Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 15:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
1968 commits 386 branches 195 tags 257 MiB
Commit graph

295 commits

Author SHA1 Message Date
Robin Sommer
357cdd3f8d Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Fix minor typos in the documentation
  Fix compiler warning about Brofiler ctor init list order.
 2012-02-10 00:04:02 -08:00
Daniel Thayer
a28e671f8d Fix minor typos in the documentation 2012-02-08 14:16:29 -06:00
Jon Siwek
26731b1b58 Fix missing optional field access in webapp signature_match handler. 2012-02-08 10:37:00 -06:00
Seth Hall
600d015dab One more very minor change I forgot to commit. 2012-02-03 16:27:51 -05:00
Seth Hall
2cd88ee4f6 Merge remote-tracking branch 'origin/topic/bernhard/software' 
* origin/topic/bernhard/software:
  change software framework interface again. At the moment everything should worl.
  start reworking interface of software framework. working apart from detect-webapps.bro, which direcly manipulates a no longer available interface...
  after talking to seth - change host_a field in record back to host.
  forgotten policy files.
  Software framework stores ports for server software.
 2012-02-03 16:17:04 -05:00
Robin Sommer
6a3b41b84d Bugfix caught by test-suite. 2012-01-25 17:45:26 -08:00
Robin Sommer
b649ade9ba Merge remote-tracking branch 'origin/topic/bif_cleanup' 
* origin/topic/bif_cleanup:
  Give mode2string a more generic name.
  Change some BiF return values from bool to any.
  Perform type checking on count-to-port conversion.
  Remove redundant connection_record() BiF.
  Remove redundant active_connection() BiF.
  Make exit() parameterizable.
  to_port() now parses a string instead of a count.

Closes #684.
 2012-01-25 16:48:00 -08:00
Bernhard Amann
eacdffff90 Merge remote-tracking branch 'origin/master' into topic/bernhard/software 
Conflicts:
	scripts/base/frameworks/software/main.bro
	scripts/policy/protocols/ftp/software.bro
 2012-01-20 12:51:58 -08:00
Seth Hall
5b04789ab8 Fixed a bug resulting in over-logging of detected webapps. 2012-01-20 11:22:15 -05:00
Matthias Vallentin
6c255d13ff Merge remote-tracking branch 'origin/master' into topic/bif_cleanup 
Conflicts:
	src/bro.bif
 2012-01-18 14:56:53 -08:00
Robin Sommer
71eaae8539 Fixing typos 2012-01-10 19:09:30 -08:00
Robin Sommer
3d2dc5f5fc Merge remote-tracking branch 'origin/topic/script-reference' 
* origin/topic/script-reference: (50 commits)
  A few updates for the FAQ.
  Fixing some doc warnings.
  Forgot to add protocol identifier support for TLS 1.2
  Finished SSL & syslog autodocs.
  Adding the draft SSL extension type next_protocol_negotiation.
  Fix some documentation errors.
  Tweaks.
  A set of script-reference polishing.
  fixed a couple typos in comments
  Add summary documentation to bif files.
  Add ssl and syslog script documentation
  Add Conn and DNS protocol script documentation. (fixes #731)
  Small updates to the default local.bro.
  Documentation updates for HTTP & IRC scripts.
  SSH&FTP Documentation updates.
  Fixing a warning from the documentation generation.
  This completes framework documentation package 4.
  Minor notice documentation tweaks.
  Fix some malformed Broxygen xref roles.
  Minor doc tweaks to init-bare.bro.
  ...

Conflicts:
	aux/broccoli
	aux/broctl
	src/bro.bif
	src/strings.bif

Includes:

    - Updated baselines for autodoc tests.
    - Now excluding stats.bro from external texts, it's not stable.
 2012-01-10 14:00:44 -08:00
Robin Sommer
b284dd25cf Merge remote-tracking branch 'origin/master' 2012-01-10 10:46:49 -08:00
Robin Sommer
66be86da61 Fixing coverage failures. 
Friendly reminder: please run test-suite before pushing things
upstream for merges ...
 2012-01-10 10:43:28 -08:00
Robin Sommer
82b1ee0720 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Change SFTP/SCP log rotators to use 4-digit year in filenames (fixes #745).
  Adding back the stats.bro file.

Closes #745.
Closes #656.
 2012-01-10 09:49:58 -08:00
Seth Hall
86a1cbca82 A few more tiny documentation updates commited to the wrong branch. :) 2012-01-10 10:49:10 -05:00
Jon Siwek
f921a4d5db Change SFTP/SCP log rotators to use 4-digit year in filenames (fixes #745). 2012-01-10 09:38:17 -06:00
Seth Hall
727e626bb4 Added an option for filtering out urls before they are turned into HTTP::Incorrect_File_Type notices 2012-01-10 10:38:12 -05:00
Seth Hall
048516c605 Adding back the stats.bro file. 
Closes #656
 2012-01-10 09:10:45 -05:00
Seth Hall
4de670a10e Fixing some doc warnings. 2012-01-10 01:30:55 -05:00
Seth Hall
9b6373584c Forgot to add protocol identifier support for TLS 1.2 2012-01-10 01:09:35 -05:00
Seth Hall
911d7d8436 Finished SSL & syslog autodocs. 2012-01-10 00:56:12 -05:00
Seth Hall
a8f9af3531 Merge branch 'topic/script-reference' of ssh://git.bro-ids.org/bro into topic/script-reference 2012-01-10 00:25:54 -05:00
Seth Hall
8ab372ccff Adding the draft SSL extension type next_protocol_negotiation. 2012-01-09 22:53:53 -05:00
Robin Sommer
e5a42e8a85 Merge branch 'topic/script-reference' of ssh://git.bro-ids.org/bro into topic/script-reference 
Conflicts:
	scripts/base/frameworks/notice/actions/pp-alarms.bro
	scripts/base/frameworks/notice/main.bro
	src/bro.bif
	src/const.bif
	src/event.bif
	src/strings.bif
	src/types.bif
 2012-01-09 18:07:43 -08:00
Jon Siwek
aa69fd53fb Merge branch 'topic/script-reference' of git://git.bro-ids.org/bro into topic/script-reference 2012-01-09 15:49:19 -06:00
Jon Siwek
69a0206a82 Merge branch 'master' into topic/script-reference 
Conflicts:
	scripts/base/frameworks/notice/actions/pp-alarms.bro
	scripts/base/frameworks/notice/main.bro
	scripts/base/init-bare.bro
	src/event.bif
 2012-01-09 15:49:14 -06:00
Daniel Thayer
acf5537acf Add ssl and syslog script documentation 2012-01-09 15:26:34 -06:00
Jon Siwek
62d012e04a Add Conn and DNS protocol script documentation. (fixes #731) 2012-01-09 14:23:24 -06:00
Seth Hall
f389fb42c3 Small updates to the default local.bro. 
- Removed the note from local-manager.bro about setting the
  notice policy there.  The notice framework changed and this
  isn't necessary anymore.
 2012-01-09 13:23:14 -05:00
Seth Hall
3be1222532 Documentation updates for HTTP & IRC scripts. 
Closes #733
 2012-01-08 02:22:52 -05:00
Seth Hall
48ed922e06 SSH&FTP Documentation updates. 
Closes #732
 2012-01-08 01:16:40 -05:00
Seth Hall
1afe8b011c Fixing a warning from the documentation generation. 2012-01-06 16:50:20 -05:00
Seth Hall
f603d0121b This completes framework documentation package 4. 
- Closes ticket #709
 2012-01-06 16:36:22 -05:00
Jon Siwek
e7cf347288 Add SFTP log postprocessor that transfers logs to remote hosts. 
Addresses #737
 2012-01-06 14:58:17 -06:00
Robin Sommer
7646ef1aed Merge remote-tracking branch 'origin/master' into topic/script-reference 
Conflicts:
	scripts/base/frameworks/notice/actions/pp-alarms.bro
	scripts/base/frameworks/notice/main.bro
	scripts/base/init-bare.bro
	src/event.bif
 2012-01-06 12:11:49 -08:00
Jon Siwek
645c80f974 Reduce snaplen default from 65535 to old default of 8192. (fixes #720) 
Also replaced the --snaplen/-l command line option with a
scripting-layer option called "snaplen" (which can also be
redefined on the command line, e.g. `bro -i eth0 snaplen=65535`).
 2012-01-04 16:30:15 -06:00
Seth Hall
f8ec98625d Merge remote-tracking branch 'origin/topic/robin/pp-alarms' 
* origin/topic/robin/pp-alarms:
  The silliest, tiniest little whitespace fixes.
  Update missing in last commit to this branch.
  Adding test for alarm mail.
  Tuning the pretty-printed alarms output.
 2012-01-04 13:41:28 -05:00
Seth Hall
adfbed8e56 The silliest, tiniest little whitespace fixes. 2012-01-04 13:37:07 -05:00
Robin Sommer
5e9153d7d6 Merge remote-tracking branch 'origin/topic/bernhard/notice-proto' 
* origin/topic/bernhard/notice-proto:
  log protocol in notices.

Conflicts:
	scripts/base/frameworks/notice/main.bro

Closes #718.
 2012-01-03 14:52:07 -08:00
Jon Siwek
275420dd29 Minor notice documentation tweaks. 2011-12-19 16:28:30 -06:00
Jon Siwek
a4117016e9 Merge branch 'master' into topic/script-reference 
Conflicts:
	aux/broccoli
	aux/broctl
	scripts/base/frameworks/notice/main.bro
	src/event.bif
 2011-12-19 16:17:58 -06:00
Robin Sommer
c81477d9d3 Executive decision: empty fields are now logged as "(empty)" by default. 2011-12-19 08:49:30 -08:00
Robin Sommer
26ff8e1dab Merge remote branch 'origin/topic/seth/notice-email-delay' 
* origin/topic/seth/notice-email-delay:
  The hostname notice email extension works now.
  Fixed more bugs with delayed emails.
  Working around a problem with setting default container types.
  Ugh, still major failure.  I'm just cutting the timeout handling for now.
  Fixed a small bug major problem with email delay timeout catching.
  Initial fixes for the problem of async actions with notice email extensions.

Closes #727.
 2011-12-19 07:10:28 -08:00
Robin Sommer
0a3e160a8d Merge remote branch 'origin/topic/seth/dns-updates' 
* origin/topic/seth/dns-updates:
  Fixed some bugs with capturing data in the base DNS script.
  Some updates to the base DNS script.

Closes #702.
 2011-12-18 15:20:00 -08:00
Robin Sommer
f3c2811e14 Merge remote branch 'origin/topic/seth/ssl-updates-for-2.0' 
* origin/topic/seth/ssl-updates-for-2.0:
  Added is_orig fields to the SSL events and adapted script.

Closes #692.
 2011-12-18 15:15:57 -08:00
Jon Siwek
cc1459ef35 Fix some malformed Broxygen xref roles. 2011-12-16 14:30:36 -06:00
Bernhard Amann
bd5dadf427 change software framework interface again. At the moment everything should worl. 2011-12-16 11:24:52 -08:00
Jon Siwek
366a5de606 Minor doc tweaks to init-bare.bro. 2011-12-16 11:13:20 -06:00
Seth Hall
8399d28c2e The hostname notice email extension works now. 2011-12-16 10:59:30 -05:00