Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-11 11:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
13262 commits 387 branches 195 tags 271 MiB
Commit graph

13262 commits

This branch
This branch
All branches
Author SHA1 Message Date
Robin Sommer
fb3ceae6d5 Renaming HyperLogLog->CardinalityCounter. 
For consistency with the class' name.
 2013-08-31 10:22:27 -07:00
Robin Sommer
ef04ce809b Fixing bug introduced during merging. 2013-08-31 10:17:13 -07:00
Robin Sommer
b74bf10565 Going over initial parts of the scripting overview. 
I made a light pass over the text. Switched the includes over to the
new btest-include and adapted the other TEXT-EXECs a bit.

Also includes more tweaking all over the Sphinx setup.
 2013-08-30 16:23:17 -07:00
Robin Sommer
4dcf8fc0db Merge remote-tracking branch 'origin/topic/bernhard/hyperloglog' 
* origin/topic/bernhard/hyperloglog: (32 commits)
  add clustered leak test for hll. No issues.
  make gcc happy
  (hopefully) fix refcounting problem in hll/bloom-filter opaque vals. Thanks Robin.
  re-use same hash class for all add operations
  get hll ready for merging
  and forgot a file...
  adapt to new structure
  fix opaqueval-related memleak.
  make it compile on case-sensitive file systems and fix warnings
  make error rate configureable
  add persistence test not using predetermined random seeds.
  update cluster test to also use hll
  persistence really works.
  well, with this commit synchronizing the data structure should work.. ...if we had consistent hashing.
  and also serialize the other things we need
  ok, this bug was hard to find.
  serialization compiles.
  change plugin after feedback of seth
  Forgot a file. Again. Like always. Basically.
  do away with old file.
  ...
 2013-08-30 11:30:05 -07:00
Bernhard Amann
2dd0d057e6 Merge remote-tracking branch 'origin/master' into topic/bernhard/hyperloglog 
Conflicts:
	src/NetVar.cc
	src/NetVar.h
 2013-08-30 08:43:47 -07:00
Robin Sommer
23144e44a7 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Fix global opaque val segfault, addresses BIT-1071
  Fix malloc/delete mismatch.
  Fix invalid pointer dereference in AsciiFormatter.
 2013-08-30 08:28:18 -07:00
Jon Siwek
dc2e3d6e04 Fix global opaque val segfault, addresses BIT-1071 
The opaque types need to be created before scripts are parsed.
 2013-08-29 17:17:40 -05:00
Jon Siwek
742a047a40 Fix malloc/delete mismatch. 2013-08-29 16:22:59 -05:00
Robin Sommer
c8a2fbeadd Merge remote-tracking branch 'origin/fastpath' 
Changed two deletes to Unrefs.

* origin/fastpath:
  Fix input framework memory leaks.
  Fix mem leak in socks analyzer for bad addr types.
  Fix bloom filter memory leaks.
 2013-08-29 14:20:59 -07:00
Bernhard Amann
4cd20c6375 add clustered leak test for hll. No issues. 2013-08-29 14:01:22 -07:00
Jon Siwek
c4e8908c8e Fix invalid pointer dereference in AsciiFormatter. 
Using a temporary object with strtol() makes the end pointer that it
sets invalid after the call.
 2013-08-29 15:50:46 -05:00
Jon Siwek
b6e2505202 Fix input framework memory leaks. 
Couldn't figure out a test case: gperftools didn't report them (maybe
due to threading?), but valgrind did.
 2013-08-29 14:13:16 -05:00
Jon Siwek
e54ea6d7e9 Fix mem leak in socks analyzer for bad addr types. 2013-08-29 14:09:56 -05:00
Jon Siwek
fb8b78840b Fix bloom filter memory leaks. 2013-08-29 11:24:24 -05:00
Robin Sommer
13842f2fd5 Updating submodule(s). 
[nomail]
 2013-08-28 21:12:15 -07:00
Robin Sommer
39a848d76b Updating submodule(s). 
[nomail]
 2013-08-28 18:57:23 -07:00
Robin Sommer
6373d817a5 Merge remote-tracking branch 'origin/topic/jsiwek/uid' 
Thanks!

* origin/topic/jsiwek/uid:
  Add bits_per_uid unit test, addressing BIT0-1016.
  UID optimizations addressing BIT-1016.

BIT-1016 #merged
 2013-08-28 18:57:00 -07:00
Bernhard Amann
dc9fd36497 Merge remote branch 'origin/master' into topic/bernhard/hyperloglog 2013-08-28 17:48:59 -07:00
Robin Sommer
f8c9d5e3d3 Adding lines in scripting/index.txt. No other change. 2013-08-28 14:36:59 -07:00
Jon Siwek
7a2972d0e4 Add bits_per_uid unit test, addressing BIT0-1016. 2013-08-28 16:12:11 -05:00
Jon Siwek
5c119561ad UID optimizations addressing BIT-1016. 
Max UID bit-length is now 128, but can be increased w/ trivial source
code change of BRO_UID_LEN.
 2013-08-28 15:35:18 -05:00
Seth Hall
0592b528ef Merge branch 'master' of ssh://git.bro-ids.org/bro 2013-08-28 00:58:03 -04:00
Seth Hall
2b78922af8 Added a $unique_max field to Reducers for the SumStats::UNIQUE calculation 
- Using the new option in scan.bro and the FTP bruteforce detection.
 2013-08-28 00:57:44 -04:00
Robin Sommer
ea9cfc749d Updating submodule(s). 
[nomail]
 2013-08-27 14:12:20 -07:00
Robin Sommer
0cdc868446 Updating submodule(s). 
[nomail]
 2013-08-27 14:10:38 -07:00
Robin Sommer
f46f692185 Merge remote-tracking branch 'origin/topic/bernhard/hexstr' 
BIT-1069 #merged

* origin/topic/bernhard/hexstr:
  add hexstr_to_bytestring bif that does exactly the opposite of bytestring_to_hexstr.
 2013-08-27 13:30:25 -07:00
Robin Sommer
f6b689db81 Merge remote-tracking branch 'origin/topic/jsiwek/uid' 
* origin/topic/jsiwek/uid:
  Fix UID compiler warning/error & missed baselines.
  Increase UIDs to 96 bits w/ C/F prefix - BIT-1016
 2013-08-27 12:36:12 -07:00
Bernhard Amann
8a5a2b5b39 add hexstr_to_bytestring bif that does exactly the opposite of 
bytestring_to_hexstr.
 2013-08-27 12:20:03 -07:00
Jon Siwek
50dbbab52c Fix UID compiler warning/error & missed baselines. 2013-08-26 16:11:20 -05:00
Jon Siwek
d31b59a5d0 Merge branch 'master' into topic/jsiwek/uid 2013-08-26 15:51:18 -05:00
Jon Siwek
22bf3e1196 Increase UIDs to 96 bits w/ C/F prefix - BIT-1016 
- The bit-length is adjustable via redef'ing bits_per_uid.

- Prefix 'C' is used for connection UIDS (including IP tunnels) and
  'F' for files.
 2013-08-26 15:36:31 -05:00
Bernhard Amann
74f96d22ef Merge remote branch 'origin/master' into topic/bernhard/hyperloglog 
Conflicts:
	src/3rdparty
 2013-08-26 12:53:13 -07:00
Seth Hall
ea89e30a9c One more tiny SumStats change to clean up cluster state. 2013-08-26 15:29:27 -04:00
Seth Hall
abd7cdff43 Merge branch 'master' of ssh://git.bro-ids.org/bro 2013-08-26 13:57:47 -04:00
Seth Hall
72d2cd363e Removed the when statement from general use in the sumstats cluster code. 2013-08-26 13:57:42 -04:00
Robin Sommer
df84083227 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Remove code relict pointed out by Bernhard.
  Fix wrong documentation for mkdir BIF.
  File extraction tweaks.
 2013-08-24 10:29:07 -07:00
Robin Sommer
391bfdc317 Merge remote-tracking branch 'origin/topic/hui/dnp3-merge-v2' 
* origin/topic/hui/dnp3-merge-v2:
  fixed number of object bug in dnp3-protocol pac; update two base test trases
 2013-08-23 16:34:26 -07:00
Hui Lin
3e3ca1bb74 fixed number of object bug in dnp3-protocol pac; update two base test trases 2013-08-23 18:10:30 -05:00
Jon Siwek
6dbbce8e05 Remove code relict pointed out by Bernhard. 
The condition should never be true, it's leftover from my
hacking/debugging code.
 2013-08-23 12:03:13 -05:00
Jon Siwek
288ef20a4e Fix wrong documentation for mkdir BIF. 2013-08-23 11:57:37 -05:00
Jon Siwek
17d0ecd388 File extraction tweaks. 
- Default extraction limit of 100MB now provided via a tuning script
  loaded in local.bro so that command-line Bro is unlimited by default.

- Extraction directory is now created on request of file extraction
  rather than unconditionally in bro_init().
 2013-08-23 11:57:07 -05:00
Robin Sommer
927f534833 Merge remote-tracking branch 'origin/topic/jsiwek/extract-limit' 
* origin/topic/jsiwek/extract-limit:
  Use macros to create file analyzer plugin classes.
  Add options to limit extracted file sizes w/ 100MB default.
 2013-08-22 16:53:06 -07:00
Robin Sommer
1cf535dbbb Updating submodule. 2013-08-22 16:33:32 -07:00
Robin Sommer
315aa9d2f5 Updating submodule(s). 
[nomail]
 2013-08-22 16:33:11 -07:00
Robin Sommer
399899c49b Pass over the Using Bro section. 
I edited the text little bit, reorganized the structure somewhat and
extended some parts. I've also simplified the tests a bit, using some
of the BTest tweaks commited in parallel.
 2013-08-22 16:04:45 -07:00
Jon Siwek
814d827c44 Use macros to create file analyzer plugin classes. 2013-08-22 17:03:50 -05:00
Jon Siwek
89ae4ffd05 Add options to limit extracted file sizes w/ 100MB default. 2013-08-22 16:37:58 -05:00
Robin Sommer
29ce98a1d8 Updating submodule(s). 
[nomail]
 2013-08-22 10:37:29 -07:00
Robin Sommer
1e9227a9e9 Applying doc updates from BIT-1063. (Anthony Verez) 
notice.rst wasn't up-to-date in this branch, so I first copied it over
from master.
 2013-08-22 08:57:45 -07:00
Robin Sommer
40d849a2c5 Updating CHANGES and VERSION. 2013-08-22 08:47:06 -07:00