Copy docs into Zeek repo directly

This is based on commit 2731def9159247e6da8a3191783c89683363689c from the zeek-docs repo.
2025-10-02 22:58:20 +00:00 · 2025-09-15 15:52:18 -07:00 · 2025-09-15 15:52:18 -07:00 · ded98cd373
commit ded98cd373
parent 83f1e74643
1074 changed files with 169319 additions and 0 deletions
--- a/doc/scripts/base/protocols/mysql/load.zeek.rst
+++ b/doc/scripts/base/protocols/mysql/load.zeek.rst
@ -0,0 +1,14 @@
+:tocdepth: 3
+
+base/protocols/mysql/__load__.zeek
+==================================
+
+
+:Imports: :doc:`base/protocols/mysql/main.zeek </scripts/base/protocols/mysql/main.zeek>`
+
+Summary
+~~~~~~~
+
+Detailed Interface
+~~~~~~~~~~~~~~~~~~
+
--- a/doc/scripts/base/protocols/mysql/consts.zeek.rst
+++ b/doc/scripts/base/protocols/mysql/consts.zeek.rst
@ -0,0 +1,69 @@
+:tocdepth: 3
+
+base/protocols/mysql/consts.zeek
+================================
+.. zeek:namespace:: MySQL
+
+
+:Namespace: MySQL
+
+Summary
+~~~~~~~
+Constants
+#########
+============================================================================================ =
+:zeek:id:`MySQL::commands`: :zeek:type:`table` :zeek:attr:`&default` = :zeek:type:`function` 
+============================================================================================ =
+
+
+Detailed Interface
+~~~~~~~~~~~~~~~~~~
+Constants
+#########
+.. zeek:id:: MySQL::commands
+   :source-code: base/protocols/mysql/consts.zeek 4 4
+
+   :Type: :zeek:type:`table` [:zeek:type:`count`] of :zeek:type:`string`
+   :Attributes: :zeek:attr:`&default` = :zeek:type:`function`
+   :Default:
+
+      ::
+
+         {
+            [19] = "table_dump",
+            [20] = "connect_out",
+            [14] = "ping",
+            [15] = "time",
+            [6] = "drop_db",
+            [30] = "binlog_dump_gtid",
+            [31] = "reset_connection",
+            [28] = "stmt_fetch",
+            [23] = "stmt_execute",
+            [8] = "shutdown",
+            [27] = "set_option",
+            [9] = "statistics",
+            [7] = "refresh",
+            [10] = "process_info",
+            [21] = "register_slave",
+            [4] = "field_list",
+            [26] = "stmt_reset",
+            [13] = "debug",
+            [12] = "process_kill",
+            [17] = "change_user",
+            [25] = "stmt_close",
+            [2] = "init_db",
+            [29] = "daemon",
+            [16] = "delayed_insert",
+            [24] = "stmt_send_long_data",
+            [1] = "quit",
+            [11] = "connect",
+            [5] = "create_db",
+            [22] = "stmt_prepare",
+            [18] = "binlog_dump",
+            [3] = "query",
+            [0] = "sleep"
+         }
+
+
+
+
--- a/doc/scripts/base/protocols/mysql/index.rst
+++ b/doc/scripts/base/protocols/mysql/index.rst
@ -0,0 +1,17 @@
+:orphan:
+
+Package: base/protocols/mysql
+=============================
+
+Support for MySQL protocol analysis.
+
+:doc:`/scripts/base/protocols/mysql/__load__.zeek`
+
+
+:doc:`/scripts/base/protocols/mysql/main.zeek`
+
+   Implements base functionality for MySQL analysis. Generates the mysql.log file.
+
+:doc:`/scripts/base/protocols/mysql/consts.zeek`
+
+
--- a/doc/scripts/base/protocols/mysql/main.zeek.rst
+++ b/doc/scripts/base/protocols/mysql/main.zeek.rst
@ -0,0 +1,124 @@
+:tocdepth: 3
+
+base/protocols/mysql/main.zeek
+==============================
+.. zeek:namespace:: MySQL
+
+Implements base functionality for MySQL analysis. Generates the mysql.log file.
+
+:Namespace: MySQL
+:Imports: :doc:`base/protocols/conn/removal-hooks.zeek </scripts/base/protocols/conn/removal-hooks.zeek>`, :doc:`base/protocols/mysql/consts.zeek </scripts/base/protocols/mysql/consts.zeek>`
+
+Summary
+~~~~~~~
+Types
+#####
+============================================= =
+:zeek:type:`MySQL::Info`: :zeek:type:`record` 
+============================================= =
+
+Redefinitions
+#############
+============================================ ========================================================
+:zeek:type:`Log::ID`: :zeek:type:`enum`      
+                                             
+                                             * :zeek:enum:`mysql::LOG`
+:zeek:type:`connection`: :zeek:type:`record` 
+                                             
+                                             :New Fields: :zeek:type:`connection`
+                                             
+                                               mysql: :zeek:type:`MySQL::Info` :zeek:attr:`&optional`
+============================================ ========================================================
+
+Events
+######
+=============================================== =====================================================================
+:zeek:id:`MySQL::log_mysql`: :zeek:type:`event` Event that can be handled to access the MySQL record as it is sent on
+                                                to the logging framework.
+=============================================== =====================================================================
+
+Hooks
+#####
+================================================================ ========================
+:zeek:id:`MySQL::finalize_mysql`: :zeek:type:`Conn::RemovalHook` MySQL finalization hook.
+:zeek:id:`MySQL::log_policy`: :zeek:type:`Log::PolicyHook`       
+================================================================ ========================
+
+
+Detailed Interface
+~~~~~~~~~~~~~~~~~~
+Types
+#####
+.. zeek:type:: MySQL::Info
+   :source-code: base/protocols/mysql/main.zeek 13 30
+
+   :Type: :zeek:type:`record`
+
+
+   .. zeek:field:: ts :zeek:type:`time` :zeek:attr:`&log`
+
+      Timestamp for when the event happened.
+
+
+   .. zeek:field:: uid :zeek:type:`string` :zeek:attr:`&log`
+
+      Unique ID for the connection.
+
+
+   .. zeek:field:: id :zeek:type:`conn_id` :zeek:attr:`&log`
+
+      The connection's 4-tuple of endpoint addresses/ports.
+
+
+   .. zeek:field:: cmd :zeek:type:`string` :zeek:attr:`&log`
+
+      The command that was issued
+
+
+   .. zeek:field:: arg :zeek:type:`string` :zeek:attr:`&log`
+
+      The argument issued to the command
+
+
+   .. zeek:field:: success :zeek:type:`bool` :zeek:attr:`&log` :zeek:attr:`&optional`
+
+      Did the server tell us that the command succeeded?
+
+
+   .. zeek:field:: rows :zeek:type:`count` :zeek:attr:`&log` :zeek:attr:`&optional`
+
+      The number of affected rows, if any
+
+
+   .. zeek:field:: response :zeek:type:`string` :zeek:attr:`&log` :zeek:attr:`&optional`
+
+      Server message, if any
+
+
+
+Events
+######
+.. zeek:id:: MySQL::log_mysql
+   :source-code: base/protocols/mysql/main.zeek 34 34
+
+   :Type: :zeek:type:`event` (rec: :zeek:type:`MySQL::Info`)
+
+   Event that can be handled to access the MySQL record as it is sent on
+   to the logging framework.
+
+Hooks
+#####
+.. zeek:id:: MySQL::finalize_mysql
+   :source-code: base/protocols/mysql/main.zeek 157 164
+
+   :Type: :zeek:type:`Conn::RemovalHook`
+
+   MySQL finalization hook.  Remaining MySQL info may get logged when it's called.
+
+.. zeek:id:: MySQL::log_policy
+   :source-code: base/protocols/mysql/main.zeek 11 11
+
+   :Type: :zeek:type:`Log::PolicyHook`
+
+
+