Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote-tracking branch 'origin/topic/christian/fix-zam-analyzer-name'

Browse source 
* origin/topic/christian/fix-zam-analyzer-name:
  Fix ZAM's implementation of Analyzer::name() BiF
This commit is contained in:
Arne Welzel 2024-12-12 14:45:28 +01:00
commit e100a8e698
2 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/script_opt/ZAM/Support.cc
View file

@ -33,13 +33,13 @@ size_t broker_mgr_flush_log_buffers() { return zeek::broker_mgr->FlushLogBuffers
zeek::Connection* session_mgr_find_connection(zeek::Val* cid) { return zeek::session_mgr->FindConnection(cid); } zeek::Connection* session_mgr_find_connection(zeek::Val* cid) { return zeek::session_mgr->FindConnection(cid); }
zeek::StringVal* analyzer_name(zeek::EnumVal* val) { zeek::StringVal* analyzer_name(zeek::EnumVal* val) {
plugin::Component* component = zeek::analyzer_mgr->Lookup(val); plugin::Component* component = zeek::analyzer_mgr->Lookup(val, false);
if ( ! component ) if ( ! component )
component = zeek::packet_mgr->Lookup(val); component = zeek::packet_mgr->Lookup(val, false);
if ( ! component ) if ( ! component )
component = zeek::file_mgr->Lookup(val); component = zeek::file_mgr->Lookup(val, false);
if ( component ) if ( component )
return new StringVal(component->CanonicalName()); return new StringVal(component->CanonicalName());

2
testing/btest/Baseline.zam/spicy.replaces/conn.log
View file

@ -7,5 +7,5 @@
#open XXXX-XX-XX-XX-XX-XX #open XXXX-XX-XX-XX-XX-XX
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents ip_proto #fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig local_resp missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes tunnel_parents ip_proto
#types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string] count #types time string addr port addr port enum string interval count count string bool bool count string count count count count set[string] count
XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 172.16.238.1 49656 172.16.238.131 80 tcp spicy_ssh 9.953807 2405 2887 SF T T 0 ShAdDaFf 40 4497 30 4455 - 6 XXXXXXXXXX.XXXXXX CHhAvVGS1DHFjwGM9 172.16.238.1 49656 172.16.238.131 80 tcp ssh 9.953807 2405 2887 SF T T 0 ShAdDaFf 40 4497 30 4455 - 6
#close XXXX-XX-XX-XX-XX-XX #close XXXX-XX-XX-XX-XX-XX