Merge branch 'master' of https://github.com/zeek/zeek into topic/zeke/closures

2025-10-02 06:38:20 +00:00 · 2019-07-01 13:43:48 -07:00 · 2019-07-01 13:43:48 -07:00 · 6e84a5eb8e
commit 6e84a5eb8e
parent 409f27955b 23a1815e29
51 changed files with 273 additions and 2236 deletions
--- a/testing/btest/Baseline/core.reporter/logger-test.log
+++ b/testing/btest/Baseline/core.reporter/logger-test.log
@ -1,6 +1,6 @@
-reporter_info|init test-info|/Users/jsiwek/Projects/bro/bro/testing/btest/.tmp/core.reporter/reporter.zeek, line 8|0.000000
-reporter_warning|init test-warning|/Users/jsiwek/Projects/bro/bro/testing/btest/.tmp/core.reporter/reporter.zeek, line 9|0.000000
-reporter_error|init test-error|/Users/jsiwek/Projects/bro/bro/testing/btest/.tmp/core.reporter/reporter.zeek, line 10|0.000000
-reporter_info|done test-info|/Users/jsiwek/Projects/bro/bro/testing/btest/.tmp/core.reporter/reporter.zeek, line 15|0.000000
-reporter_warning|done test-warning|/Users/jsiwek/Projects/bro/bro/testing/btest/.tmp/core.reporter/reporter.zeek, line 16|0.000000
-reporter_error|done test-error|/Users/jsiwek/Projects/bro/bro/testing/btest/.tmp/core.reporter/reporter.zeek, line 17|0.000000
+reporter_info|init test-info|/home/jon/pro/zeek/zeek/testing/btest/.tmp/core.reporter/reporter.zeek, line 8|1561700937.882616
+reporter_warning|init test-warning|/home/jon/pro/zeek/zeek/testing/btest/.tmp/core.reporter/reporter.zeek, line 9|1561700937.882616
+reporter_error|init test-error|/home/jon/pro/zeek/zeek/testing/btest/.tmp/core.reporter/reporter.zeek, line 10|1561700937.882616
+reporter_info|done test-info|/home/jon/pro/zeek/zeek/testing/btest/.tmp/core.reporter/reporter.zeek, line 15|1561700937.882616
+reporter_warning|done test-warning|/home/jon/pro/zeek/zeek/testing/btest/.tmp/core.reporter/reporter.zeek, line 16|1561700937.882616
+reporter_error|done test-error|/home/jon/pro/zeek/zeek/testing/btest/.tmp/core.reporter/reporter.zeek, line 17|1561700937.882616
--- a/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log
@ -62,7 +62,6 @@ scripts/base/init-frameworks-and-bifs.zeek
    build/scripts/base/bif/top-k.bif.zeek
  build/scripts/base/bif/plugins/__load__.zeek
    build/scripts/base/bif/plugins/Zeek_ARP.events.bif.zeek
-    build/scripts/base/bif/plugins/Zeek_BackDoor.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_BitTorrent.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_ConnSize.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_ConnSize.functions.bif.zeek
@ -85,7 +84,6 @@ scripts/base/init-frameworks-and-bifs.zeek
    build/scripts/base/bif/plugins/Zeek_ICMP.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_Ident.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_IMAP.events.bif.zeek
-    build/scripts/base/bif/plugins/Zeek_InterConn.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_IRC.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_KRB.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_Login.events.bif.zeek
--- a/testing/btest/Baseline/coverage.bare-mode-errors/errors
+++ b/testing/btest/Baseline/coverage.bare-mode-errors/errors
@ -1,4 +0,0 @@
-warning in /Users/johanna/bro/master/scripts/policy/misc/trim-trace-file.zeek, line 25: deprecated (rotate_file_by_name)
-warning in /Users/johanna/bro/master/scripts/policy/misc/trim-trace-file.zeek, line 25: deprecated (rotate_file_by_name)
-warning in /Users/johanna/bro/master/scripts/policy/misc/trim-trace-file.zeek, line 25: deprecated (rotate_file_by_name)
-warning in /Users/johanna/bro/master/testing/btest/../../scripts//policy/misc/trim-trace-file.zeek, line 25: deprecated (rotate_file_by_name)
--- a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
+++ b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
@ -62,7 +62,6 @@ scripts/base/init-frameworks-and-bifs.zeek
    build/scripts/base/bif/top-k.bif.zeek
  build/scripts/base/bif/plugins/__load__.zeek
    build/scripts/base/bif/plugins/Zeek_ARP.events.bif.zeek
-    build/scripts/base/bif/plugins/Zeek_BackDoor.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_BitTorrent.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_ConnSize.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_ConnSize.functions.bif.zeek
@ -85,7 +84,6 @@ scripts/base/init-frameworks-and-bifs.zeek
    build/scripts/base/bif/plugins/Zeek_ICMP.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_Ident.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_IMAP.events.bif.zeek
-    build/scripts/base/bif/plugins/Zeek_InterConn.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_IRC.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_KRB.events.bif.zeek
    build/scripts/base/bif/plugins/Zeek_Login.events.bif.zeek
--- a/testing/btest/Baseline/plugins.hooks/output
+++ b/testing/btest/Baseline/plugins.hooks/output
@ -1,5 +1,3 @@
-0.000000   MetaHookPost  CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_BACKDOOR)) -> <no result>
-0.000000   MetaHookPost  CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_INTERCONN)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_STEPPINGSTONE)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_TCPSTATS)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_AYIYA, 5072/udp)) -> <no result>
@ -65,8 +63,6 @@
 0.000000   MetaHookPost  CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_VXLAN, 4789/udp)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_XMPP, 5222/tcp)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_XMPP, 5269/tcp)) -> <no result>
-0.000000   MetaHookPost  CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_BACKDOOR)) -> <no result>
-0.000000   MetaHookPost  CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_INTERCONN)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_STEPPINGSTONE)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_TCPSTATS)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_AYIYA, 5072/udp)) -> <no result>
@ -278,7 +274,7 @@
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1561670974.090821, node=zeek, filter=ip or not ip, init=T, success=T])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1561684839.152939, node=zeek, filter=ip or not ip, init=T, success=T])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Broker::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG)) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::add_default_filter, <frame>, (Config::LOG)) -> <no result>
@ -459,7 +455,7 @@
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])) -> <no result>
 0.000000   MetaHookPost  CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])) -> <no result>
-0.000000   MetaHookPost  CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1561670974.090821, node=zeek, filter=ip or not ip, init=T, success=T])) -> <no result>
+0.000000   MetaHookPost  CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1561684839.152939, node=zeek, filter=ip or not ip, init=T, success=T])) -> <no result>
 0.000000   MetaHookPost  CallFunction(NetControl::check_plugins, <frame>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(NetControl::init, <null>, ()) -> <no result>
 0.000000   MetaHookPost  CallFunction(Notice::want_pp, <frame>, ()) -> <no result>
@ -574,7 +570,6 @@
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_ARP.events.bif.zeek) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_AsciiReader.ascii.bif.zeek) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_AsciiWriter.ascii.bif.zeek) -> -1
-0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_BackDoor.events.bif.zeek) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_BenchmarkReader.benchmark.bif.zeek) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_BinaryReader.binary.bif.zeek) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_BitTorrent.events.bif.zeek) -> -1
@ -605,7 +600,6 @@
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_IMAP.events.bif.zeek) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_IRC.events.bif.zeek) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_Ident.events.bif.zeek) -> -1
-0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_InterConn.events.bif.zeek) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_KRB.events.bif.zeek) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_KRB.types.bif.zeek) -> -1
 0.000000   MetaHookPost  LoadFile(0, .<...>/Zeek_Login.events.bif.zeek) -> -1
@ -895,8 +889,6 @@
 0.000000   MetaHookPost  QueueEvent(NetControl::init()) -> false
 0.000000   MetaHookPost  QueueEvent(filter_change_tracking()) -> false
 0.000000   MetaHookPost  QueueEvent(zeek_init()) -> false
-0.000000   MetaHookPre   CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_BACKDOOR))
-0.000000   MetaHookPre   CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_INTERCONN))
 0.000000   MetaHookPre   CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_STEPPINGSTONE))
 0.000000   MetaHookPre   CallFunction(Analyzer::__disable_analyzer, <frame>, (Analyzer::ANALYZER_TCPSTATS))
 0.000000   MetaHookPre   CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_AYIYA, 5072/udp))
@ -962,8 +954,6 @@
 0.000000   MetaHookPre   CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_VXLAN, 4789/udp))
 0.000000   MetaHookPre   CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_XMPP, 5222/tcp))
 0.000000   MetaHookPre   CallFunction(Analyzer::__register_for_port, <frame>, (Analyzer::ANALYZER_XMPP, 5269/tcp))
-0.000000   MetaHookPre   CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_BACKDOOR))
-0.000000   MetaHookPre   CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_INTERCONN))
 0.000000   MetaHookPre   CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_STEPPINGSTONE))
 0.000000   MetaHookPre   CallFunction(Analyzer::disable_analyzer, <frame>, (Analyzer::ANALYZER_TCPSTATS))
 0.000000   MetaHookPre   CallFunction(Analyzer::register_for_port, <frame>, (Analyzer::ANALYZER_AYIYA, 5072/udp))
@ -1175,7 +1165,7 @@
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509]))
 0.000000   MetaHookPre   CallFunction(Log::__create_stream, <frame>, (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql]))
-0.000000   MetaHookPre   CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1561670974.090821, node=zeek, filter=ip or not ip, init=T, success=T]))
+0.000000   MetaHookPre   CallFunction(Log::__write, <frame>, (PacketFilter::LOG, [ts=1561684839.152939, node=zeek, filter=ip or not ip, init=T, success=T]))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Broker::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Cluster::LOG))
 0.000000   MetaHookPre   CallFunction(Log::add_default_filter, <frame>, (Config::LOG))
@ -1356,7 +1346,7 @@
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509]))
 0.000000   MetaHookPre   CallFunction(Log::create_stream, <frame>, (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql]))
-0.000000   MetaHookPre   CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1561670974.090821, node=zeek, filter=ip or not ip, init=T, success=T]))
+0.000000   MetaHookPre   CallFunction(Log::write, <frame>, (PacketFilter::LOG, [ts=1561684839.152939, node=zeek, filter=ip or not ip, init=T, success=T]))
 0.000000   MetaHookPre   CallFunction(NetControl::check_plugins, <frame>, ())
 0.000000   MetaHookPre   CallFunction(NetControl::init, <null>, ())
 0.000000   MetaHookPre   CallFunction(Notice::want_pp, <frame>, ())
@ -1471,7 +1461,6 @@
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_ARP.events.bif.zeek)
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_AsciiReader.ascii.bif.zeek)
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_AsciiWriter.ascii.bif.zeek)
-0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_BackDoor.events.bif.zeek)
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_BenchmarkReader.benchmark.bif.zeek)
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_BinaryReader.binary.bif.zeek)
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_BitTorrent.events.bif.zeek)
@ -1502,7 +1491,6 @@
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_IMAP.events.bif.zeek)
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_IRC.events.bif.zeek)
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_Ident.events.bif.zeek)
-0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_InterConn.events.bif.zeek)
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_KRB.events.bif.zeek)
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_KRB.types.bif.zeek)
 0.000000   MetaHookPre   LoadFile(0, .<...>/Zeek_Login.events.bif.zeek)
@ -1792,8 +1780,6 @@
 0.000000   MetaHookPre   QueueEvent(NetControl::init())
 0.000000   MetaHookPre   QueueEvent(filter_change_tracking())
 0.000000   MetaHookPre   QueueEvent(zeek_init())
-0.000000 | HookCallFunction Analyzer::__disable_analyzer(Analyzer::ANALYZER_BACKDOOR)
-0.000000 | HookCallFunction Analyzer::__disable_analyzer(Analyzer::ANALYZER_INTERCONN)
 0.000000 | HookCallFunction Analyzer::__disable_analyzer(Analyzer::ANALYZER_STEPPINGSTONE)
 0.000000 | HookCallFunction Analyzer::__disable_analyzer(Analyzer::ANALYZER_TCPSTATS)
 0.000000 | HookCallFunction Analyzer::__register_for_port(Analyzer::ANALYZER_AYIYA, 5072/udp)
@ -1859,8 +1845,6 @@
 0.000000 | HookCallFunction Analyzer::__register_for_port(Analyzer::ANALYZER_VXLAN, 4789/udp)
 0.000000 | HookCallFunction Analyzer::__register_for_port(Analyzer::ANALYZER_XMPP, 5222/tcp)
 0.000000 | HookCallFunction Analyzer::__register_for_port(Analyzer::ANALYZER_XMPP, 5269/tcp)
-0.000000 | HookCallFunction Analyzer::disable_analyzer(Analyzer::ANALYZER_BACKDOOR)
-0.000000 | HookCallFunction Analyzer::disable_analyzer(Analyzer::ANALYZER_INTERCONN)
 0.000000 | HookCallFunction Analyzer::disable_analyzer(Analyzer::ANALYZER_STEPPINGSTONE)
 0.000000 | HookCallFunction Analyzer::disable_analyzer(Analyzer::ANALYZER_TCPSTATS)
 0.000000 | HookCallFunction Analyzer::register_for_port(Analyzer::ANALYZER_AYIYA, 5072/udp)
@ -2071,7 +2055,7 @@
 0.000000 | HookCallFunction Log::__create_stream(Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])
 0.000000 | HookCallFunction Log::__create_stream(X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])
 0.000000 | HookCallFunction Log::__create_stream(mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])
-0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1561670974.090821, node=zeek, filter=ip or not ip, init=T, success=T])
+0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1561684839.152939, node=zeek, filter=ip or not ip, init=T, success=T])
 0.000000 | HookCallFunction Log::add_default_filter(Broker::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Cluster::LOG)
 0.000000 | HookCallFunction Log::add_default_filter(Config::LOG)
@ -2252,7 +2236,7 @@
 0.000000 | HookCallFunction Log::create_stream(Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])
 0.000000 | HookCallFunction Log::create_stream(X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])
 0.000000 | HookCallFunction Log::create_stream(mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])
-0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1561670974.090821, node=zeek, filter=ip or not ip, init=T, success=T])
+0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1561684839.152939, node=zeek, filter=ip or not ip, init=T, success=T])
 0.000000 | HookCallFunction NetControl::check_plugins()
 0.000000 | HookCallFunction NetControl::init()
 0.000000 | HookCallFunction Notice::want_pp()
@ -2367,7 +2351,6 @@
 0.000000 | HookLoadFile  .<...>/Zeek_ARP.events.bif.zeek
 0.000000 | HookLoadFile  .<...>/Zeek_AsciiReader.ascii.bif.zeek
 0.000000 | HookLoadFile  .<...>/Zeek_AsciiWriter.ascii.bif.zeek
-0.000000 | HookLoadFile  .<...>/Zeek_BackDoor.events.bif.zeek
 0.000000 | HookLoadFile  .<...>/Zeek_BenchmarkReader.benchmark.bif.zeek
 0.000000 | HookLoadFile  .<...>/Zeek_BinaryReader.binary.bif.zeek
 0.000000 | HookLoadFile  .<...>/Zeek_BitTorrent.events.bif.zeek
@ -2398,7 +2381,6 @@
 0.000000 | HookLoadFile  .<...>/Zeek_IMAP.events.bif.zeek
 0.000000 | HookLoadFile  .<...>/Zeek_IRC.events.bif.zeek
 0.000000 | HookLoadFile  .<...>/Zeek_Ident.events.bif.zeek
-0.000000 | HookLoadFile  .<...>/Zeek_InterConn.events.bif.zeek
 0.000000 | HookLoadFile  .<...>/Zeek_KRB.events.bif.zeek
 0.000000 | HookLoadFile  .<...>/Zeek_KRB.types.bif.zeek
 0.000000 | HookLoadFile  .<...>/Zeek_Login.events.bif.zeek
@ -2684,7 +2666,7 @@
 0.000000 | HookLoadFile  base<...>/xmpp
 0.000000 | HookLoadFile  base<...>/zeek.bif.zeek
 0.000000 | HookLogInit   packet_filter 1/1 {ts (time), node (string), filter (string), init (bool), success (bool)}
-0.000000 | HookLogWrite  packet_filter [ts=1561670974.090821, node=zeek, filter=ip or not ip, init=T, success=T]
+0.000000 | HookLogWrite  packet_filter [ts=1561684839.152939, node=zeek, filter=ip or not ip, init=T, success=T]
 0.000000 | HookQueueEvent NetControl::init()
 0.000000 | HookQueueEvent filter_change_tracking()
 0.000000 | HookQueueEvent zeek_init()
--- a/testing/btest/bifs/enable_raw_output.test
+++ b/testing/btest/bifs/enable_raw_output.test
@ -4,7 +4,6 @@
 # @TEST-EXEC: zeek -b %INPUT
 # @TEST-EXEC: tr '\000' 'X' <myfile >output
 # @TEST-EXEC: btest-diff output
-# @TEST-EXEC: cmp myfile hookfile

 event zeek_init()
    {
@ -14,10 +13,3 @@ event zeek_init()
    print myfile, "hello\x00world", "hi";
    close(myfile);
    }
-
-event print_hook(f: file, s: string)
-    {
-    local hookfile = open("hookfile");
-    write_file(hookfile, s);
-    close(hookfile);
-    }
--- a/testing/btest/core/reporter.zeek
+++ b/testing/btest/core/reporter.zeek
@ -1,7 +1,7 @@
 #
-# @TEST-EXEC: zeek %INPUT >output 2>&1
+# @TEST-EXEC: zeek -b %INPUT >output 2>&1
 # @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff output
-# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff logger-test.log
+# @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-abspath | $SCRIPTS/diff-remove-timestamps" btest-diff logger-test.log

 event zeek_init()
 {
@ -32,7 +32,7 @@ event connection_established(c: connection)
    first = 0;
 }

-global f = open_log_file("logger-test");
+global f = open("logger-test.log");

 event reporter_info(t: time, msg: string, location: string)
 	{
--- a/testing/btest/language/raw_output_attr.test
+++ b/testing/btest/language/raw_output_attr.test
@ -4,7 +4,6 @@
 # @TEST-EXEC: zeek -b %INPUT
 # @TEST-EXEC: tr '\000' 'X' <myfile >output
 # @TEST-EXEC: btest-diff output
-# @TEST-EXEC: cmp myfile hookfile

 # first check local variable of file type w/ &raw_output

@ -16,10 +15,3 @@ event zeek_init()
    print myfile, "hello\x00world", "hi";
    close(myfile);
    }
-
-event print_hook(f: file, s: string)
-    {
-    local hookfile = open("hookfile");
-    write_file(hookfile, s);
-    close(hookfile);
-    }
--- a/testing/btest/language/sizeof.zeek
+++ b/testing/btest/language/sizeof.zeek
@ -24,7 +24,7 @@ global a6: addr = [::1];
 global b:  bool = T;
 global c:  count = 10;
 global d:  double = -1.23;
-global f:  file = open_log_file("sizeof_demo");
+global f:  file = open("sizeof_demo.log");
 global i:  int = -10;
 global iv: interval = -5sec;
 global p:  port = 80/tcp;
--- a/testing/btest/scripts/base/frameworks/logging/file.zeek
+++ b/testing/btest/scripts/base/frameworks/logging/file.zeek
@ -13,7 +13,7 @@ export {
 	} &log;
 }

-const foo_log = open_log_file("Foo") &redef;
+const foo_log = open("Foo.log") &redef;

 event zeek_init()
 {