Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
19053 commits 387 branches 195 tags 255 MiB
Commit graph

19053 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tim Wojtulewicz
d4cb3c8225 Fix some bit-shifting overflow/UB issues reported by Coverity 2025-07-23 15:17:53 -07:00
Tim Wojtulewicz
22e78c3c24 Reset the value of a status variable in SQLite backend before using it in a loop 2025-07-23 15:17:53 -07:00
Tim Wojtulewicz
0b3b5e2ef2 Fix a potential memory leak reported by Coverity 2025-07-23 15:17:53 -07:00
Tim Wojtulewicz
dea44003a1 Avoid some string copies in IRC analyzer 2025-07-23 15:17:53 -07:00
Tim Wojtulewicz
205c72d26f Add some additional std::moves reported by Coverity 2025-07-23 15:17:53 -07:00
Tim Wojtulewicz
2ce26f1be0 Fix an unsigned integer comparison reported by Coverity 2025-07-23 15:17:53 -07:00
Tim Wojtulewicz
4c58fb26c4 Fix uninitialized class member Coverity findings 2025-07-23 15:17:53 -07:00
Tim Wojtulewicz
923ffbf25a Handle uncaught exception during setup 2025-07-23 15:17:53 -07:00
Tim Wojtulewicz
382dfca7a8 Update gen-zam submodule for Coverity findings 2025-07-23 15:17:53 -07:00
Tim Wojtulewicz
ca3b670d0f Merge remote-tracking branch 'origin/topic/timw/storage-forced-sync' 
* origin/topic/timw/storage-forced-sync:
  Fix swapped storage metrics names
  Add flag to force synchronous mode when calling storage script-land functions
 2025-07-23 14:03:56 -07:00
Tim Wojtulewicz
146837fe73 Fix swapped storage metrics names 2025-07-23 13:14:46 -07:00
Tim Wojtulewicz
7e3ed2010d Add flag to force synchronous mode when calling storage script-land functions 2025-07-23 13:14:34 -07:00
Tim Wojtulewicz
7b858cf270 CI: Only run weekly tasks as part of cron 2025-07-23 12:15:10 -07:00
Arne Welzel
ee5ffdf42c Merge remote-tracking branch 'origin/topic/awelzel/control-switch-to-cluster' 
* origin/topic/awelzel/control-switch-to-cluster:
  NEWS: ZeekControl, ZeroMQ and WebSocket
  Update zeekctl module for ClusterBackend and UseWebSocket
  control: Use Cluster::publish() for replying
 2025-07-23 19:31:45 +02:00
Tim Wojtulewicz
f5500a718f Merge remote-tracking branch 'origin/topic/timw/clang-tidy-bif-code' 
* origin/topic/timw/clang-tidy-bif-code:
  Fix clang-tidy findings in embedded C++ from bif files
 2025-07-23 10:20:26 -07:00
Tim Wojtulewicz
3b6a27d0a3 Fix clang-tidy findings in embedded C++ from bif files 2025-07-23 10:19:32 -07:00
Tim Wojtulewicz
83c914ce2d Merge remote-tracking branch 'origin/topic/timw/ci-weekly-compiler-task' 
* origin/topic/timw/ci-weekly-compiler-task:
  CI: Add weekly task for running builds with newest compilers
 2025-07-23 08:21:31 -07:00
Tim Wojtulewicz
2e612fc493 Merge remote-tracking branch 'origin/topic/timw/commit-info-for-plugin-ci-build' 
* origin/topic/timw/commit-info-for-plugin-ci-build:
  Output more information when cloning repos for include_plugins CI task
 2025-07-23 08:20:43 -07:00
Johanna Amann
9ab7b768c6 Update external tests for pppoe-session-id conn.log changes 2025-07-23 14:09:17 +01:00
Johanna Amann
e5a434c392 PPPoE: add session id logging 
This adds a new PacketAnalyzer::PPPoE::session_id bif, which extracts
the PPPoE session ID from the current packet.

Furthermore, a new policy script is added which adds the pppoe session
id to the connection log.

Related to GH-4602
 2025-07-23 13:43:45 +01:00
Arne Welzel
84cbd3784f Merge remote-tracking branch 'origin/topic/awelzel/make-record-fields-ordered' 
* origin/topic/awelzel/make-record-fields-ordered:
  Type/RecordType: Make table returned by GetRecordFieldsVal() ordered
 2025-07-23 13:38:05 +02:00
Arne Welzel
24faa5722f NEWS: ZeekControl, ZeroMQ and WebSocket 2025-07-23 13:31:11 +02:00
Arne Welzel
7131be9fa5 Update zeekctl module for ClusterBackend and UseWebSocket 2025-07-23 13:31:08 +02:00
Arne Welzel
3f2fe6fc3d control: Use Cluster::publish() for replying 
Switching to ZeroMQ as cluster backend and dabbling with zeekctl
and WebSocket, replies didn't arrive due to the usage of
Broker::publish() rather than Cluster::publish(). Additionally,
add the node name to the topic on which we reply so that the
receiver can figure out which node sent the reply. It could've
been a separate event parameter, but the topic appears just fine.
 2025-07-23 11:59:32 +02:00
zeek-bot
55cdb707e9 Update doc submodule [nomail] [skip ci] 2025-07-23 00:29:23 +00:00
Tim Wojtulewicz
48610bef41 CI: Add weekly task for running builds with newest compilers 2025-07-22 14:27:22 -07:00
Tim Wojtulewicz
07a1c6b699 Merge remote-tracking branch 'origin/topic/timw/update-af-packet' 
* origin/topic/timw/update-af-packet:
  Update zeek-af_packet-plugin submodule to fix initialization [nomail]
 2025-07-22 11:40:27 -07:00
Tim Wojtulewicz
b0d1688fe1 Update zeek-af_packet-plugin submodule to fix initialization [nomail] 2025-07-22 10:24:29 -07:00
Tim Wojtulewicz
ed81e251dc Merge remote-tracking branch 'origin/topic/timw/update-broker' 
* origin/topic/timw/update-broker:
  Update broker submodule [nomail]
 2025-07-22 08:05:22 -07:00
Tim Wojtulewicz
94b026ee47 Update zeek-af_packet-plugin submodule [nomail] 2025-07-22 08:04:33 -07:00
Arne Welzel
9f3a3b423f Type/RecordType: Make table returned by GetRecordFieldsVal() ordered 
Seems only reasonable to provide that guarantee as pointed out in #4674.
 2025-07-22 16:58:40 +02:00
Tim Wojtulewicz
f9dbd55599 Update broker submodule [nomail] 2025-07-21 15:50:51 -07:00
Arne Welzel
b4d2af23dd cluster/ThreadedBackend: Injectable OnLoopProcess instance 
This allows injecting a custom onloop process to configure the
max_queue_size at instantiation time. Also allow access to the
instance directly and deprecate the QueueForProcessing() helper
 2025-07-21 21:36:33 +02:00
Tim Wojtulewicz
e458da944f Return weird if a log line is over a configurable size limit 2025-07-21 09:14:52 -07:00
zeek-bot
db018253fe Update doc submodule [nomail] [skip ci] 2025-07-19 00:21:36 +00:00
Tim Wojtulewicz
cb2e193452 Merge remote-tracking branch 'origin/topic/timw/storage-metrics' 
* origin/topic/timw/storage-metrics:
  Add SQLite page_count and file_size metrics
  Add btests to cover storage metrics
  Add storage metrics for operations, expirations, data transferred
  Fix ordering of telemtry metrics when running under test
  Make RunPragma take an optional value parser to return data
  Make SQLite::Step take a callback function for parsing result data
 2025-07-18 14:28:46 -07:00
Tim Wojtulewicz
d0a6d84237 Add SQLite page_count and file_size metrics 2025-07-18 14:28:04 -07:00
Tim Wojtulewicz
f73ac7089f Add btests to cover storage metrics 2025-07-18 14:28:04 -07:00
Tim Wojtulewicz
a0ffe7f748 Add storage metrics for operations, expirations, data transferred 2025-07-18 14:28:04 -07:00
Tim Wojtulewicz
cab0883254 Fix ordering of telemtry metrics when running under test 2025-07-18 14:28:04 -07:00
Tim Wojtulewicz
365e6cbc9e Make RunPragma take an optional value parser to return data 2025-07-18 14:28:04 -07:00
Tim Wojtulewicz
b44f7ca9ad Make SQLite::Step take a callback function for parsing result data 2025-07-18 14:28:04 -07:00
Benjamin Bannier
784c4537e6 Merge branch 'topic/bbannier/bump-spicy' 2025-07-18 13:32:45 +02:00
Benjamin Bannier
e470c3241d Bump auxil/spicy to latest development snapshot 2025-07-18 11:07:37 +02:00
Tim Wojtulewicz
1dc7d88efd Merge remote-tracking branch 'origin/topic/timw/update-libkqueue' 
* origin/topic/timw/update-libkqueue:
  Update libkqueue submodule [nomail]
 2025-07-17 12:59:10 -07:00
Tim Wojtulewicz
5773283e10 Update libkqueue submodule [nomail] 2025-07-17 10:38:05 -07:00
Tim Wojtulewicz
beb70e27b5 Merge remote-tracking branch 'origin/topic/timw/cpp20-starts-and-ends-with' 
* origin/topic/timw/cpp20-starts-and-ends-with:
  Use std::string/string_view versions of starts_with/ends_with where appropriate
 2025-07-17 09:09:40 -07:00
Tim Wojtulewicz
a1d121e5aa Use std::string/string_view versions of starts_with/ends_with where appropriate 
The util:: versions of these methods remain as a thin wrapper around them so
they can be used with const char* arguments. Otherwise callers have to manually
make string_view objects from the input.
s Please enter the commit message for your changes. Lines starting
 2025-07-17 09:08:54 -07:00
Tim Wojtulewicz
6218643347 Merge remote-tracking branch 'origin/topic/timw/hilti-nolint-enum' 
* origin/topic/timw/hilti-nolint-enum:
  Add nolint for enum size for HILTI_RT_ENUM use
 2025-07-17 08:40:58 -07:00
zeek-bot
79639499fb Update doc submodule [nomail] [skip ci] 2025-07-17 00:27:51 +00:00