diff --git a/CHANGES b/CHANGES index 44a3edc3c6..79a477643a 100644 --- a/CHANGES +++ b/CHANGES @@ -1,4 +1,23 @@ +2.0-898 | 2012-07-27 12:22:03 -0700 + + * Small (potential performance) improvement for logging framework. (Seth Hall) + + * Script-level rotation postprocessor fix. This fixes a problem with + writers that don't have a postprocessor. (Seth Hall) + + * Update input framework documentation to reflect want_record + change. (Bernhard Amann) + + * Fix crash when encountering an InterpreterException in a predicate + in logging or input Framework. (Bernhard Amann) + + * Input framework: Make want_record=T the default for events + (Bernhard Amann) + + * Changing the start/end markers in logs to open/close now + reflecting wall clock. (Robin Sommer) + 2.0-891 | 2012-07-26 17:15:10 -0700 * Reader/writer API: preventing plugins from receiving further diff --git a/VERSION b/VERSION index b97bde7b8d..317c807dfd 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.0-891 +2.0-898 diff --git a/scripts/base/frameworks/input/main.bro b/scripts/base/frameworks/input/main.bro index c31f92dba5..55da6ae7ec 100644 --- a/scripts/base/frameworks/input/main.bro +++ b/scripts/base/frameworks/input/main.bro @@ -82,11 +82,11 @@ export { ## Record describing the fields to be retrieved from the source input. fields: any; - ## If want_record if false (default), the event receives each value in fields as a seperate argument. - ## If it is set to true, the event receives all fields in a signle record value. - want_record: bool &default=F; + ## If want_record if false, the event receives each value in fields as a separate argument. + ## If it is set to true (default), the event receives all fields in a single record value. + want_record: bool &default=T; - ## The event that is rised each time a new line is received from the reader. + ## The event that is raised each time a new line is received from the reader. ## The event will receive an Input::Event enum as the first element, and the fields as the following arguments. ev: any; diff --git a/scripts/base/frameworks/logging/main.bro b/scripts/base/frameworks/logging/main.bro index 79c9884f9d..c29215fd86 100644 --- a/scripts/base/frameworks/logging/main.bro +++ b/scripts/base/frameworks/logging/main.bro @@ -341,22 +341,23 @@ function __default_rotation_postprocessor(info: RotationInfo) : bool { if ( info$writer in default_rotation_postprocessors ) return default_rotation_postprocessors[info$writer](info); - - return F; + else + # Return T by default so that postprocessor-less writers don't shutdown. + return T; } function default_path_func(id: ID, path: string, rec: any) : string { + # The suggested path value is a previous result of this function + # or a filter path explicitly set by the user, so continue using it. + if ( path != "" ) + return path; + local id_str = fmt("%s", id); local parts = split1(id_str, /::/); if ( |parts| == 2 ) { - # The suggested path value is a previous result of this function - # or a filter path explicitly set by the user, so continue using it. - if ( path != "" ) - return path; - # Example: Notice::LOG -> "notice" if ( parts[2] == "LOG" ) { diff --git a/src/input/Manager.cc b/src/input/Manager.cc index 19d61d7a44..64e54f9333 100644 --- a/src/input/Manager.cc +++ b/src/input/Manager.cc @@ -1546,7 +1546,7 @@ bool Manager::Delete(ReaderFrontend* reader, Value* *vals) bool Manager::CallPred(Func* pred_func, const int numvals, ...) { - bool result; + bool result = false; val_list vl(numvals); va_list lP; @@ -1557,10 +1557,13 @@ bool Manager::CallPred(Func* pred_func, const int numvals, ...) va_end(lP); Val* v = pred_func->Call(&vl); - result = v->AsBool(); - Unref(v); + if ( v ) + { + result = v->AsBool(); + Unref(v); + } - return(result); + return result; } bool Manager::SendEvent(const string& name, const int num_vals, Value* *vals) diff --git a/src/logging/Manager.cc b/src/logging/Manager.cc index 568a777fac..269ba32bfa 100644 --- a/src/logging/Manager.cc +++ b/src/logging/Manager.cc @@ -686,16 +686,13 @@ bool Manager::Write(EnumVal* id, RecordVal* columns) int result = 1; - try + Val* v = filter->pred->Call(&vl); + if ( v ) { - Val* v = filter->pred->Call(&vl); result = v->AsBool(); Unref(v); } - catch ( InterpreterException& e ) - { /* Already reported. */ } - if ( ! result ) continue; } @@ -726,15 +723,10 @@ bool Manager::Write(EnumVal* id, RecordVal* columns) Val* v = 0; - try - { - v = filter->path_func->Call(&vl); - } + v = filter->path_func->Call(&vl); - catch ( InterpreterException& e ) - { + if ( ! v ) return false; - } if ( ! v->Type()->Tag() == TYPE_STRING ) { @@ -1382,16 +1374,13 @@ bool Manager::FinishedRotation(WriterFrontend* writer, const char* new_name, con int result = 0; - try + Val* v = func->Call(&vl); + if ( v ) { - Val* v = func->Call(&vl); result = v->AsBool(); Unref(v); } - catch ( InterpreterException& e ) - { /* Already reported. */ } - return result; } diff --git a/testing/btest/scripts/base/frameworks/input/binary.bro b/testing/btest/scripts/base/frameworks/input/binary.bro index 86e02196b5..ce7f66a01d 100644 --- a/testing/btest/scripts/base/frameworks/input/binary.bro +++ b/testing/btest/scripts/base/frameworks/input/binary.bro @@ -51,6 +51,6 @@ event bro_init() { try = 0; outfile = open("../out"); - Input::add_event([$source="../input.log", $name="input", $fields=Val, $ev=line]); + Input::add_event([$source="../input.log", $name="input", $fields=Val, $ev=line, $want_record=F]); Input::remove("input"); } diff --git a/testing/btest/scripts/base/frameworks/input/event.bro b/testing/btest/scripts/base/frameworks/input/event.bro index f07ca0c43e..d0088472e7 100644 --- a/testing/btest/scripts/base/frameworks/input/event.bro +++ b/testing/btest/scripts/base/frameworks/input/event.bro @@ -49,6 +49,6 @@ event bro_init() { try = 0; outfile = open("../out"); - Input::add_event([$source="../input.log", $name="input", $fields=Val, $ev=line]); + Input::add_event([$source="../input.log", $name="input", $fields=Val, $ev=line, $want_record=F]); Input::remove("input"); } diff --git a/testing/btest/scripts/base/frameworks/input/executeraw.bro b/testing/btest/scripts/base/frameworks/input/executeraw.bro index 222b4256d1..626b9cdfd2 100644 --- a/testing/btest/scripts/base/frameworks/input/executeraw.bro +++ b/testing/btest/scripts/base/frameworks/input/executeraw.bro @@ -37,6 +37,6 @@ event line(description: Input::EventDescription, tpe: Input::Event, s: string) event bro_init() { outfile = open("../out.tmp"); - Input::add_event([$source="wc -l ../input.log |", $reader=Input::READER_RAW, $name="input", $fields=Val, $ev=line]); + Input::add_event([$source="wc -l ../input.log |", $reader=Input::READER_RAW, $name="input", $fields=Val, $ev=line, $want_record=F]); Input::remove("input"); } diff --git a/testing/btest/scripts/base/frameworks/input/raw.bro b/testing/btest/scripts/base/frameworks/input/raw.bro index cb19213173..d15aec22bb 100644 --- a/testing/btest/scripts/base/frameworks/input/raw.bro +++ b/testing/btest/scripts/base/frameworks/input/raw.bro @@ -44,6 +44,6 @@ event bro_init() { try = 0; outfile = open("../out"); - Input::add_event([$source="../input.log", $reader=Input::READER_RAW, $mode=Input::STREAM, $name="input", $fields=Val, $ev=line]); + Input::add_event([$source="../input.log", $reader=Input::READER_RAW, $mode=Input::STREAM, $name="input", $fields=Val, $ev=line, $want_record=F]); Input::remove("input"); } diff --git a/testing/btest/scripts/base/frameworks/input/rereadraw.bro b/testing/btest/scripts/base/frameworks/input/rereadraw.bro index 1051351c2b..2fdcdc8f9e 100644 --- a/testing/btest/scripts/base/frameworks/input/rereadraw.bro +++ b/testing/btest/scripts/base/frameworks/input/rereadraw.bro @@ -44,7 +44,7 @@ event bro_init() { try = 0; outfile = open("../out"); - Input::add_event([$source="../input.log", $reader=Input::READER_RAW, $mode=Input::REREAD, $name="input", $fields=Val, $ev=line]); + Input::add_event([$source="../input.log", $reader=Input::READER_RAW, $mode=Input::REREAD, $name="input", $fields=Val, $ev=line, $want_record=F]); Input::force_update("input"); Input::remove("input"); } diff --git a/testing/btest/scripts/base/frameworks/input/streamraw.bro b/testing/btest/scripts/base/frameworks/input/streamraw.bro index a6aba88c5f..3bc06f7dea 100644 --- a/testing/btest/scripts/base/frameworks/input/streamraw.bro +++ b/testing/btest/scripts/base/frameworks/input/streamraw.bro @@ -58,5 +58,5 @@ event bro_init() { outfile = open("../out"); try = 0; - Input::add_event([$source="../input.log", $reader=Input::READER_RAW, $mode=Input::STREAM, $name="input", $fields=Val, $ev=line]); + Input::add_event([$source="../input.log", $reader=Input::READER_RAW, $mode=Input::STREAM, $name="input", $fields=Val, $ev=line, $want_record=F]); }