Move DataSeries and ElasticSearch into plugins.

2025-10-12 11:38:20 +00:00 · 2014-08-06 18:43:11 -07:00 · 2014-08-06 18:43:11 -07:00 · 8737eae906
commit 8737eae906
parent 8031da4ee7
35 changed files with 9 additions and 2297 deletions
--- a/testing/btest/scripts/base/frameworks/logging/dataseries/options.bro
+++ b/testing/btest/scripts/base/frameworks/logging/dataseries/options.bro
@ -1,44 +0,0 @@
-#
-# @TEST-REQUIRES: has-writer Bro::DataSeriesWriter && which ds2txt
-# @TEST-GROUP: dataseries
-#
-# @TEST-EXEC: bro -b %INPUT Log::default_writer=Log::WRITER_DATASERIES
-# @TEST-EXEC: test -e ssh.ds.xml
-# @TEST-EXEC: btest-diff ssh.ds.xml
-
-module SSH;
-
-redef LogDataSeries::dump_schema = T;
-
-# Haven't yet found a way to check for the effect of these.
-redef LogDataSeries::compression = "bz2";
-redef LogDataSeries::extent_size = 1000;
-redef LogDataSeries::num_threads = 5;
-
-# LogDataSeries::use_integer_for_time is tested separately.
-
-export {
-	redef enum Log::ID += { LOG };
-
-	type Log: record {
-		t: time;
-		id: conn_id; # Will be rolled out into individual columns.
-		status: string &optional;
-		country: string &default="unknown";
-	} &log;
-}
-
-event bro_init()
-{
-	Log::create_stream(SSH::LOG, [$columns=Log]);
-
-    local cid = [$orig_h=1.2.3.4, $orig_p=1234/tcp, $resp_h=2.3.4.5, $resp_p=80/tcp];
-
-	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="success"]);
-	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="failure", $country="US"]);
-	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="failure", $country="UK"]);
-	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="success", $country="BR"]);
-	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="failure", $country="MX"]);
-	
-}
-
--- a/testing/btest/scripts/base/frameworks/logging/dataseries/rotate.bro
+++ b/testing/btest/scripts/base/frameworks/logging/dataseries/rotate.bro
@ -1,34 +0,0 @@
-#
-# @TEST-REQUIRES: has-writer Bro::DataSeriesWriter && which ds2txt
-# @TEST-GROUP: dataseries
-#
-# @TEST-EXEC: bro -b -r ${TRACES}/rotation.trace %INPUT 2>&1 Log::default_writer=Log::WRITER_DATASERIES | grep "test" >out
-# @TEST-EXEC: for i in test.*.ds; do printf '> %s\n' $i; ds2txt --skip-index $i; done >>out
-# @TEST-EXEC: btest-diff out
-
-module Test;
-
-export {
-	# Create a new ID for our log stream
-	redef enum Log::ID += { LOG };
-
-	# Define a record with all the columns the log file can have.
-	# (I'm using a subset of fields from ssh-ext for demonstration.)
-	type Log: record {
-		t: time;
-		id: conn_id; # Will be rolled out into individual columns.
-	} &log;
-}
-
-redef Log::default_rotation_interval = 1hr;
-redef Log::default_rotation_postprocessor_cmd = "echo";
-
-event bro_init()
-{
-	Log::create_stream(Test::LOG, [$columns=Log]);
-}
-
-event new_connection(c: connection)
-	{
-	Log::write(Test::LOG, [$t=network_time(), $id=c$id]);
-	}
--- a/testing/btest/scripts/base/frameworks/logging/dataseries/test-logging.bro
+++ b/testing/btest/scripts/base/frameworks/logging/dataseries/test-logging.bro
@ -1,35 +0,0 @@
-#
-# @TEST-REQUIRES: has-writer Bro::DataSeriesWriter && which ds2txt
-# @TEST-GROUP: dataseries
-#
-# @TEST-EXEC: bro -b %INPUT Log::default_writer=Log::WRITER_DATASERIES
-# @TEST-EXEC: ds2txt --skip-index ssh.ds >ssh.ds.txt
-# @TEST-EXEC: btest-diff ssh.ds.txt
-
-module SSH;
-
-export {
-	redef enum Log::ID += { LOG };
-
-	type Log: record {
-		t: time;
-		id: conn_id; # Will be rolled out into individual columns.
-		status: string &optional;
-		country: string &default="unknown";
-	} &log;
-}
-
-event bro_init()
-{
-	Log::create_stream(SSH::LOG, [$columns=Log]);
-
-    local cid = [$orig_h=1.2.3.4, $orig_p=1234/tcp, $resp_h=2.3.4.5, $resp_p=80/tcp];
-
-	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="success"]);
-	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="failure", $country="US"]);
-	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="failure", $country="UK"]);
-	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="success", $country="BR"]);
-	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="failure", $country="MX"]);
-	
-}
-
--- a/testing/btest/scripts/base/frameworks/logging/dataseries/time-as-int.bro
+++ b/testing/btest/scripts/base/frameworks/logging/dataseries/time-as-int.bro
@ -1,9 +0,0 @@
-#
-# @TEST-REQUIRES: has-writer Bro::DataSeriesWriter && which ds2txt
-# @TEST-GROUP: dataseries
-#
-# @TEST-EXEC: bro -r $TRACES/wikipedia.trace %INPUT Log::default_writer=Log::WRITER_DATASERIES
-# @TEST-EXEC: ds2txt --skip-index conn.ds >conn.ds.txt
-# @TEST-EXEC: btest-diff conn.ds.txt
-
-redef LogDataSeries::use_integer_for_time = T;
--- a/testing/btest/scripts/base/frameworks/logging/dataseries/wikipedia.bro
+++ b/testing/btest/scripts/base/frameworks/logging/dataseries/wikipedia.bro
@ -1,9 +0,0 @@
-#
-# @TEST-REQUIRES: has-writer Bro::DataSeriesWriter && which ds2txt
-# @TEST-GROUP: dataseries
-#
-# @TEST-EXEC: bro -r $TRACES/wikipedia.trace Log::default_writer=Log::WRITER_DATASERIES
-# @TEST-EXEC: ds2txt --skip-index conn.ds >conn.ds.txt
-# @TEST-EXEC: ds2txt --skip-index http.ds >http.ds.txt
-# @TEST-EXEC: btest-diff conn.ds.txt
-# @TEST-EXEC: btest-diff http.ds.txt