Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-16 13:38:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Add script wrapper functions for broker data BIFs

Browse source
This commit is contained in:
Daniel Thayer 2016-04-26 22:01:09 -05:00
parent f44bb4d9b8
commit 4df948f3c8
5 changed files with 769 additions and 393 deletions
Download patch file Download diff file Expand all files Collapse all files

702
scripts/base/frameworks/broker/store.bro
View file

@ -1,6 +1,7 @@
##! Various data structure definitions for use with Bro's communication system.
@load ./main
@load base/bif/data.bif
module Broker;
@ -282,6 +283,443 @@ export {
## Returns: the result of the query (uses :bro:see:`Broker::COUNT`).
global size: function(h: opaque of Broker::Handle): QueryResult;
##########################
# data API #
##########################
## Convert any Bro value to communication data.
##
## d: any Bro value to attempt to convert (not all types are supported).
##
## Returns: the converted communication data. The returned record's optional
## field will not be set if the conversion was not possible (this can
## happen if the Bro data type does not support being converted to
## communication data).
global data: function(d: any): Broker::Data;
## Retrieve the type of data associated with communication data.
##
## d: the communication data.
##
## Returns: the data type associated with the communication data.
global data_type: function(d: Broker::Data): Broker::DataType;
## Convert communication data with a type of :bro:see:`Broker::BOOL` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
global refine_to_bool: function(d: Broker::Data): bool;
## Convert communication data with a type of :bro:see:`Broker::INT` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
global refine_to_int: function(d: Broker::Data): int;
## Convert communication data with a type of :bro:see:`Broker::COUNT` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
global refine_to_count: function(d: Broker::Data): count;
## Convert communication data with a type of :bro:see:`Broker::DOUBLE` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
global refine_to_double: function(d: Broker::Data): double;
## Convert communication data with a type of :bro:see:`Broker::STRING` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
global refine_to_string: function(d: Broker::Data): string;
## Convert communication data with a type of :bro:see:`Broker::ADDR` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
global refine_to_addr: function(d: Broker::Data): addr;
## Convert communication data with a type of :bro:see:`Broker::SUBNET` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
global refine_to_subnet: function(d: Broker::Data): subnet;
## Convert communication data with a type of :bro:see:`Broker::PORT` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
global refine_to_port: function(d: Broker::Data): port;
## Convert communication data with a type of :bro:see:`Broker::TIME` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
global refine_to_time: function(d: Broker::Data): time;
## Convert communication data with a type of :bro:see:`Broker::INTERVAL` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
global refine_to_interval: function(d: Broker::Data): interval;
## Convert communication data with a type of :bro:see:`Broker::ENUM` to
## the name of the enum value. :bro:see:`lookup_ID` may be used to convert
## the name to the actual enum value.
##
## d: the communication data to convert.
##
## Returns: the enum name retrieved from the communication data.
global refine_to_enum_name: function(d: Broker::Data): string;
## Create communication data of type "set".
global set_create: function(): Broker::Data;
## Remove all elements within a set.
##
## s: the set to clear.
##
## Returns: always true.
global set_clear: function(s: Broker::Data): bool;
## Get the number of elements within a set.
##
## s: the set to query.
##
## Returns: the number of elements in the set.
global set_size: function(s: Broker::Data): count;
## Check if a set contains a particular element.
##
## s: the set to query.
##
## key: the element to check for existence.
##
## Returns: true if the key exists in the set.
global set_contains: function(s: Broker::Data, key: Broker::Data): bool;
## Insert an element into a set.
##
## s: the set to modify.
##
## key: the element to insert.
##
## Returns: true if the key was inserted, or false if it already existed.
global set_insert: function(s: Broker::Data, key: Broker::Data): bool;
## Remove an element from a set.
##
## s: the set to modify.
##
## key: the element to remove.
##
## Returns: true if the element existed in the set and is now removed.
global set_remove: function(s: Broker::Data, key: Broker::Data): bool;
## Create an iterator for a set. Note that this makes a copy of the set
## internally to ensure the iterator is always valid.
##
## s: the set to iterate over.
##
## Returns: an iterator.
global set_iterator: function(s: Broker::Data): opaque of Broker::SetIterator;
## Check if there are no more elements to iterate over.
##
## it: an iterator.
##
## Returns: true if there are no more elements to iterator over, i.e.
## the iterator is one-past-the-final-element.
global set_iterator_last: function(it: opaque of Broker::SetIterator): bool;
## Advance an iterator.
##
## it: an iterator.
##
## Returns: true if the iterator, after advancing, still references an element
## in the collection. False if the iterator, after advancing, is
## one-past-the-final-element.
global set_iterator_next: function(it: opaque of Broker::SetIterator): bool;
## Retrieve the data at an iterator's current position.
##
## it: an iterator.
##
## Returns: element in the collection that the iterator currently references.
global set_iterator_value: function(it: opaque of Broker::SetIterator): Broker::Data;
## Create communication data of type "table".
global table_create: function(): Broker::Data;
## Remove all elements within a table.
##
## t: the table to clear.
##
## Returns: always true.
global table_clear: function(t: Broker::Data): bool;
## Get the number of elements within a table.
##
## t: the table to query.
##
## Returns: the number of elements in the table.
global table_size: function(t: Broker::Data): count;
## Check if a table contains a particular key.
##
## t: the table to query.
##
## key: the key to check for existence.
##
## Returns: true if the key exists in the table.
global table_contains: function(t: Broker::Data, key: Broker::Data): bool;
## Insert a key-value pair into a table.
##
## t: the table to modify.
##
## key: the key at which to insert the value.
##
## val: the value to insert.
##
## Returns: true if the key-value pair was inserted, or false if the key
## already existed in the table.
global table_insert: function(t: Broker::Data, key: Broker::Data, val: Broker::Data): Broker::Data;
## Remove a key-value pair from a table.
##
## t: the table to modify.
##
## key: the key to remove from the table.
##
## Returns: the value associated with the key. If the key did not exist, then
## the optional field of the returned record is not set.
global table_remove: function(t: Broker::Data, key: Broker::Data): Broker::Data;
## Retrieve a value from a table.
##
## t: the table to query.
##
## key: the key to lookup.
##
## Returns: the value associated with the key. If the key did not exist, then
## the optional field of the returned record is not set.
global table_lookup: function(t: Broker::Data, key: Broker::Data): Broker::Data;
## Create an iterator for a table. Note that this makes a copy of the table
## internally to ensure the iterator is always valid.
##
## t: the table to iterate over.
##
## Returns: an iterator.
global table_iterator: function(t: Broker::Data): opaque of Broker::TableIterator;
## Check if there are no more elements to iterate over.
##
## it: an iterator.
##
## Returns: true if there are no more elements to iterator over, i.e.
## the iterator is one-past-the-final-element.
global table_iterator_last: function(it: opaque of Broker::TableIterator): bool;
## Advance an iterator.
##
## it: an iterator.
##
## Returns: true if the iterator, after advancing, still references an element
## in the collection. False if the iterator, after advancing, is
## one-past-the-final-element.
global table_iterator_next: function(it: opaque of Broker::TableIterator): bool;
## Retrieve the data at an iterator's current position.
##
## it: an iterator.
##
## Returns: element in the collection that the iterator currently references.
global table_iterator_value: function(it: opaque of Broker::TableIterator): Broker::TableItem;
## Create communication data of type "vector".
global vector_create: function(): Broker::Data;
## Remove all elements within a vector.
##
## v: the vector to clear.
##
## Returns: always true.
global vector_clear: function(v: Broker::Data): bool;
## Get the number of elements within a vector.
##
## v: the vector to query.
##
## Returns: the number of elements in the vector.
global vector_size: function(v: Broker::Data): count;
## Insert an element into a vector at a particular position, possibly displacing
## existing elements (insertion always grows the size of the vector by one).
##
## v: the vector to modify.
##
## d: the element to insert.
##
## idx: the index at which to insert the data. If it is greater than the
## current size of the vector, the element is inserted at the end.
##
## Returns: always true.
global vector_insert: function(v: Broker::Data, d: Broker::Data, idx: count): bool;
## Replace an element in a vector at a particular position.
##
## v: the vector to modify.
##
## d: the element to insert.
##
## idx: the index to replace.
##
## Returns: the value that was just evicted. If the index was larger than any
## valid index, the optional field of the returned record is not set.
global vector_replace: function(v: Broker::Data, d: Broker::Data, idx: count): Broker::Data;
## Remove an element from a vector at a particular position.
##
## v: the vector to modify.
##
## idx: the index to remove.
##
## Returns: the value that was just evicted. If the index was larger than any
## valid index, the optional field of the returned record is not set.
global vector_remove: function(v: Broker::Data, idx: count): Broker::Data;
## Lookup an element in a vector at a particular position.
##
## v: the vector to query.
##
## idx: the index to lookup.
##
## Returns: the value at the index. If the index was larger than any
## valid index, the optional field of the returned record is not set.
global vector_lookup: function(v: Broker::Data, idx: count): Broker::Data;
## Create an iterator for a vector. Note that this makes a copy of the vector
## internally to ensure the iterator is always valid.
##
## v: the vector to iterate over.
##
## Returns: an iterator.
global vector_iterator: function(v: Broker::Data): opaque of Broker::VectorIterator;
## Check if there are no more elements to iterate over.
##
## it: an iterator.
##
## Returns: true if there are no more elements to iterator over, i.e.
## the iterator is one-past-the-final-element.
global vector_iterator_last: function(it: opaque of Broker::VectorIterator): bool;
## Advance an iterator.
##
## it: an iterator.
##
## Returns: true if the iterator, after advancing, still references an element
## in the collection. False if the iterator, after advancing, is
## one-past-the-final-element.
global vector_iterator_next: function(it: opaque of Broker::VectorIterator): bool;
## Retrieve the data at an iterator's current position.
##
## it: an iterator.
##
## Returns: element in the collection that the iterator currently references.
global vector_iterator_value: function(it: opaque of Broker::VectorIterator): Broker::Data;
## Create communication data of type "record".
##
## sz: the number of fields in the record.
##
## Returns: record data, with all fields uninitialized.
global record_create: function(sz: count): Broker::Data;
## Get the number of fields within a record.
##
## r: the record to query.
##
## Returns: the number of fields in the record.
global record_size: function(r: Broker::Data): count;
## Replace a field in a record at a particular position.
##
## r: the record to modify.
##
## d: the new field value to assign.
##
## idx: the index to replace.
##
## Returns: false if the index was larger than any valid index, else true.
global record_assign: function(r: Broker::Data, d: Broker::Data, idx: count): bool;
## Lookup a field in a record at a particular position.
##
## r: the record to query.
##
## idx: the index to lookup.
##
## Returns: the value at the index. The optional field of the returned record
## may not be set if the field of the record has no value or if the
## index was not valid.
global record_lookup: function(r: Broker::Data, idx: count): Broker::Data;
## Create an iterator for a record. Note that this makes a copy of the record
## internally to ensure the iterator is always valid.
##
## r: the record to iterate over.
##
## Returns: an iterator.
global record_iterator: function(r: Broker::Data): opaque of Broker::RecordIterator;
## Check if there are no more elements to iterate over.
##
## it: an iterator.
##
## Returns: true if there are no more elements to iterator over, i.e.
## the iterator is one-past-the-final-element.
global record_iterator_last: function(it: opaque of Broker::RecordIterator): bool;
## Advance an iterator.
##
## it: an iterator.
##
## Returns: true if the iterator, after advancing, still references an element
## in the collection. False if the iterator, after advancing, is
## one-past-the-final-element.
global record_iterator_next: function(it: opaque of Broker::RecordIterator): bool;
## Retrieve the data at an iterator's current position.
##
## it: an iterator.
##
## Returns: element in the collection that the iterator currently references.
global record_iterator_value: function(it: opaque of Broker::RecordIterator): Broker::Data;
}
@load base/bif/store.bif
@ -393,3 +831,267 @@ function size(h: opaque of Broker::Handle): QueryResult
return __size(h);
}
function data(d: any): Broker::Data
{
return __data(d);
}
function data_type(d: Broker::Data): Broker::DataType
{
return __data_type(d);
}
function refine_to_bool(d: Broker::Data): bool
{
return __refine_to_bool(d);
}
function refine_to_int(d: Broker::Data): int
{
return __refine_to_int(d);
}
function refine_to_count(d: Broker::Data): count
{
return __refine_to_count(d);
}
function refine_to_double(d: Broker::Data): double
{
return __refine_to_double(d);
}
function refine_to_string(d: Broker::Data): string
{
return __refine_to_string(d);
}
function refine_to_addr(d: Broker::Data): addr
{
return __refine_to_addr(d);
}
function refine_to_subnet(d: Broker::Data): subnet
{
return __refine_to_subnet(d);
}
function refine_to_port(d: Broker::Data): port
{
return __refine_to_port(d);
}
function refine_to_time(d: Broker::Data): time
{
return __refine_to_time(d);
}
function refine_to_interval(d: Broker::Data): interval
{
return __refine_to_interval(d);
}
function refine_to_enum_name(d: Broker::Data): string
{
return __refine_to_enum_name(d);
}
function set_create(): Broker::Data
{
return __set_create();
}
function set_clear(s: Broker::Data): bool
{
return __set_clear(s);
}
function set_size(s: Broker::Data): count
{
return __set_size(s);
}
function set_contains(s: Broker::Data, key: Broker::Data): bool
{
return __set_contains(s, key);
}
function set_insert(s: Broker::Data, key: Broker::Data): bool
{
return __set_insert(s, key);
}
function set_remove(s: Broker::Data, key: Broker::Data): bool
{
return __set_remove(s, key);
}
function set_iterator(s: Broker::Data): opaque of Broker::SetIterator
{
return __set_iterator(s);
}
function set_iterator_last(it: opaque of Broker::SetIterator): bool
{
return __set_iterator_last(it);
}
function set_iterator_next(it: opaque of Broker::SetIterator): bool
{
return __set_iterator_next(it);
}
function set_iterator_value(it: opaque of Broker::SetIterator): Broker::Data
{
return __set_iterator_value(it);
}
function table_create(): Broker::Data
{
return __table_create();
}
function table_clear(t: Broker::Data): bool
{
return __table_clear(t);
}
function table_size(t: Broker::Data): count
{
return __table_size(t);
}
function table_contains(t: Broker::Data, key: Broker::Data): bool
{
return __table_contains(t, key);
}
function table_insert(t: Broker::Data, key: Broker::Data, val: Broker::Data): Broker::Data
{
return __table_insert(t, key, val);
}
function table_remove(t: Broker::Data, key: Broker::Data): Broker::Data
{
return __table_remove(t, key);
}
function table_lookup(t: Broker::Data, key: Broker::Data): Broker::Data
{
return __table_lookup(t, key);
}
function table_iterator(t: Broker::Data): opaque of Broker::TableIterator
{
return __table_iterator(t);
}
function table_iterator_last(it: opaque of Broker::TableIterator): bool
{
return __table_iterator_last(it);
}
function table_iterator_next(it: opaque of Broker::TableIterator): bool
{
return __table_iterator_next(it);
}
function table_iterator_value(it: opaque of Broker::TableIterator): Broker::TableItem
{
return __table_iterator_value(it);
}
function vector_create(): Broker::Data
{
return __vector_create();
}
function vector_clear(v: Broker::Data): bool
{
return __vector_clear(v);
}
function vector_size(v: Broker::Data): count
{
return __vector_size(v);
}
function vector_insert(v: Broker::Data, d: Broker::Data, idx: count): bool
{
return __vector_insert(v, d, idx);
}
function vector_replace(v: Broker::Data, d: Broker::Data, idx: count): Broker::Data
{
return __vector_replace(v, d, idx);
}
function vector_remove(v: Broker::Data, idx: count): Broker::Data
{
return __vector_remove(v, idx);
}
function vector_lookup(v: Broker::Data, idx: count): Broker::Data
{
return __vector_lookup(v, idx);
}
function vector_iterator(v: Broker::Data): opaque of Broker::VectorIterator
{
return __vector_iterator(v);
}
function vector_iterator_last(it: opaque of Broker::VectorIterator): bool
{
return __vector_iterator_last(it);
}
function vector_iterator_next(it: opaque of Broker::VectorIterator): bool
{
return __vector_iterator_next(it);
}
function vector_iterator_value(it: opaque of Broker::VectorIterator): Broker::Data
{
return __vector_iterator_value(it);
}
function record_create(sz: count): Broker::Data
{
return __record_create(sz);
}
function record_size(r: Broker::Data): count
{
return __record_size(r);
}
function record_assign(r: Broker::Data, d: Broker::Data, idx: count): bool
{
return __record_assign(r, d, idx);
}
function record_lookup(r: Broker::Data, idx: count): Broker::Data
{
return __record_lookup(r, idx);
}
function record_iterator(r: Broker::Data): opaque of Broker::RecordIterator
{
return __record_iterator(r);
}
function record_iterator_last(it: opaque of Broker::RecordIterator): bool
{
return __record_iterator_last(it);
}
function record_iterator_next(it: opaque of Broker::RecordIterator): bool
{
return __record_iterator_next(it);
}
function record_iterator_value(it: opaque of Broker::RecordIterator): Broker::Data
{
return __record_iterator_value(it);
}

434
src/broker/data.bif
View file

@ -31,93 +31,44 @@ type Broker::Data: record;
type Broker::TableItem: record;
## Convert any Bro value to communication data.
##
## d: any Bro value to attempt to convert (not all types are supported).
##
## Returns: the converted communication data. The returned record's optional
## field will not be set if the conversion was not possible (this can
## happen if the Bro data type does not support being converted to
## communication data).
function Broker::data%(d: any%): Broker::Data
function Broker::__data%(d: any%): Broker::Data
%{
return bro_broker::make_data_val(d);
%}
## Retrieve the type of data associated with communication data.
##
## d: the communication data.
##
## Returns: the data type associated with the communication data.
function Broker::data_type%(d: Broker::Data%): Broker::DataType
function Broker::__data_type%(d: Broker::Data%): Broker::DataType
%{
return bro_broker::get_data_type(d->AsRecordVal(), frame);
%}
## Convert communication data with a type of :bro:see:`Broker::BOOL` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
function Broker::refine_to_bool%(d: Broker::Data%): bool
function Broker::__refine_to_bool%(d: Broker::Data%): bool
%{
return bro_broker::refine<bool>(d->AsRecordVal(), TYPE_BOOL, frame);
%}
## Convert communication data with a type of :bro:see:`Broker::INT` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
function Broker::refine_to_int%(d: Broker::Data%): int
function Broker::__refine_to_int%(d: Broker::Data%): int
%{
return bro_broker::refine<int64_t>(d->AsRecordVal(), TYPE_INT, frame);
%}
## Convert communication data with a type of :bro:see:`Broker::COUNT` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
function Broker::refine_to_count%(d: Broker::Data%): count
function Broker::__refine_to_count%(d: Broker::Data%): count
%{
return bro_broker::refine<uint64_t>(d->AsRecordVal(), TYPE_COUNT, frame);
%}
## Convert communication data with a type of :bro:see:`Broker::DOUBLE` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
function Broker::refine_to_double%(d: Broker::Data%): double
function Broker::__refine_to_double%(d: Broker::Data%): double
%{
return bro_broker::refine<double>(d->AsRecordVal(), TYPE_DOUBLE, frame);
%}
## Convert communication data with a type of :bro:see:`Broker::STRING` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
function Broker::refine_to_string%(d: Broker::Data%): string
function Broker::__refine_to_string%(d: Broker::Data%): string
%{
return new StringVal(bro_broker::require_data_type<std::string>(d->AsRecordVal(),
TYPE_STRING,
frame));
%}
## Convert communication data with a type of :bro:see:`Broker::ADDR` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
function Broker::refine_to_addr%(d: Broker::Data%): addr
function Broker::__refine_to_addr%(d: Broker::Data%): addr
%{
auto& a = bro_broker::require_data_type<broker::address>(d->AsRecordVal(),
TYPE_ADDR, frame);
@ -125,13 +76,7 @@ function Broker::refine_to_addr%(d: Broker::Data%): addr
return new AddrVal(IPAddr(*bits));
%}
## Convert communication data with a type of :bro:see:`Broker::SUBNET` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
function Broker::refine_to_subnet%(d: Broker::Data%): subnet
function Broker::__refine_to_subnet%(d: Broker::Data%): subnet
%{
auto& a = bro_broker::require_data_type<broker::subnet>(d->AsRecordVal(),
TYPE_SUBNET, frame);
@ -139,71 +84,40 @@ function Broker::refine_to_subnet%(d: Broker::Data%): subnet
return new SubNetVal(IPPrefix(IPAddr(*bits), a.length()));
%}
## Convert communication data with a type of :bro:see:`Broker::PORT` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
function Broker::refine_to_port%(d: Broker::Data%): port
function Broker::__refine_to_port%(d: Broker::Data%): port
%{
auto& a = bro_broker::require_data_type<broker::port>(d->AsRecordVal(),
TYPE_SUBNET, frame);
return new PortVal(a.number(), bro_broker::to_bro_port_proto(a.type()));
%}
## Convert communication data with a type of :bro:see:`Broker::TIME` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
function Broker::refine_to_time%(d: Broker::Data%): time
function Broker::__refine_to_time%(d: Broker::Data%): time
%{
auto v = bro_broker::require_data_type<broker::time_point>(d->AsRecordVal(),
TYPE_TIME, frame).value;
return new Val(v, TYPE_TIME);
%}
## Convert communication data with a type of :bro:see:`Broker::INTERVAL` to
## an actual Bro value.
##
## d: the communication data to convert.
##
## Returns: the value retrieved from the communication data.
function Broker::refine_to_interval%(d: Broker::Data%): interval
function Broker::__refine_to_interval%(d: Broker::Data%): interval
%{
auto v = bro_broker::require_data_type<broker::time_duration>(d->AsRecordVal(),
TYPE_TIME, frame).value;
return new Val(v, TYPE_INTERVAL);
%}
## Convert communication data with a type of :bro:see:`Broker::ENUM` to
## the name of the enum value. :bro:see:`lookup_ID` may be used to convert
## the name to the actual enum value.
##
## d: the communication data to convert.
##
## Returns: the enum name retrieved from the communication data.
function Broker::refine_to_enum_name%(d: Broker::Data%): string
function Broker::__refine_to_enum_name%(d: Broker::Data%): string
%{
auto& v = bro_broker::require_data_type<broker::enum_value>(d->AsRecordVal(),
TYPE_ENUM, frame).name;
return new StringVal(v);
%}
## Create communication data of type "set".
function Broker::set_create%(%): Broker::Data
function Broker::__set_create%(%): Broker::Data
%{
return bro_broker::make_data_val(broker::set());
%}
## Remove all elements within a set.
##
## s: the set to clear.
##
## Returns: always true.
function Broker::set_clear%(s: Broker::Data%): bool
function Broker::__set_clear%(s: Broker::Data%): bool
%{
auto& v = bro_broker::require_data_type<broker::set>(s->AsRecordVal(), TYPE_TABLE,
frame);
@ -211,26 +125,14 @@ function Broker::set_clear%(s: Broker::Data%): bool
return new Val(true, TYPE_BOOL);
%}
## Get the number of elements within a set.
##
## s: the set to query.
##
## Returns: the number of elements in the set.
function Broker::set_size%(s: Broker::Data%): count
function Broker::__set_size%(s: Broker::Data%): count
%{
auto& v = bro_broker::require_data_type<broker::set>(s->AsRecordVal(), TYPE_TABLE,
frame);
return new Val(static_cast<uint64_t>(v.size()), TYPE_COUNT);
%}
## Check if a set contains a particular element.
##
## s: the set to query.
##
## key: the element to check for existence.
##
## Returns: true if the key exists in the set.
function Broker::set_contains%(s: Broker::Data, key: Broker::Data%): bool
function Broker::__set_contains%(s: Broker::Data, key: Broker::Data%): bool
%{
auto& v = bro_broker::require_data_type<broker::set>(s->AsRecordVal(), TYPE_TABLE,
frame);
@ -238,14 +140,7 @@ function Broker::set_contains%(s: Broker::Data, key: Broker::Data%): bool
return new Val(v.find(k) != v.end(), TYPE_BOOL);
%}
## Insert an element into a set.
##
## s: the set to modify.
##
## key: the element to insert.
##
## Returns: true if the key was inserted, or false if it already existed.
function Broker::set_insert%(s: Broker::Data, key: Broker::Data%): bool
function Broker::__set_insert%(s: Broker::Data, key: Broker::Data%): bool
%{
auto& v = bro_broker::require_data_type<broker::set>(s->AsRecordVal(), TYPE_TABLE,
frame);
@ -253,14 +148,7 @@ function Broker::set_insert%(s: Broker::Data, key: Broker::Data%): bool
return new Val(v.insert(k).second, TYPE_BOOL);
%}
## Remove an element from a set.
##
## s: the set to modify.
##
## key: the element to remove.
##
## Returns: true if the element existed in the set and is now removed.
function Broker::set_remove%(s: Broker::Data, key: Broker::Data%): bool
function Broker::__set_remove%(s: Broker::Data, key: Broker::Data%): bool
%{
auto& v = bro_broker::require_data_type<broker::set>(s->AsRecordVal(), TYPE_TABLE,
frame);
@ -268,37 +156,18 @@ function Broker::set_remove%(s: Broker::Data, key: Broker::Data%): bool
return new Val(v.erase(k) > 0, TYPE_BOOL);
%}
## Create an iterator for a set. Note that this makes a copy of the set
## internally to ensure the iterator is always valid.
##
## s: the set to iterate over.
##
## Returns: an iterator.
function Broker::set_iterator%(s: Broker::Data%): opaque of Broker::SetIterator
function Broker::__set_iterator%(s: Broker::Data%): opaque of Broker::SetIterator
%{
return new bro_broker::SetIterator(s->AsRecordVal(), TYPE_TABLE, frame);
%}
## Check if there are no more elements to iterate over.
##
## it: an iterator.
##
## Returns: true if there are no more elements to iterator over, i.e.
## the iterator is one-past-the-final-element.
function Broker::set_iterator_last%(it: opaque of Broker::SetIterator%): bool
function Broker::__set_iterator_last%(it: opaque of Broker::SetIterator%): bool
%{
auto set_it = static_cast<bro_broker::SetIterator*>(it);
return new Val(set_it->it == set_it->dat.end(), TYPE_BOOL);
%}
## Advance an iterator.
##
## it: an iterator.
##
## Returns: true if the iterator, after advancing, still references an element
## in the collection. False if the iterator, after advancing, is
## one-past-the-final-element.
function Broker::set_iterator_next%(it: opaque of Broker::SetIterator%): bool
function Broker::__set_iterator_next%(it: opaque of Broker::SetIterator%): bool
%{
auto set_it = static_cast<bro_broker::SetIterator*>(it);
@ -309,12 +178,7 @@ function Broker::set_iterator_next%(it: opaque of Broker::SetIterator%): bool
return new Val(set_it->it != set_it->dat.end(), TYPE_BOOL);
%}
## Retrieve the data at an iterator's current position.
##
## it: an iterator.
##
## Returns: element in the collection that the iterator currently references.
function Broker::set_iterator_value%(it: opaque of Broker::SetIterator%): Broker::Data
function Broker::__set_iterator_value%(it: opaque of Broker::SetIterator%): Broker::Data
%{
auto set_it = static_cast<bro_broker::SetIterator*>(it);
auto rval = new RecordVal(BifType::Record::Broker::Data);
@ -331,18 +195,12 @@ function Broker::set_iterator_value%(it: opaque of Broker::SetIterator%): Broker
return rval;
%}
## Create communication data of type "table".
function Broker::table_create%(%): Broker::Data
function Broker::__table_create%(%): Broker::Data
%{
return bro_broker::make_data_val(broker::table());
%}
## Remove all elements within a table.
##
## t: the table to clear.
##
## Returns: always true.
function Broker::table_clear%(t: Broker::Data%): bool
function Broker::__table_clear%(t: Broker::Data%): bool
%{
auto& v = bro_broker::require_data_type<broker::table>(t->AsRecordVal(),
TYPE_TABLE, frame);
@ -350,26 +208,14 @@ function Broker::table_clear%(t: Broker::Data%): bool
return new Val(true, TYPE_BOOL);
%}
## Get the number of elements within a table.
##
## t: the table to query.
##
## Returns: the number of elements in the table.
function Broker::table_size%(t: Broker::Data%): count
function Broker::__table_size%(t: Broker::Data%): count
%{
auto& v = bro_broker::require_data_type<broker::table>(t->AsRecordVal(),
TYPE_TABLE, frame);
return new Val(static_cast<uint64_t>(v.size()), TYPE_COUNT);
%}
## Check if a table contains a particular key.
##
## t: the table to query.
##
## key: the key to check for existence.
##
## Returns: true if the key exists in the table.
function Broker::table_contains%(t: Broker::Data, key: Broker::Data%): bool
function Broker::__table_contains%(t: Broker::Data, key: Broker::Data%): bool
%{
auto& v = bro_broker::require_data_type<broker::table>(t->AsRecordVal(),
TYPE_TABLE, frame);
@ -377,17 +223,7 @@ function Broker::table_contains%(t: Broker::Data, key: Broker::Data%): bool
return new Val(v.find(k) != v.end(), TYPE_BOOL);
%}
## Insert a key-value pair into a table.
##
## t: the table to modify.
##
## key: the key at which to insert the value.
##
## val: the value to insert.
##
## Returns: true if the key-value pair was inserted, or false if the key
## already existed in the table.
function Broker::table_insert%(t: Broker::Data, key: Broker::Data, val: Broker::Data%): Broker::Data
function Broker::__table_insert%(t: Broker::Data, key: Broker::Data, val: Broker::Data%): Broker::Data
%{
auto& table = bro_broker::require_data_type<broker::table>(t->AsRecordVal(),
TYPE_TABLE, frame);
@ -408,15 +244,7 @@ function Broker::table_insert%(t: Broker::Data, key: Broker::Data, val: Broker::
}
%}
## Remove a key-value pair from a table.
##
## t: the table to modify.
##
## key: the key to remove from the table.
##
## Returns: the value associated with the key. If the key did not exist, then
## the optional field of the returned record is not set.
function Broker::table_remove%(t: Broker::Data, key: Broker::Data%): Broker::Data
function Broker::__table_remove%(t: Broker::Data, key: Broker::Data%): Broker::Data
%{
auto& table = bro_broker::require_data_type<broker::table>(t->AsRecordVal(),
TYPE_TABLE, frame);
@ -433,15 +261,7 @@ function Broker::table_remove%(t: Broker::Data, key: Broker::Data%): Broker::Dat
}
%}
## Retrieve a value from a table.
##
## t: the table to query.
##
## key: the key to lookup.
##
## Returns: the value associated with the key. If the key did not exist, then
## the optional field of the returned record is not set.
function Broker::table_lookup%(t: Broker::Data, key: Broker::Data%): Broker::Data
function Broker::__table_lookup%(t: Broker::Data, key: Broker::Data%): Broker::Data
%{
auto& table = bro_broker::require_data_type<broker::table>(t->AsRecordVal(),
TYPE_TABLE, frame);
@ -454,37 +274,18 @@ function Broker::table_lookup%(t: Broker::Data, key: Broker::Data%): Broker::Dat
return bro_broker::make_data_val(it->second);
%}
## Create an iterator for a table. Note that this makes a copy of the table
## internally to ensure the iterator is always valid.
##
## t: the table to iterate over.
##
## Returns: an iterator.
function Broker::table_iterator%(t: Broker::Data%): opaque of Broker::TableIterator
function Broker::__table_iterator%(t: Broker::Data%): opaque of Broker::TableIterator
%{
return new bro_broker::TableIterator(t->AsRecordVal(), TYPE_TABLE, frame);
%}
## Check if there are no more elements to iterate over.
##
## it: an iterator.
##
## Returns: true if there are no more elements to iterator over, i.e.
## the iterator is one-past-the-final-element.
function Broker::table_iterator_last%(it: opaque of Broker::TableIterator%): bool
function Broker::__table_iterator_last%(it: opaque of Broker::TableIterator%): bool
%{
auto ti = static_cast<bro_broker::TableIterator*>(it);
return new Val(ti->it == ti->dat.end(), TYPE_BOOL);
%}
## Advance an iterator.
##
## it: an iterator.
##
## Returns: true if the iterator, after advancing, still references an element
## in the collection. False if the iterator, after advancing, is
## one-past-the-final-element.
function Broker::table_iterator_next%(it: opaque of Broker::TableIterator%): bool
function Broker::__table_iterator_next%(it: opaque of Broker::TableIterator%): bool
%{
auto ti = static_cast<bro_broker::TableIterator*>(it);
@ -495,12 +296,7 @@ function Broker::table_iterator_next%(it: opaque of Broker::TableIterator%): boo
return new Val(ti->it != ti->dat.end(), TYPE_BOOL);
%}
## Retrieve the data at an iterator's current position.
##
## it: an iterator.
##
## Returns: element in the collection that the iterator currently references.
function Broker::table_iterator_value%(it: opaque of Broker::TableIterator%): Broker::TableItem
function Broker::__table_iterator_value%(it: opaque of Broker::TableIterator%): Broker::TableItem
%{
auto ti = static_cast<bro_broker::TableIterator*>(it);
auto rval = new RecordVal(BifType::Record::Broker::TableItem);
@ -522,18 +318,12 @@ function Broker::table_iterator_value%(it: opaque of Broker::TableIterator%): Br
return rval;
%}
## Create communication data of type "vector".
function Broker::vector_create%(%): Broker::Data
function Broker::__vector_create%(%): Broker::Data
%{
return bro_broker::make_data_val(broker::vector());
%}
## Remove all elements within a vector.
##
## v: the vector to clear.
##
## Returns: always true.
function Broker::vector_clear%(v: Broker::Data%): bool
function Broker::__vector_clear%(v: Broker::Data%): bool
%{
auto& vec = bro_broker::require_data_type<broker::vector>(v->AsRecordVal(),
TYPE_VECTOR, frame);
@ -541,30 +331,14 @@ function Broker::vector_clear%(v: Broker::Data%): bool
return new Val(true, TYPE_BOOL);
%}
## Get the number of elements within a vector.
##
## v: the vector to query.
##
## Returns: the number of elements in the vector.
function Broker::vector_size%(v: Broker::Data%): count
function Broker::__vector_size%(v: Broker::Data%): count
%{
auto& vec = bro_broker::require_data_type<broker::vector>(v->AsRecordVal(),
TYPE_VECTOR, frame);
return new Val(static_cast<uint64_t>(vec.size()), TYPE_COUNT);
%}
## Insert an element into a vector at a particular position, possibly displacing
## existing elements (insertion always grows the size of the vector by one).
##
## v: the vector to modify.
##
## d: the element to insert.
##
## idx: the index at which to insert the data. If it is greater than the
## current size of the vector, the element is inserted at the end.
##
## Returns: always true.
function Broker::vector_insert%(v: Broker::Data, d: Broker::Data, idx: count%): bool
function Broker::__vector_insert%(v: Broker::Data, d: Broker::Data, idx: count%): bool
%{
auto& vec = bro_broker::require_data_type<broker::vector>(v->AsRecordVal(),
TYPE_VECTOR, frame);
@ -574,17 +348,7 @@ function Broker::vector_insert%(v: Broker::Data, d: Broker::Data, idx: count%):
return new Val(true, TYPE_BOOL);
%}
## Replace an element in a vector at a particular position.
##
## v: the vector to modify.
##
## d: the element to insert.
##
## idx: the index to replace.
##
## Returns: the value that was just evicted. If the index was larger than any
## valid index, the optional field of the returned record is not set.
function Broker::vector_replace%(v: Broker::Data, d: Broker::Data, idx: count%): Broker::Data
function Broker::__vector_replace%(v: Broker::Data, d: Broker::Data, idx: count%): Broker::Data
%{
auto& vec = bro_broker::require_data_type<broker::vector>(v->AsRecordVal(),
TYPE_VECTOR, frame);
@ -598,15 +362,7 @@ function Broker::vector_replace%(v: Broker::Data, d: Broker::Data, idx: count%):
return rval;
%}
## Remove an element from a vector at a particular position.
##
## v: the vector to modify.
##
## idx: the index to remove.
##
## Returns: the value that was just evicted. If the index was larger than any
## valid index, the optional field of the returned record is not set.
function Broker::vector_remove%(v: Broker::Data, idx: count%): Broker::Data
function Broker::__vector_remove%(v: Broker::Data, idx: count%): Broker::Data
%{
auto& vec = bro_broker::require_data_type<broker::vector>(v->AsRecordVal(),
TYPE_VECTOR, frame);
@ -619,15 +375,7 @@ function Broker::vector_remove%(v: Broker::Data, idx: count%): Broker::Data
return rval;
%}
## Lookup an element in a vector at a particular position.
##
## v: the vector to query.
##
## idx: the index to lookup.
##
## Returns: the value at the index. If the index was larger than any
## valid index, the optional field of the returned record is not set.
function Broker::vector_lookup%(v: Broker::Data, idx: count%): Broker::Data
function Broker::__vector_lookup%(v: Broker::Data, idx: count%): Broker::Data
%{
auto& vec = bro_broker::require_data_type<broker::vector>(v->AsRecordVal(),
TYPE_VECTOR, frame);
@ -638,37 +386,18 @@ function Broker::vector_lookup%(v: Broker::Data, idx: count%): Broker::Data
return bro_broker::make_data_val(vec[idx]);
%}
## Create an iterator for a vector. Note that this makes a copy of the vector
## internally to ensure the iterator is always valid.
##
## v: the vector to iterate over.
##
## Returns: an iterator.
function Broker::vector_iterator%(v: Broker::Data%): opaque of Broker::VectorIterator
function Broker::__vector_iterator%(v: Broker::Data%): opaque of Broker::VectorIterator
%{
return new bro_broker::VectorIterator(v->AsRecordVal(), TYPE_VECTOR, frame);
%}
## Check if there are no more elements to iterate over.
##
## it: an iterator.
##
## Returns: true if there are no more elements to iterator over, i.e.
## the iterator is one-past-the-final-element.
function Broker::vector_iterator_last%(it: opaque of Broker::VectorIterator%): bool
function Broker::__vector_iterator_last%(it: opaque of Broker::VectorIterator%): bool
%{
auto vi = static_cast<bro_broker::VectorIterator*>(it);
return new Val(vi->it == vi->dat.end(), TYPE_BOOL);
%}
## Advance an iterator.
##
## it: an iterator.
##
## Returns: true if the iterator, after advancing, still references an element
## in the collection. False if the iterator, after advancing, is
## one-past-the-final-element.
function Broker::vector_iterator_next%(it: opaque of Broker::VectorIterator%): bool
function Broker::__vector_iterator_next%(it: opaque of Broker::VectorIterator%): bool
%{
auto vi = static_cast<bro_broker::VectorIterator*>(it);
@ -679,12 +408,7 @@ function Broker::vector_iterator_next%(it: opaque of Broker::VectorIterator%): b
return new Val(vi->it != vi->dat.end(), TYPE_BOOL);
%}
## Retrieve the data at an iterator's current position.
##
## it: an iterator.
##
## Returns: element in the collection that the iterator currently references.
function Broker::vector_iterator_value%(it: opaque of Broker::VectorIterator%): Broker::Data
function Broker::__vector_iterator_value%(it: opaque of Broker::VectorIterator%): Broker::Data
%{
auto vi = static_cast<bro_broker::VectorIterator*>(it);
auto rval = new RecordVal(BifType::Record::Broker::Data);
@ -701,38 +425,19 @@ function Broker::vector_iterator_value%(it: opaque of Broker::VectorIterator%):
return rval;
%}
## Create communication data of type "record".
##
## sz: the number of fields in the record.
##
## Returns: record data, with all fields uninitialized.
function Broker::record_create%(sz: count%): Broker::Data
function Broker::__record_create%(sz: count%): Broker::Data
%{
return bro_broker::make_data_val(broker::record(std::vector<broker::record::field>(sz)));
%}
## Get the number of fields within a record.
##
## r: the record to query.
##
## Returns: the number of fields in the record.
function Broker::record_size%(r: Broker::Data%): count
function Broker::__record_size%(r: Broker::Data%): count
%{
auto& v = bro_broker::require_data_type<broker::record>(r->AsRecordVal(),
TYPE_RECORD, frame);
return new Val(static_cast<uint64_t>(v.fields.size()), TYPE_COUNT);
%}
## Replace a field in a record at a particular position.
##
## r: the record to modify.
##
## d: the new field value to assign.
##
## idx: the index to replace.
##
## Returns: false if the index was larger than any valid index, else true.
function Broker::record_assign%(r: Broker::Data, d: Broker::Data, idx: count%): bool
function Broker::__record_assign%(r: Broker::Data, d: Broker::Data, idx: count%): bool
%{
auto& v = bro_broker::require_data_type<broker::record>(r->AsRecordVal(),
TYPE_RECORD, frame);
@ -745,16 +450,7 @@ function Broker::record_assign%(r: Broker::Data, d: Broker::Data, idx: count%):
return new Val(true, TYPE_BOOL);
%}
## Lookup a field in a record at a particular position.
##
## r: the record to query.
##
## idx: the index to lookup.
##
## Returns: the value at the index. The optional field of the returned record
## may not be set if the field of the record has no value or if the
## index was not valid.
function Broker::record_lookup%(r: Broker::Data, idx: count%): Broker::Data
function Broker::__record_lookup%(r: Broker::Data, idx: count%): Broker::Data
%{
auto& v = bro_broker::require_data_type<broker::record>(r->AsRecordVal(),
TYPE_RECORD, frame);
@ -768,37 +464,18 @@ function Broker::record_lookup%(r: Broker::Data, idx: count%): Broker::Data
return bro_broker::make_data_val(*v.fields[idx]);
%}
## Create an iterator for a record. Note that this makes a copy of the record
## internally to ensure the iterator is always valid.
##
## r: the record to iterate over.
##
## Returns: an iterator.
function Broker::record_iterator%(r: Broker::Data%): opaque of Broker::RecordIterator
function Broker::__record_iterator%(r: Broker::Data%): opaque of Broker::RecordIterator
%{
return new bro_broker::RecordIterator(r->AsRecordVal(), TYPE_RECORD, frame);
%}
## Check if there are no more elements to iterate over.
##
## it: an iterator.
##
## Returns: true if there are no more elements to iterator over, i.e.
## the iterator is one-past-the-final-element.
function Broker::record_iterator_last%(it: opaque of Broker::RecordIterator%): bool
function Broker::__record_iterator_last%(it: opaque of Broker::RecordIterator%): bool
%{
auto ri = static_cast<bro_broker::RecordIterator*>(it);
return new Val(ri->it == ri->dat.fields.end(), TYPE_BOOL);
%}
## Advance an iterator.
##
## it: an iterator.
##
## Returns: true if the iterator, after advancing, still references an element
## in the collection. False if the iterator, after advancing, is
## one-past-the-final-element.
function Broker::record_iterator_next%(it: opaque of Broker::RecordIterator%): bool
function Broker::__record_iterator_next%(it: opaque of Broker::RecordIterator%): bool
%{
auto ri = static_cast<bro_broker::RecordIterator*>(it);
@ -809,12 +486,7 @@ function Broker::record_iterator_next%(it: opaque of Broker::RecordIterator%): b
return new Val(ri->it != ri->dat.fields.end(), TYPE_BOOL);
%}
## Retrieve the data at an iterator's current position.
##
## it: an iterator.
##
## Returns: element in the collection that the iterator currently references.
function Broker::record_iterator_value%(it: opaque of Broker::RecordIterator%): Broker::Data
function Broker::__record_iterator_value%(it: opaque of Broker::RecordIterator%): Broker::Data
%{
auto ri = static_cast<bro_broker::RecordIterator*>(it);
auto rval = new RecordVal(BifType::Record::Broker::Data);

6
testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
View file

@ -3,7 +3,7 @@
#empty_field (empty)
#unset_field -
#path loaded_scripts
#open 2016-04-26-21-21-19
#open 2016-04-27-02-37-50
#fields name
#types string
scripts/base/init-bare.bro
@ -20,6 +20,7 @@ scripts/base/init-bare.bro
build/scripts/base/bif/comm.bif.bro
build/scripts/base/bif/messaging.bif.bro
scripts/base/frameworks/broker/store.bro
build/scripts/base/bif/data.bif.bro
build/scripts/base/bif/store.bif.bro
scripts/base/frameworks/logging/__load__.bro
scripts/base/frameworks/logging/main.bro
@ -54,7 +55,6 @@ scripts/base/init-bare.bro
build/scripts/base/bif/bloom-filter.bif.bro
build/scripts/base/bif/cardinality-counter.bif.bro
build/scripts/base/bif/top-k.bif.bro
build/scripts/base/bif/data.bif.bro
build/scripts/base/bif/plugins/__load__.bro
build/scripts/base/bif/plugins/Bro_ARP.events.bif.bro
build/scripts/base/bif/plugins/Bro_AYIYA.events.bif.bro
@ -131,4 +131,4 @@ scripts/base/init-bare.bro
build/scripts/base/bif/plugins/Bro_SQLiteWriter.sqlite.bif.bro
scripts/policy/misc/loaded-scripts.bro
scripts/base/utils/paths.bro
#close 2016-04-26-21-21-19
#close 2016-04-27-02-37-50

6
testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
View file

@ -3,7 +3,7 @@
#empty_field (empty)
#unset_field -
#path loaded_scripts
#open 2016-04-26-21-21-31
#open 2016-04-27-02-38-00
#fields name
#types string
scripts/base/init-bare.bro
@ -20,6 +20,7 @@ scripts/base/init-bare.bro
build/scripts/base/bif/comm.bif.bro
build/scripts/base/bif/messaging.bif.bro
scripts/base/frameworks/broker/store.bro
build/scripts/base/bif/data.bif.bro
build/scripts/base/bif/store.bif.bro
scripts/base/frameworks/logging/__load__.bro
scripts/base/frameworks/logging/main.bro
@ -54,7 +55,6 @@ scripts/base/init-bare.bro
build/scripts/base/bif/bloom-filter.bif.bro
build/scripts/base/bif/cardinality-counter.bif.bro
build/scripts/base/bif/top-k.bif.bro
build/scripts/base/bif/data.bif.bro
build/scripts/base/bif/plugins/__load__.bro
build/scripts/base/bif/plugins/Bro_ARP.events.bif.bro
build/scripts/base/bif/plugins/Bro_AYIYA.events.bif.bro
@ -302,4 +302,4 @@ scripts/base/init-default.bro
scripts/base/misc/find-checksum-offloading.bro
scripts/base/misc/find-filtered-trace.bro
scripts/policy/misc/loaded-scripts.bro
#close 2016-04-26-21-21-31
#close 2016-04-27-02-38-00

14
testing/btest/Baseline/plugins.hooks/output
View file

@ -230,7 +230,7 @@
0.000000 MetaHookPost CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
0.000000 MetaHookPost CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
0.000000 MetaHookPost CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
0.000000 MetaHookPost CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
0.000000 MetaHookPost CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1461724691.655146, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
0.000000 MetaHookPost CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG)) -> <no result>
0.000000 MetaHookPost CallFunction(Log::add_default_filter, <frame>, (Communication::LOG)) -> <no result>
0.000000 MetaHookPost CallFunction(Log::add_default_filter, <frame>, (Conn::LOG)) -> <no result>
@ -351,7 +351,7 @@
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])) -> <no result>
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])) -> <no result>
0.000000 MetaHookPost CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])) -> <no result>
0.000000 MetaHookPost CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
0.000000 MetaHookPost CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1461724691.655146, node=bro, filter=ip or not ip, init=T, success=T])) -> <no result>
0.000000 MetaHookPost CallFunction(NetControl::check_plugins, <frame>, ()) -> <no result>
0.000000 MetaHookPost CallFunction(NetControl::init, <null>, ()) -> <no result>
0.000000 MetaHookPost CallFunction(Notice::want_pp, <frame>, ()) -> <no result>
@ -572,6 +572,7 @@
0.000000 MetaHookPost LoadFile(base<...>/conn-ids) -> -1
0.000000 MetaHookPost LoadFile(base<...>/const.bif.bro) -> -1
0.000000 MetaHookPost LoadFile(base<...>/control) -> -1
0.000000 MetaHookPost LoadFile(base<...>/data.bif) -> -1
0.000000 MetaHookPost LoadFile(base<...>/dhcp) -> -1
0.000000 MetaHookPost LoadFile(base<...>/dir) -> -1
0.000000 MetaHookPost LoadFile(base<...>/directions-and-hosts) -> -1
@ -873,7 +874,7 @@
0.000000 MetaHookPre CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
0.000000 MetaHookPre CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
0.000000 MetaHookPre CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
0.000000 MetaHookPre CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T]))
0.000000 MetaHookPre CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1461724691.655146, node=bro, filter=ip or not ip, init=T, success=T]))
0.000000 MetaHookPre CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG))
0.000000 MetaHookPre CallFunction(Log::add_default_filter, <frame>, (Communication::LOG))
0.000000 MetaHookPre CallFunction(Log::add_default_filter, <frame>, (Conn::LOG))
@ -994,7 +995,7 @@
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird]))
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509]))
0.000000 MetaHookPre CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql]))
0.000000 MetaHookPre CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T]))
0.000000 MetaHookPre CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1461724691.655146, node=bro, filter=ip or not ip, init=T, success=T]))
0.000000 MetaHookPre CallFunction(NetControl::check_plugins, <frame>, ())
0.000000 MetaHookPre CallFunction(NetControl::init, <null>, ())
0.000000 MetaHookPre CallFunction(Notice::want_pp, <frame>, ())
@ -1215,6 +1216,7 @@
0.000000 MetaHookPre LoadFile(base<...>/conn-ids)
0.000000 MetaHookPre LoadFile(base<...>/const.bif.bro)
0.000000 MetaHookPre LoadFile(base<...>/control)
0.000000 MetaHookPre LoadFile(base<...>/data.bif)
0.000000 MetaHookPre LoadFile(base<...>/dhcp)
0.000000 MetaHookPre LoadFile(base<...>/dir)
0.000000 MetaHookPre LoadFile(base<...>/directions-and-hosts)
@ -1515,7 +1517,7 @@
0.000000 | HookCallFunction Log::__create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
0.000000 | HookCallFunction Log::__create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
0.000000 | HookCallFunction Log::__create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T])
0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1461724691.655146, node=bro, filter=ip or not ip, init=T, success=T])
0.000000 | HookCallFunction Log::add_default_filter(Cluster::LOG)
0.000000 | HookCallFunction Log::add_default_filter(Communication::LOG)
0.000000 | HookCallFunction Log::add_default_filter(Conn::LOG)
@ -1636,7 +1638,7 @@
0.000000 | HookCallFunction Log::create_stream(Weird::LOG, [columns=<no value description>, ev=Weird::log_weird, path=weird])
0.000000 | HookCallFunction Log::create_stream(X509::LOG, [columns=<no value description>, ev=X509::log_x509, path=x509])
0.000000 | HookCallFunction Log::create_stream(mysql::LOG, [columns=<no value description>, ev=MySQL::log_mysql, path=mysql])
0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1461705704.402549, node=bro, filter=ip or not ip, init=T, success=T])
0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1461724691.655146, node=bro, filter=ip or not ip, init=T, success=T])
0.000000 | HookCallFunction NetControl::check_plugins()
0.000000 | HookCallFunction NetControl::init()
0.000000 | HookCallFunction Notice::want_pp()