Merge remote-tracking branch 'origin/master' into topic/robin/plugins

Thanks to git this merge was less troublesome that I was afraid it would be. Not all tests pass yet though (and file hashes have changed unfortunately). Conflicts: cmake doc/scripts/DocSourcesList.cmake scripts/base/init-bare.bro scripts/base/protocols/ftp/main.bro scripts/base/protocols/irc/dcc-send.bro scripts/test-all-policy.bro src/AnalyzerTags.h src/CMakeLists.txt src/analyzer/Analyzer.cc src/analyzer/protocol/file/File.cc src/analyzer/protocol/file/File.h src/analyzer/protocol/http/HTTP.cc src/analyzer/protocol/http/HTTP.h src/analyzer/protocol/mime/MIME.cc src/event.bif src/main.cc src/util-config.h.in testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log testing/btest/Baseline/istate.events-ssl/receiver.http.log testing/btest/Baseline/istate.events-ssl/sender.http.log testing/btest/Baseline/istate.events/receiver.http.log testing/btest/Baseline/istate.events/sender.http.log
2025-10-17 05:58:20 +00:00 · 2013-05-16 17:58:48 -07:00 · 2013-05-16 17:58:48 -07:00 · eb637f9f3e
commit eb637f9f3e
parent 11fd12b18e 5ff7621328
411 changed files with 240276 additions and 161868 deletions
--- a/scripts/base/frameworks/logging/load.bro
+++ b/scripts/base/frameworks/logging/load.bro
@ -2,5 +2,6 @@
@load ./postprocessors
@load ./writers/ascii
@load ./writers/dataseries
+@load ./writers/sqlite
@load ./writers/elasticsearch
@load ./writers/none
--- a/scripts/base/frameworks/logging/main.bro
+++ b/scripts/base/frameworks/logging/main.bro
@ -189,6 +189,15 @@ export {
 	## .. bro:see:: Log::add_default_filter Log::remove_default_filter
 	global create_stream: function(id: ID, stream: Stream) : bool;

+	## Removes a logging stream completely, stopping all the threads.
+	##
+	## id: The ID enum to be associated with the new logging stream.
+	##
+	## Returns: True if a new stream was successfully removed.
+	##
+	## .. bro:see:: Log:create_stream
+	global remove_stream: function(id: ID) : bool;
+
 	## Enables a previously disabled logging stream.  Disabled streams
 	## will not be written to until they are enabled again.  New streams
 	## are enabled by default.
@ -442,6 +451,12 @@ function create_stream(id: ID, stream: Stream) : bool
 	return add_default_filter(id);
 	}

+function remove_stream(id: ID) : bool
+	{
+	delete active_streams[id];
+	return __remove_stream(id);
+	}
+
 function disable_stream(id: ID) : bool
 	{
 	delete active_streams[id];
--- a/scripts/base/frameworks/logging/writers/sqlite.bro
+++ b/scripts/base/frameworks/logging/writers/sqlite.bro
@ -0,0 +1,17 @@
+##! Interface for the SQLite log writer.  Redefinable options are available
+##! to tweak the output format of the SQLite reader.
+
+module LogSQLite;
+
+export {
+	## Separator between set elements.
+	const set_separator = Log::set_separator &redef;
+
+	## String to use for an unset &optional field.
+	const unset_field = Log::unset_field &redef;
+
+	## String to use for empty fields. This should be different from
+        ## *unset_field* to make the output non-ambigious.
+	const empty_field = Log::empty_field &redef;
+}
+