Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 00:58:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Escape the empty indicator in logs if it occurs literally as a field's

Browse source 
actual content.

Addresses BIT-931.
This commit is contained in:
Robin Sommer 2016-07-05 16:34:24 -07:00
parent 9360112e8a
commit 721693425f
3 changed files with 55 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

24
testing/btest/scripts/base/frameworks/logging/ascii-escape-empty-str.bro Normal file
View file

@ -0,0 +1,24 @@
#
# @TEST-EXEC: bro -b %INPUT
# @TEST-EXEC: btest-diff test.log
redef LogAscii::empty_field = "EMPTY";
module test;
export {
redef enum Log::ID += { LOG };
type Log: record {
ss: set[string];
} &log;
}
event bro_init()
{
Log::create_stream(test::LOG, [$columns=Log]);
Log::write(test::LOG, [
$ss=set("EMPTY")
]);
}