Management framework: set defaults for log rotation and persistent state

This adds management/persistence.zeek to establish common configuration for log rotation and persistent variable state. Log-writing Zeek processes initially write locally in their working directory, and rotate into subdirectory "log-queue" of the spool. Since agent and controller have no logger, persistence.zeek puts in place compatible configurations for them. Storage folders for Broker-backed tables and clusterized stores default to subdirectories of the new Zeek-level state folder. When setting the ZEEK_MANAGEMENT_TESTING environment variable, persistent state is kept in the local directory, and log rotation remains disabled. This also tweaks @loads a bit in favor of simply loading frameworks/management, which is easier to keep track of.
2025-10-02 06:38:20 +00:00 · 2022-05-20 16:42:04 -07:00 · 2022-05-20 16:42:04 -07:00 · d1cd409e59
commit d1cd409e59
parent 7708cbe500
7 changed files with 65 additions and 7 deletions
--- a/testing/btest/Baseline/coverage.bare-mode-errors/errors
+++ b/testing/btest/Baseline/coverage.bare-mode-errors/errors
@ -2,8 +2,8 @@
 ### NOTE: This file has been sorted with diff-sort.
 warning in <...>/extract-certs-pem.zeek, line 1: deprecated script loaded from <...>/__load__.zeek:15 "Remove in v5.1. Use log-certs-base64.zeek instead."
 warning in <...>/extract-certs-pem.zeek, line 1: deprecated script loaded from command line arguments "Remove in v5.1. Use log-certs-base64.zeek instead."
-warning in <...>/log-ocsp.zeek, line 1: deprecated script loaded from <...>/test-all-policy.zeek:65 ("Remove in v5.1. OCSP logging is now enabled by default")
-warning in <...>/log-ocsp.zeek, line 1: deprecated script loaded from <...>/test-all-policy.zeek:65 ("Remove in v5.1. OCSP logging is now enabled by default")
+warning in <...>/log-ocsp.zeek, line 1: deprecated script loaded from <...>/test-all-policy.zeek:66 ("Remove in v5.1. OCSP logging is now enabled by default")
+warning in <...>/log-ocsp.zeek, line 1: deprecated script loaded from <...>/test-all-policy.zeek:66 ("Remove in v5.1. OCSP logging is now enabled by default")
 warning in <...>/log-ocsp.zeek, line 1: deprecated script loaded from command line arguments ("Remove in v5.1. OCSP logging is now enabled by default")
 warning in <...>/notary.zeek, line 1: deprecated script loaded from <...>/__load__.zeek:5 ("Remove in v5.1. Please switch to other more modern approaches like SCT validation (validate-sct.zeek).")
 warning in <...>/notary.zeek, line 1: deprecated script loaded from command line arguments ("Remove in v5.1. Please switch to other more modern approaches like SCT validation (validate-sct.zeek).")