mirror of
https://github.com/zeek/zeek.git
synced 2025-10-15 21:18:20 +00:00
Merge remote-tracking branch 'origin/master' into topic/dnthayer/ticket1467
This commit is contained in:
Johanna Amann
commit
630e9f22d2
71 changed files with 603 additions and 558 deletions
|
|
@ -1,10 +0,0 @@
|
|||
#! /usr/bin/awk -f
|
||||
#
|
||||
# A diff canonifier that removes the priorities in notice_policy.log.
|
||||
|
||||
/^#/ && $2 == "notice_policy" { filter = 1; }
|
||||
|
||||
filter == 1 && /^[^#]/ { sub("^[0-9]*", "X"); }
|
||||
|
||||
{ print; }
|
||||
|
||||
|
|
@ -18,7 +18,6 @@ fi
|
|||
| `dirname $0`/diff-remove-uids \
|
||||
| `dirname $0`/diff-remove-file-ids \
|
||||
| `dirname $0`/diff-remove-x509-names \
|
||||
| `dirname $0`/diff-canon-notice-policy \
|
||||
| `dirname $0`/diff-sort \
|
||||
| eval $addl
|
||||
|
||||
|
|
|
|||
|
|
@ -4,8 +4,8 @@
|
|||
# prefix.
|
||||
|
||||
if [ $# != 1 ]; then
|
||||
echo "usage: `basename $0` <field prefix>"
|
||||
exit 1
|
||||
echo "usage: `basename $0` <field prefix>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
awk -v "PREFIX=$1" '
|
||||
|
|
@ -18,17 +18,15 @@ BEGIN { FS="\t"; OFS="\t"; }
|
|||
if ( index($i, PREFIX) == 1 )
|
||||
rem[i-1] = 1;
|
||||
}
|
||||
print;
|
||||
next;
|
||||
}
|
||||
|
||||
/^[^#]/ {
|
||||
for ( i in rem )
|
||||
# Mark that it is set, but ignore content.
|
||||
$i = "+";
|
||||
}
|
||||
|
||||
{
|
||||
for ( i in rem )
|
||||
# Mark that it iss set, but ignore content.
|
||||
$i = "+";
|
||||
|
||||
print;
|
||||
}
|
||||
|
||||
'
|
||||
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
#! /usr/bin/awk -f
|
||||
#! /usr/bin/env bash
|
||||
#
|
||||
# A diff canonifier that removes all file IDs from files.log
|
||||
|
||||
awk '
|
||||
BEGIN {
|
||||
FS="\t";
|
||||
OFS="\t";
|
||||
|
|
@ -12,13 +13,15 @@ $1 == "#path" && $2 == "files" {
|
|||
process = 1;
|
||||
}
|
||||
|
||||
process && column1 > 0 && column2 > 0 {
|
||||
$column1 = "XXXXXXXXXXX";
|
||||
$column2 = "XXXXXXXXXXX";
|
||||
/^[^#]/ {
|
||||
if ( process && column1 > 0 && column2 > 0 ) {
|
||||
$column1 = "XXXXXXXXXXX";
|
||||
$column2 = "XXXXXXXXXXX";
|
||||
}
|
||||
}
|
||||
|
||||
/^#/ {
|
||||
for ( i = 0; i < NF; ++i ) {
|
||||
/^#fields/ {
|
||||
for ( i = 2; i <= NF; ++i ) {
|
||||
if ( $i == "fuid" )
|
||||
column1 = i - 1;
|
||||
|
||||
|
|
@ -28,6 +31,4 @@ process && column1 > 0 && column2 > 0 {
|
|||
}
|
||||
|
||||
{ print }
|
||||
|
||||
|
||||
|
||||
'
|
||||
|
|
|
|||
|
|
@ -1,29 +0,0 @@
|
|||
#! /usr/bin/awk -f
|
||||
#
|
||||
# A diff canonifier that removes all MIME types because libmagic output
|
||||
# can differ between installations.
|
||||
|
||||
BEGIN { FS="\t"; OFS="\t"; type_col = -1; desc_col = -1 }
|
||||
|
||||
/^#fields/ {
|
||||
for ( i = 2; i < NF; ++i )
|
||||
{
|
||||
if ( $i == "mime_type" )
|
||||
type_col = i-1;
|
||||
if ( $i == "mime_desc" )
|
||||
desc_col = i-1;
|
||||
}
|
||||
}
|
||||
|
||||
function remove_mime (n) {
|
||||
if ( n >= 0 && $n != "-" )
|
||||
# Mark that it's set, but ignore content.
|
||||
$n = "+"
|
||||
}
|
||||
|
||||
remove_mime(type_col)
|
||||
remove_mime(desc_col)
|
||||
|
||||
{
|
||||
print;
|
||||
}
|
||||
|
|
@ -1,21 +1,22 @@
|
|||
#! /usr/bin/awk -f
|
||||
#! /usr/bin/env bash
|
||||
#
|
||||
# A diff canonifier that removes all connection UIDs.
|
||||
|
||||
awk '
|
||||
BEGIN { FS="\t"; OFS="\t"; }
|
||||
|
||||
column > 0 {
|
||||
$column = "XXXXXXXXXXX";
|
||||
/^[^#]/ {
|
||||
if ( column > 0 ) {
|
||||
$column = "XXXXXXXXXXX";
|
||||
}
|
||||
}
|
||||
|
||||
/^#/ {
|
||||
for ( i = 0; i < NF; ++i ) {
|
||||
/^#fields/ {
|
||||
for ( i = 2; i <= NF; ++i ) {
|
||||
if ( $i == "uid" )
|
||||
column = i - 1;
|
||||
}
|
||||
}
|
||||
|
||||
{ print }
|
||||
|
||||
|
||||
|
||||
'
|
||||
|
|
|
|||
|
|
@ -1,8 +1,9 @@
|
|||
#! /usr/bin/awk -f
|
||||
#! /usr/bin/env bash
|
||||
#
|
||||
# A diff canonifier that removes all X.509 Distinguished Name subject fields
|
||||
# because that output can differ depending on installed OpenSSL version.
|
||||
|
||||
awk '
|
||||
BEGIN { FS="\t"; OFS="\t"; s_col = -1; i_col = -1; is_col = -1; cs_col = -1; ci_col = -1; cert_subj_col = -1; cert_issuer_col = -1 }
|
||||
|
||||
/^#/ {
|
||||
|
|
@ -33,46 +34,47 @@ BEGIN { FS="\t"; OFS="\t"; s_col = -1; i_col = -1; is_col = -1; cs_col = -1; ci_
|
|||
|
||||
s_col > 0 {
|
||||
if ( $s_col != "-" )
|
||||
# Mark that it's set, but ignore content.
|
||||
# Mark that it is set, but ignore content.
|
||||
$s_col = "+";
|
||||
}
|
||||
|
||||
i_col > 0 {
|
||||
if ( $i_col != "-" )
|
||||
# Mark that it's set, but ignore content.
|
||||
# Mark that it is set, but ignore content.
|
||||
$i_col = "+";
|
||||
}
|
||||
|
||||
is_col > 0 {
|
||||
if ( $is_col != "-" )
|
||||
# Mark that it's set, but ignore content.
|
||||
# Mark that it is set, but ignore content.
|
||||
$is_col = "+";
|
||||
}
|
||||
|
||||
cs_col > 0 {
|
||||
if ( $cs_col != "-" )
|
||||
# Mark that it's set, but ignore content.
|
||||
# Mark that it is set, but ignore content.
|
||||
$cs_col = "+";
|
||||
}
|
||||
|
||||
ci_col > 0 {
|
||||
if ( $ci_col != "-" )
|
||||
# Mark that it's set, but ignore content.
|
||||
# Mark that it is set, but ignore content.
|
||||
$ci_col = "+";
|
||||
}
|
||||
|
||||
cert_subj_col > 0 {
|
||||
if ( $cert_subj_col != "-" )
|
||||
# Mark that it's set, but ignore content.
|
||||
# Mark that it is set, but ignore content.
|
||||
$cert_subj_col = "+";
|
||||
}
|
||||
|
||||
cert_issuer_col > 0 {
|
||||
if ( $cert_issuer_col != "-" )
|
||||
# Mark that it's set, but ignore content.
|
||||
# Mark that it is set, but ignore content.
|
||||
$cert_issuer_col = "+";
|
||||
}
|
||||
|
||||
{
|
||||
print;
|
||||
}
|
||||
'
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue