diff --git a/doc b/doc index 0cb30512c5..bcbcf4f766 160000 --- a/doc +++ b/doc @@ -1 +1 @@ -Subproject commit 0cb30512c52990fcdb1e93b5219f65c9b3d18dce +Subproject commit bcbcf4f7663088e017101df4cab5ebdb35ce4d09 diff --git a/scripts/base/frameworks/supervisor/__load__.zeek b/scripts/base/frameworks/supervisor/__load__.zeek index e3034f5f0b..97de26a373 100644 --- a/scripts/base/frameworks/supervisor/__load__.zeek +++ b/scripts/base/frameworks/supervisor/__load__.zeek @@ -1,2 +1,3 @@ @load ./api +@load ./control @load ./main diff --git a/scripts/base/frameworks/supervisor/api.zeek b/scripts/base/frameworks/supervisor/api.zeek index 767bd8803f..814a8da5f3 100644 --- a/scripts/base/frameworks/supervisor/api.zeek +++ b/scripts/base/frameworks/supervisor/api.zeek @@ -114,76 +114,4 @@ export { ## It's an error to call this function from a process other than ## a supervised one. global node: function(): NodeConfig; - - ## Send a request to a remote Supervisor process to create a node. - ## - ## reqid: an arbitrary string that will be directly echoed in the response - ## - ## node: the desired configuration for the new supervised node process. - global Supervisor::create_request: event(reqid: string, node: NodeConfig); - - ## Handle a response from a Supervisor process that received - ## :zeek:see:`Supervisor::create_request`. - ## - ## reqid: an arbitrary string matching the value in the original request. - ## - ## result: the return value of the remote call to - ## :zeek:see:`Supervisor::create`. - global Supervisor::create_response: event(reqid: string, result: string); - - ## Send a request to a remote Supervisor process to retrieve node status. - ## - ## reqid: an arbitrary string that will be directly echoed in the response - ## - ## node: the name of the node to get status of or empty string to mean "all - ## nodes". - global Supervisor::status_request: event(reqid: string, node: string); - - ## Handle a response from a Supervisor process that received - ## :zeek:see:`Supervisor::status_request`. - ## - ## reqid: an arbitrary string matching the value in the original request. - ## - ## result: the return value of the remote call to - ## :zeek:see:`Supervisor::status`. - global Supervisor::status_response: event(reqid: string, result: Status); - - ## Send a request to a remote Supervisor process to restart a node. - ## - ## reqid: an arbitrary string that will be directly echoed in the response - ## - ## node: the name of the node to restart or empty string to mean "all - ## nodes". - global Supervisor::restart_request: event(reqid: string, node: string); - - ## Handle a response from a Supervisor process that received - ## :zeek:see:`Supervisor::restart_request`. - ## - ## reqid: an arbitrary string matching the value in the original request. - ## - ## result: the return value of the remote call to - ## :zeek:see:`Supervisor::restart`. - global Supervisor::restart_response: event(reqid: string, result: bool); - - ## Send a request to a remote Supervisor process to destroy a node. - ## - ## reqid: an arbitrary string that will be directly echoed in the response - ## - ## node: the name of the node to destory or empty string to mean "all - ## nodes". - global Supervisor::destroy_request: event(reqid: string, node: string); - - ## Handle a response from a Supervisor process that received - ## :zeek:see:`Supervisor::destroy_request`. - ## - ## reqid: an arbitrary string matching the value in the original request. - ## - ## result: the return value of the remote call to - ## :zeek:see:`Supervisor::destroy`. - global Supervisor::destroy_response: event(reqid: string, result: bool); - - ## Send a request to a remote Supervisor to stop and shutdown its - ## process tree. There is no response to this message as the Supervisor - ## simply terminates on receipt. - global Supervisor::stop_request: event(); } diff --git a/scripts/base/frameworks/supervisor/control.zeek b/scripts/base/frameworks/supervisor/control.zeek new file mode 100644 index 0000000000..7b3b4a8e5c --- /dev/null +++ b/scripts/base/frameworks/supervisor/control.zeek @@ -0,0 +1,86 @@ +##! The Zeek process supervision (remote) control API. This defines a Broker topic +##! prefix and events that can be used to control an external Zeek supervisor process. + +@load ./api + +module SupervisorControl; + +export { + ## The Broker topic prefix to use when subscribing to Supervisor API + ## requests and when publishing Supervisor API responses. If you are + ## publishing Supervisor requests, this is also the prefix string to use + ## for their topic names. + const topic_prefix = "zeek/supervisor" &redef; + + ## Send a request to a remote Supervisor process to create a node. + ## + ## reqid: an arbitrary string that will be directly echoed in the response + ## + ## node: the desired configuration for the new supervised node process. + global SupervisorControl::create_request: event(reqid: string, node: Supervisor::NodeConfig); + + ## Handle a response from a Supervisor process that received + ## :zeek:see:`SupervisorControl::create_request`. + ## + ## reqid: an arbitrary string matching the value in the original request. + ## + ## result: the return value of the remote call to + ## :zeek:see:`Supervisor::create`. + global SupervisorControl::create_response: event(reqid: string, result: string); + + ## Send a request to a remote Supervisor process to retrieve node status. + ## + ## reqid: an arbitrary string that will be directly echoed in the response + ## + ## node: the name of the node to get status of or empty string to mean "all + ## nodes". + global SupervisorControl::status_request: event(reqid: string, node: string); + + ## Handle a response from a Supervisor process that received + ## :zeek:see:`SupervisorControl::status_request`. + ## + ## reqid: an arbitrary string matching the value in the original request. + ## + ## result: the return value of the remote call to + ## :zeek:see:`Supervisor::status`. + global SupervisorControl::status_response: event(reqid: string, result: Supervisor::Status); + + ## Send a request to a remote Supervisor process to restart a node. + ## + ## reqid: an arbitrary string that will be directly echoed in the response + ## + ## node: the name of the node to restart or empty string to mean "all + ## nodes". + global SupervisorControl::restart_request: event(reqid: string, node: string); + + ## Handle a response from a Supervisor process that received + ## :zeek:see:`SupervisorControl::restart_request`. + ## + ## reqid: an arbitrary string matching the value in the original request. + ## + ## result: the return value of the remote call to + ## :zeek:see:`Supervisor::restart`. + global SupervisorControl::restart_response: event(reqid: string, result: bool); + + ## Send a request to a remote Supervisor process to destroy a node. + ## + ## reqid: an arbitrary string that will be directly echoed in the response + ## + ## node: the name of the node to destory or empty string to mean "all + ## nodes". + global SupervisorControl::destroy_request: event(reqid: string, node: string); + + ## Handle a response from a Supervisor process that received + ## :zeek:see:`SupervisorControl::destroy_request`. + ## + ## reqid: an arbitrary string matching the value in the original request. + ## + ## result: the return value of the remote call to + ## :zeek:see:`Supervisor::destroy`. + global SupervisorControl::destroy_response: event(reqid: string, result: bool); + + ## Send a request to a remote Supervisor to stop and shutdown its + ## process tree. There is no response to this message as the Supervisor + ## simply terminates on receipt. + global SupervisorControl::stop_request: event(); +} diff --git a/scripts/base/frameworks/supervisor/main.zeek b/scripts/base/frameworks/supervisor/main.zeek index 5a7a163df0..f892907055 100644 --- a/scripts/base/frameworks/supervisor/main.zeek +++ b/scripts/base/frameworks/supervisor/main.zeek @@ -1,63 +1,16 @@ -##! Implements Zeek process supervision configuration options and default -##! behavior. +##! Implements Zeek process supervision API and default behavior for its +##! associated (remote) control events. @load ./api +@load ./control @load base/frameworks/broker -module Supervisor; - -export { - ## The Broker topic prefix to use when subscribing to Supervisor API - ## requests and when publishing Supervisor API responses. If you are - ## publishing Supervisor requests, this is also the prefix string to use - ## for their topic names. - const topic_prefix = "zeek/supervisor" &redef; -} - -event zeek_init() &priority=10 - { - Broker::subscribe(Supervisor::topic_prefix); - } - -event Supervisor::stop_request() - { - terminate(); - } - -event Supervisor::status_request(reqid: string, node: string) - { - local res = Supervisor::status(node); - local topic = Supervisor::topic_prefix + fmt("/status_response/%s", reqid); - Broker::publish(topic, Supervisor::status_response, reqid, res); - } - -event Supervisor::create_request(reqid: string, node: NodeConfig) - { - local res = Supervisor::create(node); - local topic = Supervisor::topic_prefix + fmt("/create_response/%s", reqid); - Broker::publish(topic, Supervisor::create_response, reqid, res); - } - -event Supervisor::destroy_request(reqid: string, node: string) - { - local res = Supervisor::destroy(node); - local topic = Supervisor::topic_prefix + fmt("/destroy_response/%s", reqid); - Broker::publish(topic, Supervisor::destroy_response, reqid, res); - } - -event Supervisor::restart_request(reqid: string, node: string) - { - local res = Supervisor::restart(node); - local topic = Supervisor::topic_prefix + fmt("/restart_response/%s", reqid); - Broker::publish(topic, Supervisor::restart_response, reqid, res); - } - -function Supervisor::status(node: string): Status +function Supervisor::status(node: string): Supervisor::Status { return Supervisor::__status(node); } -function Supervisor::create(node: NodeConfig): string +function Supervisor::create(node: Supervisor::NodeConfig): string { return Supervisor::__create(node); } @@ -72,17 +25,70 @@ function Supervisor::restart(node: string): bool return Supervisor::__restart(node); } -function is_supervisor(): bool +function Supervisor::is_supervisor(): bool { return Supervisor::__is_supervisor(); } -function is_supervised(): bool +function Supervisor::is_supervised(): bool { return Supervisor::__is_supervised(); } -function node(): NodeConfig +function Supervisor::node(): Supervisor::NodeConfig { return Supervisor::__node(); } + +event zeek_init() &priority=10 + { + Broker::subscribe(SupervisorControl::topic_prefix); + } + +event SupervisorControl::stop_request() + { + if ( ! Supervisor::is_supervisor() ) + return; + + terminate(); + } + +event SupervisorControl::status_request(reqid: string, node: string) + { + if ( ! Supervisor::is_supervisor() ) + return; + + local res = Supervisor::status(node); + local topic = SupervisorControl::topic_prefix + fmt("/status_response/%s", reqid); + Broker::publish(topic, SupervisorControl::status_response, reqid, res); + } + +event SupervisorControl::create_request(reqid: string, node: Supervisor::NodeConfig) + { + if ( ! Supervisor::is_supervisor() ) + return; + + local res = Supervisor::create(node); + local topic = SupervisorControl::topic_prefix + fmt("/create_response/%s", reqid); + Broker::publish(topic, SupervisorControl::create_response, reqid, res); + } + +event SupervisorControl::destroy_request(reqid: string, node: string) + { + if ( ! Supervisor::is_supervisor() ) + return; + + local res = Supervisor::destroy(node); + local topic = SupervisorControl::topic_prefix + fmt("/destroy_response/%s", reqid); + Broker::publish(topic, SupervisorControl::destroy_response, reqid, res); + } + +event SupervisorControl::restart_request(reqid: string, node: string) + { + if ( ! Supervisor::is_supervisor() ) + return; + + local res = Supervisor::restart(node); + local topic = SupervisorControl::topic_prefix + fmt("/restart_response/%s", reqid); + Broker::publish(topic, SupervisorControl::restart_response, reqid, res); + } diff --git a/testing/btest/Baseline/core.check-unused-event-handlers/.stderr b/testing/btest/Baseline/core.check-unused-event-handlers/.stderr index f7d99adbfe..56eb1756c4 100644 --- a/testing/btest/Baseline/core.check-unused-event-handlers/.stderr +++ b/testing/btest/Baseline/core.check-unused-event-handlers/.stderr @@ -1,8 +1,8 @@ warning in , line 1: event handler never invoked: InputConfig::new_value warning in , line 1: event handler never invoked: InputRaw::process_finished -warning in , line 1: event handler never invoked: Supervisor::create_request -warning in , line 1: event handler never invoked: Supervisor::destroy_request -warning in , line 1: event handler never invoked: Supervisor::restart_request -warning in , line 1: event handler never invoked: Supervisor::status_request -warning in , line 1: event handler never invoked: Supervisor::stop_request +warning in , line 1: event handler never invoked: SupervisorControl::create_request +warning in , line 1: event handler never invoked: SupervisorControl::destroy_request +warning in , line 1: event handler never invoked: SupervisorControl::restart_request +warning in , line 1: event handler never invoked: SupervisorControl::status_request +warning in , line 1: event handler never invoked: SupervisorControl::stop_request warning in , line 1: event handler never invoked: this_is_never_used diff --git a/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log b/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log index 583e4f8def..382bb30cb2 100644 --- a/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log +++ b/testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log @@ -38,6 +38,7 @@ scripts/base/init-frameworks-and-bifs.zeek build/scripts/base/bif/store.bif.zeek scripts/base/frameworks/broker/log.zeek scripts/base/frameworks/supervisor/__load__.zeek + scripts/base/frameworks/supervisor/control.zeek scripts/base/frameworks/supervisor/main.zeek scripts/base/frameworks/input/__load__.zeek scripts/base/frameworks/input/main.zeek diff --git a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log index 82b307c9d2..5d9fbfde6d 100644 --- a/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log +++ b/testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log @@ -38,6 +38,7 @@ scripts/base/init-frameworks-and-bifs.zeek build/scripts/base/bif/store.bif.zeek scripts/base/frameworks/broker/log.zeek scripts/base/frameworks/supervisor/__load__.zeek + scripts/base/frameworks/supervisor/control.zeek scripts/base/frameworks/supervisor/main.zeek scripts/base/frameworks/input/__load__.zeek scripts/base/frameworks/input/main.zeek diff --git a/testing/btest/Baseline/plugins.hooks/output b/testing/btest/Baseline/plugins.hooks/output index 28cce57ab0..dde704c5af 100644 --- a/testing/btest/Baseline/plugins.hooks/output +++ b/testing/btest/Baseline/plugins.hooks/output @@ -276,7 +276,7 @@ 0.000000 MetaHookPost CallFunction(Log::__create_stream, , (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])) -> 0.000000 MetaHookPost CallFunction(Log::__create_stream, , (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])) -> 0.000000 MetaHookPost CallFunction(Log::__create_stream, , (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])) -> -0.000000 MetaHookPost CallFunction(Log::__write, , (PacketFilter::LOG, [ts=1578437544.484903, node=zeek, filter=ip or not ip, init=T, success=T])) -> +0.000000 MetaHookPost CallFunction(Log::__write, , (PacketFilter::LOG, [ts=1579727603.636084, node=zeek, filter=ip or not ip, init=T, success=T])) -> 0.000000 MetaHookPost CallFunction(Log::add_default_filter, , (Broker::LOG)) -> 0.000000 MetaHookPost CallFunction(Log::add_default_filter, , (Cluster::LOG)) -> 0.000000 MetaHookPost CallFunction(Log::add_default_filter, , (Config::LOG)) -> @@ -457,7 +457,7 @@ 0.000000 MetaHookPost CallFunction(Log::create_stream, , (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])) -> 0.000000 MetaHookPost CallFunction(Log::create_stream, , (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])) -> 0.000000 MetaHookPost CallFunction(Log::create_stream, , (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])) -> -0.000000 MetaHookPost CallFunction(Log::write, , (PacketFilter::LOG, [ts=1578437544.484903, node=zeek, filter=ip or not ip, init=T, success=T])) -> +0.000000 MetaHookPost CallFunction(Log::write, , (PacketFilter::LOG, [ts=1579727603.636084, node=zeek, filter=ip or not ip, init=T, success=T])) -> 0.000000 MetaHookPost CallFunction(NetControl::check_plugins, , ()) -> 0.000000 MetaHookPost CallFunction(NetControl::init, , ()) -> 0.000000 MetaHookPost CallFunction(Notice::want_pp, , ()) -> @@ -711,6 +711,7 @@ 0.000000 MetaHookPost LoadFile(0, .<...>/const.bif.zeek) -> -1 0.000000 MetaHookPost LoadFile(0, .<...>/consts.zeek) -> -1 0.000000 MetaHookPost LoadFile(0, .<...>/contents.zeek) -> -1 +0.000000 MetaHookPost LoadFile(0, .<...>/control.zeek) -> -1 0.000000 MetaHookPost LoadFile(0, .<...>/ct-list.zeek) -> -1 0.000000 MetaHookPost LoadFile(0, .<...>/data.bif.zeek) -> -1 0.000000 MetaHookPost LoadFile(0, .<...>/dcc-send.zeek) -> -1 @@ -1179,7 +1180,7 @@ 0.000000 MetaHookPre CallFunction(Log::__create_stream, , (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])) 0.000000 MetaHookPre CallFunction(Log::__create_stream, , (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])) 0.000000 MetaHookPre CallFunction(Log::__create_stream, , (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])) -0.000000 MetaHookPre CallFunction(Log::__write, , (PacketFilter::LOG, [ts=1578437544.484903, node=zeek, filter=ip or not ip, init=T, success=T])) +0.000000 MetaHookPre CallFunction(Log::__write, , (PacketFilter::LOG, [ts=1579727603.636084, node=zeek, filter=ip or not ip, init=T, success=T])) 0.000000 MetaHookPre CallFunction(Log::add_default_filter, , (Broker::LOG)) 0.000000 MetaHookPre CallFunction(Log::add_default_filter, , (Cluster::LOG)) 0.000000 MetaHookPre CallFunction(Log::add_default_filter, , (Config::LOG)) @@ -1360,7 +1361,7 @@ 0.000000 MetaHookPre CallFunction(Log::create_stream, , (Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird])) 0.000000 MetaHookPre CallFunction(Log::create_stream, , (X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509])) 0.000000 MetaHookPre CallFunction(Log::create_stream, , (mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql])) -0.000000 MetaHookPre CallFunction(Log::write, , (PacketFilter::LOG, [ts=1578437544.484903, node=zeek, filter=ip or not ip, init=T, success=T])) +0.000000 MetaHookPre CallFunction(Log::write, , (PacketFilter::LOG, [ts=1579727603.636084, node=zeek, filter=ip or not ip, init=T, success=T])) 0.000000 MetaHookPre CallFunction(NetControl::check_plugins, , ()) 0.000000 MetaHookPre CallFunction(NetControl::init, , ()) 0.000000 MetaHookPre CallFunction(Notice::want_pp, , ()) @@ -1614,6 +1615,7 @@ 0.000000 MetaHookPre LoadFile(0, .<...>/const.bif.zeek) 0.000000 MetaHookPre LoadFile(0, .<...>/consts.zeek) 0.000000 MetaHookPre LoadFile(0, .<...>/contents.zeek) +0.000000 MetaHookPre LoadFile(0, .<...>/control.zeek) 0.000000 MetaHookPre LoadFile(0, .<...>/ct-list.zeek) 0.000000 MetaHookPre LoadFile(0, .<...>/data.bif.zeek) 0.000000 MetaHookPre LoadFile(0, .<...>/dcc-send.zeek) @@ -2081,7 +2083,7 @@ 0.000000 | HookCallFunction Log::__create_stream(Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird]) 0.000000 | HookCallFunction Log::__create_stream(X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509]) 0.000000 | HookCallFunction Log::__create_stream(mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql]) -0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1578437544.484903, node=zeek, filter=ip or not ip, init=T, success=T]) +0.000000 | HookCallFunction Log::__write(PacketFilter::LOG, [ts=1579727603.636084, node=zeek, filter=ip or not ip, init=T, success=T]) 0.000000 | HookCallFunction Log::add_default_filter(Broker::LOG) 0.000000 | HookCallFunction Log::add_default_filter(Cluster::LOG) 0.000000 | HookCallFunction Log::add_default_filter(Config::LOG) @@ -2262,7 +2264,7 @@ 0.000000 | HookCallFunction Log::create_stream(Weird::LOG, [columns=Weird::Info, ev=Weird::log_weird, path=weird]) 0.000000 | HookCallFunction Log::create_stream(X509::LOG, [columns=X509::Info, ev=X509::log_x509, path=x509]) 0.000000 | HookCallFunction Log::create_stream(mysql::LOG, [columns=MySQL::Info, ev=MySQL::log_mysql, path=mysql]) -0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1578437544.484903, node=zeek, filter=ip or not ip, init=T, success=T]) +0.000000 | HookCallFunction Log::write(PacketFilter::LOG, [ts=1579727603.636084, node=zeek, filter=ip or not ip, init=T, success=T]) 0.000000 | HookCallFunction NetControl::check_plugins() 0.000000 | HookCallFunction NetControl::init() 0.000000 | HookCallFunction Notice::want_pp() @@ -2518,6 +2520,7 @@ 0.000000 | HookLoadFile .<...>/const.bif.zeek 0.000000 | HookLoadFile .<...>/consts.zeek 0.000000 | HookLoadFile .<...>/contents.zeek +0.000000 | HookLoadFile .<...>/control.zeek 0.000000 | HookLoadFile .<...>/ct-list.zeek 0.000000 | HookLoadFile .<...>/data.bif.zeek 0.000000 | HookLoadFile .<...>/dcc-send.zeek @@ -2702,7 +2705,7 @@ 0.000000 | HookLoadFile base<...>/xmpp 0.000000 | HookLoadFile base<...>/zeek.bif.zeek 0.000000 | HookLogInit packet_filter 1/1 {ts (time), node (string), filter (string), init (bool), success (bool)} -0.000000 | HookLogWrite packet_filter [ts=1578437544.484903, node=zeek, filter=ip or not ip, init=T, success=T] +0.000000 | HookLogWrite packet_filter [ts=1579727603.636084, node=zeek, filter=ip or not ip, init=T, success=T] 0.000000 | HookQueueEvent NetControl::init() 0.000000 | HookQueueEvent filter_change_tracking() 0.000000 | HookQueueEvent zeek_init()