Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 10:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
3375 commits 390 branches 195 tags 268 MiB
Commit graph

3375 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bernhard Amann
6beaefd207 Merge remote-tracking branch 'origin/topic/bernhard/topk' into topic/bernhard/topk 2013-04-28 21:22:13 -07:00
Bernhard Amann
07ecd31bbd in cluster settings, the resultvals can apparently 
been uninitialized in some special cases
 2013-04-28 21:21:22 -07:00
Bernhard Amann
1accee41ed fix memory leaks 2013-04-26 14:06:38 -07:00
Bernhard Amann
fd2e050306 fix warnings 2013-04-26 11:34:07 -07:00
Bernhard Amann
166fc4765a Merge remote-tracking branch 'origin/topic/seth/metrics-merge' into topic/bernhard/topk 2013-04-25 13:21:18 -07:00
Seth Hall
48cbb31747 Added an automatic state limiter for threshold based SumStats. 2013-04-25 12:51:55 -04:00
Bernhard Amann
12cbf20ce0 add topk cluster test 2013-04-24 15:30:24 -07:00
Bernhard Amann
dbd53a09a6 Merge remote-tracking branch 'origin/master' into topic/bernhard/topk 2013-04-24 15:02:19 -07:00
Bernhard Amann
c0890f2a0f make size of topk-list configureable when using sumstats 2013-04-24 15:01:06 -07:00
Bernhard Amann
2f48008c42 implement merging for top-k. 
I am not (entirely) sure that this is mathematically correct, but
I am (more and more) getting the feeling that it... might be.

In any case - this was the last step and now it should work
in cluster settings.
 2013-04-24 06:17:51 -07:00
Bernhard Amann
6f863d2259 add serialization for topk 2013-04-23 23:24:02 -07:00
Robin Sommer
e986247ff2 Merge remote-tracking branch 'origin/topic/jsiwek/974' 
Closes #974.

* origin/topic/jsiwek/974:
  Fix schedule statements used outside event handlers (addresses #974).
 2013-04-23 20:38:21 -07:00
Robin Sommer
f6f00924fc Merge remote-tracking branch 'origin/topic/jsiwek/973' 
Closes #973.

* origin/topic/jsiwek/973:
  Fix record coercion for default inner record fields (addresses #973).
 2013-04-23 20:37:08 -07:00
Robin Sommer
71591d706e Small tweaks for bytestring_to_count(). 
Closes #968.
 2013-04-23 20:32:57 -07:00
Yun Zheng Hu
3fff71b37a Add bytestring_to_count function to bro.bif 2013-04-23 20:18:38 -07:00
Bernhard Amann
a426c76122 make the get function const 2013-04-23 18:23:34 -07:00
Bernhard Amann
de5769a88f topk for sumstats 2013-04-23 15:19:01 -07:00
Bernhard Amann
5da97455f5 Merge remote-tracking branch 'origin/topic/seth/metrics-merge' into topic/bernhard/topk 2013-04-23 12:17:03 -07:00
Bernhard Amann
85dea8973f Merge branch 'topic/seth/metrics-merge' into topic/bernhard/topk 2013-04-23 12:16:55 -07:00
Jon Siwek
7069f679c3 Fix record coercion for default inner record fields (addresses #973). 2013-04-23 09:57:55 -05:00
Seth Hall
2c689b7f40 Removed some dead code in scan.bro 2013-04-22 15:27:14 -04:00
Seth Hall
91362717da Renamed a plugin hook in sumstats framework. 2013-04-22 15:27:03 -04:00
Seth Hall
9574499382 Move loading variance back to where it should be alphabetically. 2013-04-22 14:15:37 -04:00
Seth Hall
8f987e5066 Fix a bug with path building in FTP. Came up when changing the path utils. 2013-04-22 14:15:20 -04:00
Seth Hall
60605412ab Fix a few tests. 2013-04-22 14:14:50 -04:00
Jon Siwek
fa30d4a313 Fix schedule statements used outside event handlers (addresses #974). 2013-04-22 13:00:44 -05:00
Bernhard Amann
ce7ad003f2 well, a test that works.. 
Note: merging top-k data structures is not yet possible (and is
actually quite awkward/expensive). I will have to think about
how to do that for a bit...
 2013-04-22 02:40:42 -07:00
Bernhard Amann
c21c18ea45 implement topk. 
This is _completely_ untested. It compiles. It will probably do
nothing else (well, besides crashing Bro).
 2013-04-22 01:10:29 -07:00
Seth Hall
1cac89e4f8 SumStats test checkpoint. 2013-04-16 00:54:41 -04:00
Seth Hall
437815454d SumStats tests pass. 2013-04-15 15:28:11 -04:00
Seth Hall
fbe967e16a Checkpoint for SumStats rename. 2013-04-15 15:12:28 -04:00
Seth Hall
8165d6077d Fix another occasional reporter error. 2013-04-12 11:20:45 -04:00
Seth Hall
e93fd69cf2 Small updates to hopefully correct reporter errors leading to lost memory. 2013-04-12 09:28:38 -04:00
Seth Hall
a615601269 Trying to fix a state maintenance issue. 2013-04-11 09:42:46 -04:00
Seth Hall
94f39fee2a Updating DocSourcesList 2013-04-02 01:04:40 -04:00
Seth Hall
e8b60d1ba8 Updated FTP bruteforce detection and a few other small changes. 2013-04-02 00:55:25 -04:00
Seth Hall
423bf3b3bf Test updates and cleanup. 2013-04-02 00:30:14 -04:00
Seth Hall
0e3c84e863 Fixed the measurement "sample" plugin. 2013-04-02 00:19:06 -04:00
Seth Hall
f1d165956a Fix path compression to include removing "/./". 
- This involved a fix to the FTP scripts that relied on the old behavior.
 2013-04-02 00:16:56 -04:00
Seth Hall
d11a1dab73 Removed the example metrics scripts. Better real world examples exist now. 2013-04-02 00:15:55 -04:00
Seth Hall
b477d2b02d Measurement framework is ready for testing. 
- New, expanded API.
 - Calculations moved into plugins.
 - Scripts using measurement framework ported.
 - Updated the script-land queue implementation to make it more generic.
 -
 2013-04-01 17:04:15 -04:00
Seth Hall
93eca70e6b Merge remote-tracking branch 'origin/master' into topic/seth/metrics-merge 2013-04-01 14:16:46 -04:00
Seth Hall
53f9948b02 Measurement framework tests all pass now. 2013-04-01 14:16:37 -04:00
Yun Zheng Hu
9a88dc500a Added reverse() function to strings.bif. 
Closes #969.
 2013-03-23 08:39:04 -07:00
Robin Sommer
6b0552fa4f Updating submodule(s). 
[nomail]
 2013-03-22 12:27:19 -07:00
Robin Sommer
4255205026 Merge remote-tracking branch 'origin/topic/jsiwek/table-init-record-idx' 
Closes #660.

* origin/topic/jsiwek/table-init-record-idx:
  Fix record constructors in table initializer indices.  Addresses #660.
 2013-03-22 12:11:29 -07:00
Robin Sommer
8dca2dd971 Merge remote-tracking branch 'origin/topic/seth/q-in-q' 
Closes #641.

* origin/topic/seth/q-in-q:
  Add support for 802.1ah (Q-in-Q).
 2013-03-22 12:02:21 -07:00
Seth Hall
4e99d3a606 Add support for 802.1ah (Q-in-Q). 2013-03-22 12:38:43 -04:00
Seth Hall
6dc204b385 Checkpoint, don't try running this. It's broken all over the place. 2013-03-19 11:39:58 -04:00
Robin Sommer
9caf6e4884 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  fix gcc compile warning in Benchmark reader
  fix gcc compile warning in base64 encoder
 2013-03-18 12:18:40 -07:00