Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-14 12:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Change the function for log extension to take a path only and update tests.

Browse source 
We were having stack overflow issues creep in with the self-referential
field for the log extension function.
This commit is contained in:
Seth Hall 2016-08-10 13:53:27 -04:00
parent 5f6565d62c
commit 79e49e1ab5
11 changed files with 213 additions and 150 deletions
Download patch file Download diff file Expand all files Collapse all files

50
scripts/base/frameworks/logging/main.bro
View file

@ -123,6 +123,19 @@ export {
## "id.orig_h" to turn into "id_orig_h".
const default_scope_sep = "." &redef;
## A prefix for extension fields which can be optionally prefixed
## on all log lines by setting the `ext_func` field in the
## log filter.
const Log::default_ext_prefix: string = "_" &redef;
## Default log extension function in the case that you would like to
## apply the same extensions to all logs. The function *must* return
## a record with all of the fields to be included in the log. The
## default function included here returns F as a marker to indicate
## that it has no implementation.
const Log::default_ext_func: function(path: string): any =
function(path: string): bool { return F; } &redef;
## A filter type describes how to customize logging streams.
type Filter: record {
## Descriptive name to reference this filter.
@ -205,6 +218,16 @@ export {
## for nested record types.
scope_sep: string &default=default_scope_sep;
## Default prefix for all extension fields. It's typically
## prudent to set this to something that Bro's logging
## framework can't normally write out in a field name.
ext_prefix: string &default=Log::default_ext_prefix;
## Function to collect a log extension value. If not specified,
## no log extension will be provided for the log.
## The return value from the function *must* be a record.
ext_func: function(path: string): any &default=Log::default_ext_func;
## Rotation interval. Zero disables rotation.
interv: interval &default=default_rotation_interval;
@ -218,33 +241,6 @@ export {
config: table[string] of string &default=table();
};
## A prefix for extension fields which can be optionally prefixed
## on all log lines by setting the `ext_func` field in the
## log filter.
const Log::default_ext_prefix: string = "_" &redef;
## Default log extension function in the case that you would like to
## apply the same extensions to all logs. The function *must* return
## a record with all of the fields to be included in the log. The
## default function included here returns F as a marker to indicate
## that it has no implementation.
const Log::default_ext_func: function(filter: Log::Filter): any =
function(filter: Log::Filter): bool { return F; } &redef;
# This is a hack for now since fields can't self-reference the
# record type they are contained within.
redef record Log::Filter += {
## Default prefix for all extension fields. It's typically
## prudent to set this to something that Bro's logging
## framework can't normally write out in a field name.
ext_prefix: string &default=Log::default_ext_prefix;
## Function to collect a log extension value. If not specified,
## no log extension will be provided for the log.
## The return value from the function *must* be a record.
ext_func: function(filter: Log::Filter): any &default=Log::default_ext_func;
};
## Sentinel value for indicating that a filter was not found when looked up.
const no_filter: Filter = [$name="<not found>"];