Mirror/zeek - git.uphillsecurity.com: We code.

Mirror/zeek

Fork 0

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00

Commit graph

Author	SHA1	Message	Date
Arne Welzel	f3470843d6	rule-parse: Remove [event_name] syntax, deprecate msg as identifier As suggested by Robin. Thanks.	2023-12-14 10:16:35 +01:00
Arne Welzel	a7b077aa17	signatures: Support custom event via [event_name] syntax This change allows to specify a per signature specific event, overriding the default signature_match event. It further removes the message parameter from such events if not provided in the signature. This also tracks the message as StringValPtr directly to avoid allocating the same StringVal for every DoAction() call. Closes #3403	2023-12-05 15:28:21 +01:00

Author

SHA1

Message

Date

Arne Welzel

f3470843d6

rule-parse: Remove [event_name] syntax, deprecate msg as identifier

As suggested by Robin. Thanks.

2023-12-14 10:16:35 +01:00

Arne Welzel

a7b077aa17

signatures: Support custom event via [event_name] syntax

This change allows to specify a per signature specific event, overriding
the default signature_match event. It further removes the message
parameter from such events if not provided in the signature.

This also tracks the message as StringValPtr directly to avoid
allocating the same StringVal for every DoAction() call.

Closes #3403

2023-12-05 15:28:21 +01:00

2 commits