Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-16 05:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote-tracking branch 'origin/topic/robin/new-update'

Browse source 
* origin/topic/robin/new-update:
  Add some more items to NEWS.
This commit is contained in:
Robin Sommer 2021-07-06 08:47:22 +02:00
commit 53f9f1c9ba
3 changed files with 23 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
CHANGES
View file

@ -1,3 +1,7 @@
4.1.0-dev.887 | 2021-07-06 08:47:22 +0200
* Add some more items to NEWS. (Robin Sommer, Corelight)
4.1.0-dev.884 | 2021-07-05 10:06:59 +0100 4.1.0-dev.884 | 2021-07-05 10:06:59 +0100
* Add ability to check if hostname is valid for a specific cert (Johanna Amann, Corelight) * Add ability to check if hostname is valid for a specific cert (Johanna Amann, Corelight)

22
NEWS
View file

@ -19,6 +19,9 @@ New Functionality
skips past the VN-Tag header, allowing for further analysis of subsequent skips past the VN-Tag header, allowing for further analysis of subsequent
packet contents. packet contents.
- Support for decapsulating Geneve packets to process the inner
payload, similar in operation to the existing VXLAN support.
- Support for Zeek script "Reaching Definitions" (RD) analysis: tracking the - Support for Zeek script "Reaching Definitions" (RD) analysis: tracking the
extent to which a given variable definition (assignment) can be visible extent to which a given variable definition (assignment) can be visible
elsewhere in the Zeek script. The analysis works on local variables in elsewhere in the Zeek script. The analysis works on local variables in
@ -46,13 +49,15 @@ New Functionality
variable or a record field to inform Zeek's analysis that the script writer variable or a record field to inform Zeek's analysis that the script writer
asserts the value will be set, suppressing the associated warnings. asserts the value will be set, suppressing the associated warnings.
- A Telemetry API was added to assist in gathering arbitrary runtime metrics - A Telemetry API was added to assist in gathering arbitrary runtime
and allows potential export to Prometheus. metrics and allows export to Prometheus. This is still
work-in-progress, preliminary documentation for current, low-level
API lives at https://github.com/zeek/zeek/wiki/Telemetry for now.
- Experimental support for translating Zeek scripts to equivalent C++. - Experimental support for translating Zeek scripts to equivalent C++.
The generated C++ can then be compiled directly into the `zeek` binary, The generated C++ can then be compiled directly into the ``zeek`` binary,
replacing use of the interpreter and producing better runtime performance. replacing use of the interpreter and producing better runtime performance.
See `src/script_opt/CPP/README.md` for a guide on how to use this feature. See ``src/script_opt/CPP/README.md`` for a guide on how to use this feature.
- Support for more generic session management. The NetSessions class has been - Support for more generic session management. The NetSessions class has been
renamed to SessionMgr (with the old name marked deprecated). The new renamed to SessionMgr (with the old name marked deprecated). The new
@ -78,6 +83,15 @@ New Functionality
``x509_check_cert_hostname``. A new field ``sni_matches_cert`` that tracks ``x509_check_cert_hostname``. A new field ``sni_matches_cert`` that tracks
this information was added to ``ssl.log``. this information was added to ``ssl.log``.
- Added a ``--plugindir`` argument to ``configure`` to set the
installation path for plugins.
- Added new functions to dynamically enable/disable file analyzers:
- ``global enable_analyzer: function(tag: Files::Tag): bool;``
- ``global disable_analyzer: function(tag: Files::Tag): bool;``
- ``global analyzer_enabled: function(tag: Files::Tag): bool;``
Changed Functionality Changed Functionality
--------------------- ---------------------

2
VERSION
View file

@ -1 +1 @@
4.1.0-dev.884 4.1.0-dev.887