Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 09:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
10798 commits 387 branches 195 tags 259 MiB
Commit graph

10798 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bernhard Amann
029871e48c first test. 2011-11-20 13:42:02 -08:00
Bernhard Amann
7eb4d99341 very basic functionality kind of works again 2011-11-20 12:27:34 -08:00
Bernhard Amann
b3f01915fb compiles with basic new filter framework - but crashes on use. 2011-11-20 12:07:50 -08:00
Robin Sommer
fa8fccc7b1 Merge remote-tracking branch 'origin/master' into topic/script-reference 2011-11-19 15:07:18 -08:00
Robin Sommer
c8839da069 Updating submodule(s). 
[nomail]
 2011-11-19 14:58:27 -08:00
Robin Sommer
15eadb90b5 Merge remote-tracking branch 'origin/topic/jsiwek/parallel-make-recursion' 
* origin/topic/jsiwek/parallel-make-recursion:
  Fix parallel make portability
  Revert "Fix parallel make from top-level to work on more platforms"

Closes #687.
 2011-11-19 14:58:09 -08:00
Robin Sommer
b4cadd8f26 Merge remote-tracking branch 'origin/topic/jsiwek/broxygen-cleanup' 
* origin/topic/jsiwek/broxygen-cleanup:
  Teach Broxygen the .. bro:see:: directive
  More Broxygen stylesheet tweaks.
  Change external Broxygen links to render same as internals.
  Teach Broxygen to generate an index of Bro notices
  Teach Broxygen :bro:see: role for referencing any identifier in Bro domain.
  Add a "last updated date" to Broxygen docs.

Closes #650.
 2011-11-19 14:56:23 -08:00
Jon Siwek
305621672f Teach Broxygen the .. bro:see:: directive 2011-11-19 07:19:57 -06:00
Robin Sommer
ab30a3d866 Checkpointing event.bif 
Slowly working through ...
 2011-11-18 14:47:28 -08:00
Jon Siwek
d3d09b798a More Broxygen stylesheet tweaks. 2011-11-18 16:06:21 -06:00
Jon Siwek
05d107db17 Change external Broxygen links to render same as internals. 2011-11-18 14:06:44 -06:00
Jon Siwek
8d8f5dd006 Teach Broxygen to generate an index of Bro notices 2011-11-18 13:58:23 -06:00
Bernhard Amann
e2c521fc4e start reworking input framework... 
does not compile at the moment, but there are a few uncommitted changes that will be reverted in the next commit.
 2011-11-18 10:49:20 -08:00
Jon Siwek
1ab266222e Fix parallel make portability 2011-11-18 11:43:53 -06:00
Jon Siwek
4ee05d32db Revert "Fix parallel make from top-level to work on more platforms" 
This reverts commit a92592d08d.
 2011-11-18 11:20:25 -06:00
Robin Sommer
e81cf3bb73 Adding some first doc strings to event.bif. 
Still trying to find the right style.
 2011-11-17 16:59:53 -08:00
Robin Sommer
0b8428d1bb Merge branch 'master' into topic/robin/pp-alarms 2011-11-17 15:26:15 -08:00
Jon Siwek
5227eb73c8 Teach Broxygen :bro:see: role for referencing any identifier in Bro domain. 2011-11-17 16:55:51 -06:00
Jon Siwek
ec33453d2d Add a "last updated date" to Broxygen docs. 2011-11-17 16:51:27 -06:00
Bernhard Amann
988f859761 Merge remote-tracking branch 'origin/master' into topic/bernhard/input 2011-11-16 23:55:02 -08:00
Bernhard Amann
4dd95fcf3c support for uninitialized fields & empty sets and tables. 
The only snag is... with the default output format of the log-file writer, the input reader cannot tell if a table or set is empty or uninitialized (both cases use the same character by default). In this case, by default it is assumed that the field/vector is uninitalized.
 2011-11-16 23:51:51 -08:00
Bernhard Amann
4fef1e3f8c set & entry separator configuration (with the restriction that they have to be exactly one character long) 2011-11-16 22:47:28 -08:00
Bernhard Amann
ab68d84007 reading of enum types (thanks, Seth) 2011-11-16 22:13:36 -08:00
Robin Sommer
5fbebe1e22 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Fix small bug: sets that are written to logfiles may only contain atomic types. (trying to write sets of records, etc. leads to a bro segfault)
 2011-11-16 08:40:09 -08:00
Robin Sommer
fc7ebbe8d7 Updating submodule(s). 
[nomail]
 2011-11-15 17:52:42 -08:00
Robin Sommer
7696c8b365 Merge remote-tracking branch 'origin/topic/jsiwek/require-libmagic-libz' 
* origin/topic/jsiwek/require-libmagic-libz:
  Promote libz and libmagic to required dependencies.

Conflicts:
	doc/quickstart.rst

Closes #674
 2011-11-15 17:08:24 -08:00
Robin Sommer
6b70f340aa Merge remote-tracking branch 'origin/topic/jsiwek/parallel-make-recursion' 
* origin/topic/jsiwek/parallel-make-recursion:
  Fix parallel make from top-level to work on more platforms

Closes #673.
 2011-11-15 17:04:55 -08:00
Robin Sommer
8de3614afa Merge remote-tracking branch 'origin/topic/jsiwek/custom-b64-alphabet' 
* origin/topic/jsiwek/custom-b64-alphabet:
  Add decode_base64_custom BiF to allow alternate base64 alphabets.

Simplified the code a little bit.

Closes #670.
 2011-11-15 17:03:23 -08:00
Robin Sommer
6b207c9c95 Merge remote-tracking branch 'origin/topic/jsiwek/broxygen-cleanup' 
* origin/topic/jsiwek/broxygen-cleanup:
  Fix documentation interlinkage and normalize console directive bodies.
  Adapt more www niceties to broxygen (stylesheets, pygments); add more docs
  Finished dissolving the sphinx source directory into doc/ and doc/scripts/
  Move sphinx source tree up a level.
  Broxygen doc style tweaks.
  Better adaptation of Bro website style in Broxygen docs.
  Start Broxygen cleanup with crude adaptation of website styles.

Closes #650.
 2011-11-15 16:47:13 -08:00
Robin Sommer
c35094ea0b Update missing in last commit to this branch. 2011-11-15 16:42:23 -08:00
Bernhard Amann
821878835a read vector. 
still missing: enums, empty fields for optional parameters.
 2011-11-15 16:32:35 -08:00
Bernhard Amann
fb5f26e7fc make default values work (thanks to robin) 2011-11-15 15:23:46 -08:00
Jon Siwek
72aa13968b Fix documentation interlinkage and normalize console directive bodies. 2011-11-15 16:27:06 -06:00
Jon Siwek
ea2c89f2d7 Adapt more www niceties to broxygen (stylesheets, pygments); add more docs 2011-11-15 15:39:31 -06:00
Bernhard Amann
5e8dd4f06a Fix small bug: sets that are written to logfiles may only contain atomic types. 
(trying to write sets of records, etc. leads to a bro segfault)
 2011-11-15 12:07:31 -08:00
Bernhard Amann
3d0162bcdc isCompatibleType works correctly for tables. 2011-11-15 11:18:48 -08:00
Bernhard Amann
b62e6899ad Merge remote-tracking branch 'origin/master' into topic/bernhard/input 2011-11-15 11:00:24 -08:00
Bernhard Amann
4a3c992325 InputReader can read Sets. 2011-11-15 10:57:45 -08:00
Jon Siwek
fdf01a1ba6 Finished dissolving the sphinx source directory into doc/ and doc/scripts/ 2011-11-15 11:52:52 -06:00
Robin Sommer
dacc019f1f Adding test for alarm mail. 
Can't test all the functionality, so skipping DNS lookup and the
actual mailing via sendmail.
 2011-11-15 08:51:48 -08:00
Robin Sommer
2dc04b2ce5 Merge remote-tracking branch 'origin/master' into topic/robin/pp-alarms 2011-11-15 08:36:44 -08:00
Bernhard Amann
cde8153c18 switch to set if record or simple value is desired. 2011-11-15 08:36:03 -08:00
Jon Siwek
83aa4b535f Move sphinx source tree up a level. 2011-11-15 10:10:30 -06:00
Robin Sommer
21146abda2 Updating submodule(s). 2011-11-15 07:56:48 -08:00
Robin Sommer
fa76330afb Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Binary packaging script tweaks.
  More default "weird" tuning for the "SYN_with_data" notice.
  Tiny bugfix for http file extraction along with test.
 2011-11-15 07:53:36 -08:00
Seth Hall
908b1a17d1 Adding PPPoE support to Bro. 
- Still needs a small test tracefile and test.
 2011-11-15 09:51:02 -05:00
Bernhard Amann
1a642f3568 tried enum support - doesn't yet work due to internal bro interface problems... 2011-11-14 17:18:28 -08:00
Jon Siwek
d1787523fc Binary packaging script tweaks. 
- Now requiring CMake 2.8.6
- Make moving of packages into build/ independent of package names.
- Bro-all package renamed to Bro and Bro renamed to Bro-minimal
  which is more similar to source packages now.
 2011-11-14 15:13:20 -06:00
Seth Hall
4942767c4d More default "weird" tuning for the "SYN_with_data" notice. 
- I think the default tuning should be that anything not requiring
  a session to be established should use ACTION_LOG_PER_ORIG.

- We need to get some tie-in with the metrics framework in place
  so that we can find when lots of these values are being suppressed.
 2011-11-14 16:12:38 -05:00
Seth Hall
d14349a6f8 Merge remote-tracking branch 'origin/master' into fastpath 2011-11-14 16:06:44 -05:00