Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 07:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
3958 commits 386 branches 195 tags 257 MiB
Commit graph

514 commits

Author SHA1 Message Date
Robin Sommer
3d2dc5f5fc Merge remote-tracking branch 'origin/topic/script-reference' 
* origin/topic/script-reference: (50 commits)
  A few updates for the FAQ.
  Fixing some doc warnings.
  Forgot to add protocol identifier support for TLS 1.2
  Finished SSL & syslog autodocs.
  Adding the draft SSL extension type next_protocol_negotiation.
  Fix some documentation errors.
  Tweaks.
  A set of script-reference polishing.
  fixed a couple typos in comments
  Add summary documentation to bif files.
  Add ssl and syslog script documentation
  Add Conn and DNS protocol script documentation. (fixes #731)
  Small updates to the default local.bro.
  Documentation updates for HTTP & IRC scripts.
  SSH&FTP Documentation updates.
  Fixing a warning from the documentation generation.
  This completes framework documentation package 4.
  Minor notice documentation tweaks.
  Fix some malformed Broxygen xref roles.
  Minor doc tweaks to init-bare.bro.
  ...

Conflicts:
	aux/broccoli
	aux/broctl
	src/bro.bif
	src/strings.bif

Includes:

    - Updated baselines for autodoc tests.
    - Now excluding stats.bro from external texts, it's not stable.
 2012-01-10 14:00:44 -08:00
Bernhard Amann
3138f015ce Merge remote-tracking branch 'origin/master' into topic/bernhard/input 2012-01-10 11:33:26 -08:00
Jon Siwek
f921a4d5db Change SFTP/SCP log rotators to use 4-digit year in filenames (fixes #745). 2012-01-10 09:38:17 -06:00
Seth Hall
4de670a10e Fixing some doc warnings. 2012-01-10 01:30:55 -05:00
Robin Sommer
e5a42e8a85 Merge branch 'topic/script-reference' of ssh://git.bro-ids.org/bro into topic/script-reference 
Conflicts:
	scripts/base/frameworks/notice/actions/pp-alarms.bro
	scripts/base/frameworks/notice/main.bro
	src/bro.bif
	src/const.bif
	src/event.bif
	src/strings.bif
	src/types.bif
 2012-01-09 18:07:43 -08:00
Jon Siwek
69a0206a82 Merge branch 'master' into topic/script-reference 
Conflicts:
	scripts/base/frameworks/notice/actions/pp-alarms.bro
	scripts/base/frameworks/notice/main.bro
	scripts/base/init-bare.bro
	src/event.bif
 2012-01-09 15:49:14 -06:00
Seth Hall
1afe8b011c Fixing a warning from the documentation generation. 2012-01-06 16:50:20 -05:00
Seth Hall
f603d0121b This completes framework documentation package 4. 
- Closes ticket #709
 2012-01-06 16:36:22 -05:00
Jon Siwek
e7cf347288 Add SFTP log postprocessor that transfers logs to remote hosts. 
Addresses #737
 2012-01-06 14:58:17 -06:00
Robin Sommer
7646ef1aed Merge remote-tracking branch 'origin/master' into topic/script-reference 
Conflicts:
	scripts/base/frameworks/notice/actions/pp-alarms.bro
	scripts/base/frameworks/notice/main.bro
	scripts/base/init-bare.bro
	src/event.bif
 2012-01-06 12:11:49 -08:00
Bernhard Amann
5bef49d625 Merge remote-tracking branch 'origin/master' into topic/bernhard/input 
Conflicts:
	src/parse.y
 2012-01-05 01:11:13 -08:00
Seth Hall
f8ec98625d Merge remote-tracking branch 'origin/topic/robin/pp-alarms' 
* origin/topic/robin/pp-alarms:
  The silliest, tiniest little whitespace fixes.
  Update missing in last commit to this branch.
  Adding test for alarm mail.
  Tuning the pretty-printed alarms output.
 2012-01-04 13:41:28 -05:00
Seth Hall
adfbed8e56 The silliest, tiniest little whitespace fixes. 2012-01-04 13:37:07 -05:00
Robin Sommer
5e9153d7d6 Merge remote-tracking branch 'origin/topic/bernhard/notice-proto' 
* origin/topic/bernhard/notice-proto:
  log protocol in notices.

Conflicts:
	scripts/base/frameworks/notice/main.bro

Closes #718.
 2012-01-03 14:52:07 -08:00
Jon Siwek
275420dd29 Minor notice documentation tweaks. 2011-12-19 16:28:30 -06:00
Jon Siwek
a4117016e9 Merge branch 'master' into topic/script-reference 
Conflicts:
	aux/broccoli
	aux/broctl
	scripts/base/frameworks/notice/main.bro
	src/event.bif
 2011-12-19 16:17:58 -06:00
Bernhard Amann
a14ec02d3b change empty field defenition like in logging framework 2011-12-19 12:43:25 -08:00
Bernhard Amann
59967d40ac Merge remote-tracking branch 'origin/master' into topic/bernhard/input 
Conflicts:
	src/LogMgr.cc
	src/LogMgr.h
 2011-12-19 12:36:53 -08:00
Robin Sommer
c81477d9d3 Executive decision: empty fields are now logged as "(empty)" by default. 2011-12-19 08:49:30 -08:00
Robin Sommer
26ff8e1dab Merge remote branch 'origin/topic/seth/notice-email-delay' 
* origin/topic/seth/notice-email-delay:
  The hostname notice email extension works now.
  Fixed more bugs with delayed emails.
  Working around a problem with setting default container types.
  Ugh, still major failure.  I'm just cutting the timeout handling for now.
  Fixed a small bug major problem with email delay timeout catching.
  Initial fixes for the problem of async actions with notice email extensions.

Closes #727.
 2011-12-19 07:10:28 -08:00
Jon Siwek
cc1459ef35 Fix some malformed Broxygen xref roles. 2011-12-16 14:30:36 -06:00
Bernhard Amann
bd5dadf427 change software framework interface again. At the moment everything should worl. 2011-12-16 11:24:52 -08:00
Seth Hall
8399d28c2e The hostname notice email extension works now. 2011-12-16 10:59:30 -05:00
Robin Sommer
8c53446292 Merge remote branch 'origin/fastpath' 
* origin/fastpath:
  Fixed major bug with cluster synchronization (it was broken!)
 2011-12-16 02:37:56 -08:00
Seth Hall
0b8b14a0ed Fixed major bug with cluster synchronization (it was broken!) 2011-12-15 15:59:51 -05:00
Seth Hall
b66c73baaa Fixed more bugs with delayed emails. 2011-12-15 15:57:42 -05:00
Seth Hall
667dcb251a Working around a problem with setting default container types. 2011-12-15 12:51:14 -05:00
Seth Hall
cb904cec4f Ugh, still major failure. I'm just cutting the timeout handling for now. 2011-12-15 12:46:15 -05:00
Seth Hall
f1f5719f83 Fixed a small bug major problem with email delay timeout catching. 2011-12-15 12:41:05 -05:00
Seth Hall
2d97e25eeb Initial fixes for the problem of async actions with notice email extensions. 2011-12-15 12:27:41 -05:00
Jon Siwek
303993254e Add more DPD and packet filter framework docs. 2011-12-14 16:07:36 -06:00
Jon Siwek
d89658c19b Add more signature framework documentation. 2011-12-14 12:50:54 -06:00
Jon Siwek
a543ebbea5 Add more notice framework documentation. 2011-12-14 10:05:52 -06:00
Jon Siwek
86cba4c33f Fix missing action in notice policy for looking up GeoIP data. 2011-12-13 16:17:44 -06:00
Seth Hall
76a0b9ad3c Fixed some DPD signatures for IRC. Fixes ticket #311. 
- The larger issue from ticket 313 still stands.
 2011-12-10 22:33:49 -05:00
Bernhard Amann
dcc7fe3c38 start reworking interface of software framework. working apart from detect-webapps.bro, which direcly manipulates a no longer available interface... 2011-12-09 16:47:58 -08:00
Jon Siwek
8e89d78788 Add more cluster and communication framework documentation. 2011-12-09 17:31:47 -06:00
Jon Siwek
1f57827e54 Add more logging framework documentation. 2011-12-09 14:30:21 -06:00
Bernhard Amann
0313039977 log protocol in notices. 2011-12-08 14:44:45 -08:00
Bernhard Amann
311cd1b116 after talking to seth - change host_a field in record back to host. 2011-12-08 14:25:46 -08:00
Jon Siwek
5126b65493 Add reporter bif/framework documentation. 2011-12-07 16:54:40 -06:00
Bernhard Amann
89a29c3d7d Merge remote-tracking branch 'origin/master' into topic/bernhard/input 2011-12-07 13:13:43 -08:00
Bernhard Amann
707926aaa4 Software framework stores ports for server software. 2011-12-07 12:12:46 -08:00
Jon Siwek
506a42638a Omit loading local-<node>.bro scripts from base cluster framework. 
The loading of these is better handled by BroControl and it seems
odd to load them from a base/ script anyway since they'll contain
site/policy specific code.

Addresses #663
 2011-12-05 13:02:39 -06:00
Bernhard Amann
949ec6897a Merge remote-tracking branch 'origin/master' into topic/bernhard/localnet 2011-12-03 20:15:05 -08:00
Jon Siwek
0c8b5a712d Add a remote_log_peer event which contains an event_peer record param. 
Addresses #493.
 2011-12-01 14:07:08 -06:00
Bernhard Amann
a68e6b9fa4 allow sets to be read from files, convenience function for reading a file once, 
bug in destructor that could lead to a segfault.
 2011-11-29 15:05:09 -08:00
Bernhard Amann
2a6387129c documentation 2011-11-29 11:25:11 -08:00
Bernhard Amann
4975584e01 change Log enum to Input enum. 2011-11-28 13:45:00 -08:00
Bernhard Amann
3c40f00a53 make filters pointers (for inheritance) 2011-11-22 16:09:13 -08:00