Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 10:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fixed a bug where notices and the conn log.

Browse source 
- Notices that weren't logged were still tagging
  the conn log which was confusing.  Only logged
  notices are now tagged in the conn log.
This commit is contained in:
Seth Hall 2011-06-09 12:50:00 -04:00
parent 31b63295a1
commit 8c71e68c05
1 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

16
policy/frameworks/notice/base.bro
View file

@ -253,14 +253,6 @@ function fill_in_missing_details(n: Notice::Info)
# Generate a unique ID for this notice. # Generate a unique ID for this notice.
n$tag = unique_id("@"); n$tag = unique_id("@");
# Add the tag to the connection's notice_tags if there is a connection.
if ( n?$conn && n$conn?$conn )
{
if ( ! n$conn$conn?$notice_tags )
n$conn$conn$notice_tags = set();
add n$conn$conn$notice_tags[n$tag];
}
local action = match n using policy; local action = match n using policy;
if ( action != ACTION_IGNORE && if ( action != ACTION_IGNORE &&
action != ACTION_FILE && action != ACTION_FILE &&
@ -277,6 +269,14 @@ event notice(n: Notice::Info) &priority=-5
if ( n$action != ACTION_IGNORE ) if ( n$action != ACTION_IGNORE )
{ {
# Add the tag to the connection's notice_tags if there is a connection.
if ( n?$conn && n$conn?$conn )
{
if ( ! n$conn$conn?$notice_tags )
n$conn$conn$notice_tags = set();
add n$conn$conn$notice_tags[n$tag];
}
Log::write(NOTICE_LOG, n); Log::write(NOTICE_LOG, n);
if ( n$action != ACTION_FILE && n$do_alarm ) if ( n$action != ACTION_FILE && n$do_alarm )