPE_BOOL );
%}
function Input::__force_update%(id: Log::ID%) : bool
function Input::__force_update%(id: Input::ID%) : bool
%{
bool res = input_mgr->ForceUpdate(id->AsEnumVal());
return new Val( res, TYPE_BOOL );
%}
function Input::__add_tablefilter%(id: Log::ID, filter: Input::TableFilter%) : bool
function Input::__add_tablefilter%(id: Input::ID, filter: Input::TableFilter%) : bool
%{
bool res = input_mgr->AddTableFilter(id->AsEnumVal(), filter->AsRecordVal());
return new Val( res, TYPE_BOOL );
%}
function Input::__remove_tablefilter%(id: Log::ID, name: string%) : bool
function Input::__remove_tablefilter%(id: Input::ID, name: string%) : bool
%{
bool res = input_mgr->RemoveTableFilter(id->AsEnumVal(), name->AsString()->CheckString());
return new Val( res, TYPE_BOOL);

1
src/types.bif
View file

@ -180,7 +180,6 @@ enum Event %{
EVENT_REMOVED,
%}
enum ID %{
Unknown,
%}

8
testing/btest/scripts/base/frameworks/input/basic.bro
View file

@ -15,7 +15,7 @@ redef InputAscii::empty_field = "EMPTY";
module A;
export {
redef enum Log::ID += { LOG };
redef enum Input::ID += { INPUT };
}
type Idx: record {
@ -45,8 +45,8 @@ global servers: table[int] of Val = table();
event bro_init()
{
# first read in the old stuff into the table...
Input::create_stream(A::LOG, [$source="input.log"]);
Input::add_tablefilter(A::LOG, [$name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::force_update(A::LOG);
Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_tablefilter(A::INPUT, [$name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::force_update(A::INPUT);
print servers;
}

8
testing/btest/scripts/base/frameworks/input/event.bro
View file

@ -20,7 +20,7 @@
module A;
export {
redef enum Log::ID += { LOG };
redef enum Input::ID += { INPUT };
}
type Val: record {
@ -36,7 +36,7 @@ event line(tpe: Input::Event, i: int, b: bool) {
event bro_init()
{
Input::create_stream(A::LOG, [$source="input.log"]);
Input::add_eventfilter(A::LOG, [$name="input", $fields=Val, $ev=line]);
Input::force_update(A::LOG);
Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_eventfilter(A::INPUT, [$name="input", $fields=Val, $ev=line]);
Input::force_update(A::INPUT);
}

8
testing/btest/scripts/base/frameworks/input/onecolumn-norecord.bro
View file

@ -15,7 +15,7 @@ redef InputAscii::empty_field = "EMPTY";
module A;
export {
redef enum Log::ID += { LOG };
redef enum Input::ID += { INPUT };
}
type Idx: record {
@ -31,8 +31,8 @@ global servers: table[int] of Val = table();
event bro_init()
{
# first read in the old stuff into the table...
Input::create_stream(A::LOG, [$source="input.log"]);
Input::add_tablefilter(A::LOG, [$name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F]);
Input::force_update(A::LOG);
Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_tablefilter(A::INPUT, [$name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F]);
Input::force_update(A::INPUT);
print servers;
}

8
testing/btest/scripts/base/frameworks/input/onecolumn-record.bro
View file

@ -15,7 +15,7 @@ redef InputAscii::empty_field = "EMPTY";
module A;
export {
redef enum Log::ID += { LOG };
redef enum Input::ID += { INPUT };
}
type Idx: record {
@ -31,8 +31,8 @@ global servers: table[int] of Val = table();
event bro_init()
{
# first read in the old stuff into the table...
Input::create_stream(A::LOG, [$source="input.log"]);
Input::add_tablefilter(A::LOG, [$name="input", $idx=Idx, $val=Val, $destination=servers]);
Input::force_update(A::LOG);
Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_tablefilter(A::INPUT, [$name="input", $idx=Idx, $val=Val, $destination=servers]);
Input::force_update(A::INPUT);
print servers;
}

8
testing/btest/scripts/base/frameworks/input/predicate.bro
View file

@ -21,7 +21,7 @@ redef InputAscii::empty_field = "EMPTY";
module A;
export {
redef enum Log::ID += { LOG };
redef enum Input::ID += { INPUT };
}
type Idx: record {
@ -37,11 +37,11 @@ global servers: table[int] of Val = table();
event bro_init()
{
# first read in the old stuff into the table...
Input::create_stream(A::LOG, [$source="input.log"]);
Input::add_tablefilter(A::LOG, [$name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F,
Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_tablefilter(A::INPUT, [$name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F,
$pred(typ: Input::Event, left: Idx, right: bool) = { return right; }
]);
Input::force_update(A::LOG);
Input::force_update(A::INPUT);
if ( 1 in servers ) {
print "VALID";
}

10
testing/btest/scripts/base/frameworks/input/twofilters.bro
View file

@ -21,7 +21,7 @@ redef InputAscii::empty_field = "EMPTY";
module A;
export {
redef enum Log::ID += { LOG };
redef enum Input::ID += { INPUT };
}
type Idx: record {
@ -38,13 +38,13 @@ global destination2: table[int] of Val = table();
event bro_init()
{
# first read in the old stuff into the table...
Input::create_stream(A::LOG, [$source="input.log"]);
Input::add_tablefilter(A::LOG, [$name="input", $idx=Idx, $val=Val, $destination=destination1, $want_record=F,
Input::create_stream(A::INPUT, [$source="input.log"]);
Input::add_tablefilter(A::INPUT, [$name="input", $idx=Idx, $val=Val, $destination=destination1, $want_record=F,
$pred(typ: Input::Event, left: Idx, right: bool) = { return right; }
]);
Input::add_tablefilter(A::LOG, [$name="input2",$idx=Idx, $val=Val, $destination=destination2]);
Input::add_tablefilter(A::INPUT, [$name="input2",$idx=Idx, $val=Val, $destination=destination2]);
Input::force_update(A::LOG);
Input::force_update(A::INPUT);
if ( 1 in destination1 ) {
print "VALID";
}