Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
18331 commits 387 branches 195 tags 255 MiB
Commit graph

18331 commits

This branch
This branch
All branches
Author SHA1 Message Date
Arne Welzel
9365f71965 btest/frameworks/logging: Use generic cluster-layout.zeek 2025-05-20 20:30:01 +02:00
Arne Welzel
6c00c05249 btest/files/x509: Use generic cluster-layout.zeek 2025-05-20 20:30:01 +02:00
Arne Welzel
d7b5955e5e btest/frameworks/notice: Use generic cluster-layout.zeek 2025-05-20 20:30:01 +02:00
Arne Welzel
2a3f2d0004 btest/policy: Use generic cluster-layout.zeek 
Catch-all for cluster scripts in policy directory.
 2025-05-20 20:30:01 +02:00
Arne Welzel
00a12a4cc5 btest/frameworks/intel: Use generic cluster-layout.zeek 2025-05-20 20:30:01 +02:00
Arne Welzel
4dec63936e btest/frameworks/sumstats: Use generic cluster-layout.zeek 2025-05-20 20:30:01 +02:00
Arne Welzel
0a06a77c69 btest/frameworks/cluster: Use generic cluster-layout.zeek 2025-05-20 20:30:01 +02:00
Arne Welzel
e114b0e371 btest/frameworks/config: Use generic cluster-layout.zeek 2025-05-20 20:30:01 +02:00
Arne Welzel
f9ff396acf btest/broker: Use generic cluster-layout.zeek 2025-05-20 20:30:01 +02:00
Arne Welzel
a15df5fc11 btest/cluster: Use generic cluster-layout.zeek 2025-05-20 20:30:01 +02:00
Arne Welzel
b3f53dc455 testing/btest/Files: Add generic broker/cluster-layout.zeek 
This is a cluster-layout.zeek template that can be copied into a testing
directory if needed. The idea is that a developer sets environment
variables within their btest and the Cluster::nodes variable is
implicitly extended by appropriate nodes.

For example, using @TEST-PORT BROKER_LOGGER1_PORT will add an appropriate
logger-1 node to Cluster::nodes, based on the existence of the
BROKER_LOGGER1_PORT environment variable.
 2025-05-20 20:30:01 +02:00
Arne Welzel
906b91dca8 Merge remote-tracking branch 'origin/topic/vern/http-sqli-replacement' 
* origin/topic/vern/http-sqli-replacement:
  site/local: Switch to detect-sql-injection
  Add a revised script for detecting HTTP SQL injection, deprecate original
 2025-05-20 16:26:13 +02:00
Arne Welzel
c687a24503 site/local: Switch to detect-sql-injection 2025-05-20 16:24:28 +02:00
Vern Paxson
dcd14f7a16 Add a revised script for detecting HTTP SQL injection, deprecate original 2025-05-20 16:24:20 +02:00
zeek-bot
a694781bad Update doc submodule [nomail] [skip ci] 2025-05-20 00:25:51 +00:00
Tim Wojtulewicz
ddeecabc1e Merge remote-tracking branch 'origin/topic/awelzel/event-trace-fix-operator-equals' 
* origin/topic/awelzel/event-trace-fix-operator-equals:
  EventTrace: Fix operator==() UBSAN downcast error
 2025-05-19 12:33:08 -07:00
Arne Welzel
1ed38e7342 EventTrace: Fix operator==() UBSAN downcast error 
New test triggered the following error:

    runtime error: downcast of address 0x57021a323ea0 which does not point to an object of type 'const FileVal' 0x57021a323ea0: note: object is of type 'zeek::FuncVal'
 2025-05-19 20:48:18 +02:00
Christian Kreibich
fdecfba6b4 Merge branch 'smoot-improve-from_json' of github.com:/stevesmoot/zeek 
* 'smoot-improve-from_json' of github.com:/stevesmoot/zeek:
  update baseline for zam
  Update src/zeek.bif
  Change from_json to return an error rather than print it.
 2025-05-19 11:06:29 -07:00
Arne Welzel
eb15997cc3 Merge remote-tracking branch 'origin/topic/awelzel/event-trace-mgr-destructor-fclose' 
* origin/topic/awelzel/event-trace-mgr-destructor-fclose:
  btest/core: Add event-trace test
  zeek-setup: Free event_trace_mgr after generating trace
  EventTraceMgr: Rename etm to event_trace_mgr
  EventTraceMgr: Move fclose() to destructor
 2025-05-19 20:02:12 +02:00
Tim Wojtulewicz
e21fb9c9c7 Update cmake submodule 2025-05-19 10:54:10 -07:00
Tim Wojtulewicz
cc79afd24f Merge remote-tracking branch 'origin/topic/timw/include-cleanup-part-2' 
* origin/topic/timw/include-cleanup-part-2:
  Remove unnecessary #includes in script_opt
  Remove unnecessary #includes in telemetry and supervisor
  Remove unnecessary #includes in cluster/broker/iosource/probabilistic/session
  Remove unnecessary #includes in zeekygen and base plugin files
  Remove unnecessary #includes in input/logging/threading
  Remove unnecessary #includes in analyzer/packet analyzer/file analyzer source files
  Remove unnecessary #includes in analyzer/packet analyzer/file analyzer headers
  Remove unnecessary #includes in base files in repo
 2025-05-19 10:26:05 -07:00
Tim Wojtulewicz
12356a6393 Remove unnecessary #includes in script_opt 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
0e47fa10c6 Remove unnecessary #includes in telemetry and supervisor 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
8b992320cb Remove unnecessary #includes in cluster/broker/iosource/probabilistic/session 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
17101da6b3 Remove unnecessary #includes in zeekygen and base plugin files 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
e3c4b1fd58 Remove unnecessary #includes in input/logging/threading 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
79301c4691 Remove unnecessary #includes in analyzer/packet analyzer/file analyzer source files 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
456c1fa42c Remove unnecessary #includes in analyzer/packet analyzer/file analyzer headers 2025-05-19 10:25:05 -07:00
Tim Wojtulewicz
896e41c794 Remove unnecessary #includes in base files in repo 2025-05-19 09:50:23 -07:00
Tim Wojtulewicz
224be5a951 Merge remote-tracking branch 'origin/topic/timw/rename-ci-github-labels' 
* origin/topic/timw/rename-ci-github-labels:
  Rename CI-related github labels for PRs
 2025-05-19 09:44:10 -07:00
Tim Wojtulewicz
e72572bf32 Rename CI-related github labels for PRs 2025-05-19 09:41:27 -07:00
Arne Welzel
000cc50813 btest/core: Add event-trace test 2025-05-19 18:23:08 +02:00
Arne Welzel
eeb08f6ba8 zeek-setup: Free event_trace_mgr after generating trace 
While it'd be destructed due to being a global unique_ptr, force
it to happen right after generating the trace.
 2025-05-19 18:10:36 +02:00
Arne Welzel
5bcf6bec52 EventTraceMgr: Rename etm to event_trace_mgr 
Mostly to avoid having new maintainers/developers knowing about yet
another abbreviation.
 2025-05-19 18:10:36 +02:00
Arne Welzel
1465e390a2 EventTraceMgr: Move fclose() to destructor 
Coverity complains about a missing fclose() in a non-existing
destructor. Also sprinkle in a strerror() call for fopen() to
provide a bit of a hint what might have gone wrong.
 2025-05-19 18:10:32 +02:00
zeek-bot
bf30cf7997 Update doc submodule [nomail] [skip ci] 2025-05-17 00:27:23 +00:00
Tim Wojtulewicz
9683e88795 Merge remote-tracking branch 'origin/topic/timw/include-cleanup-part-1' 
* origin/topic/timw/include-cleanup-part-1:
  Remove including <cinttypes> from util.h
  Remove telemetry #includes from OpaqueVal.h
  Reduce includes in plugin/Component.h
  Remove zeek/Stats.h include from NetVar.h
  Include StmtBase/StmtEnums in Func.h instead of Stmt.h
  Use modern names for standard headers
  Remove fix for CentOS 7 from TCP_Flags.h
  Fix usage of std::string in http analyzer
  Reorder top section of net_util.h to batch includes together
  Use quotes instead of <> for zeek includes
  Fix Obj.h include in IntrusivePtr.h to have full path
 2025-05-16 10:27:46 -07:00
Tim Wojtulewicz
e618d00326 Remove including <cinttypes> from util.h 2025-05-16 10:14:37 -07:00
Tim Wojtulewicz
174bf09d77 Remove telemetry #includes from OpaqueVal.h 2025-05-16 10:14:37 -07:00
Tim Wojtulewicz
c659592773 Reduce includes in plugin/Component.h 2025-05-16 10:14:37 -07:00
Tim Wojtulewicz
ff9f0f7a5c Remove zeek/Stats.h include from NetVar.h 2025-05-16 10:14:37 -07:00
Tim Wojtulewicz
ca3002d745 Include StmtBase/StmtEnums in Func.h instead of Stmt.h 
This requires changes in lots of other files that were depending on Func.h
to provide that include for them.
 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
ad50443590 Use modern names for standard headers 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
4b2ed67eaf Remove fix for CentOS 7 from TCP_Flags.h 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
3197bb7f59 Fix usage of std::string in http analyzer 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
661b230f23 Reorder top section of net_util.h to batch includes together 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
648f0f0623 Use quotes instead of <> for zeek includes 2025-05-16 10:14:36 -07:00
Tim Wojtulewicz
499db5dd70 Fix Obj.h include in IntrusivePtr.h to have full path 2025-05-16 10:14:36 -07:00
Arne Welzel
4691e2c51b Merge remote-tracking branch 'origin/topic/vern/event-trace-on-exit' 
* origin/topic/vern/event-trace-on-exit:
  Generate --event-trace output explicitly rather than in EventTraceMgr destructor
 2025-05-16 13:40:04 +02:00
Vern Paxson
f5c1a32d8d Generate --event-trace output explicitly rather than in EventTraceMgr destructor 2025-05-15 13:00:17 -07:00