Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-06 08:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
13262 commits 387 branches 195 tags 258 MiB
Commit graph

13262 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bernhard Amann
b62e6899ad Merge remote-tracking branch 'origin/master' into topic/bernhard/input 2011-11-15 11:00:24 -08:00
Bernhard Amann
4a3c992325 InputReader can read Sets. 2011-11-15 10:57:45 -08:00
Jon Siwek
fdf01a1ba6 Finished dissolving the sphinx source directory into doc/ and doc/scripts/ 2011-11-15 11:52:52 -06:00
Robin Sommer
dacc019f1f Adding test for alarm mail. 
Can't test all the functionality, so skipping DNS lookup and the
actual mailing via sendmail.
 2011-11-15 08:51:48 -08:00
Robin Sommer
2dc04b2ce5 Merge remote-tracking branch 'origin/master' into topic/robin/pp-alarms 2011-11-15 08:36:44 -08:00
Bernhard Amann
cde8153c18 switch to set if record or simple value is desired. 2011-11-15 08:36:03 -08:00
Jon Siwek
83aa4b535f Move sphinx source tree up a level. 2011-11-15 10:10:30 -06:00
Robin Sommer
21146abda2 Updating submodule(s). 2011-11-15 07:56:48 -08:00
Robin Sommer
fa76330afb Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Binary packaging script tweaks.
  More default "weird" tuning for the "SYN_with_data" notice.
  Tiny bugfix for http file extraction along with test.
 2011-11-15 07:53:36 -08:00
Seth Hall
908b1a17d1 Adding PPPoE support to Bro. 
- Still needs a small test tracefile and test.
 2011-11-15 09:51:02 -05:00
Bernhard Amann
1a642f3568 tried enum support - doesn't yet work due to internal bro interface problems... 2011-11-14 17:18:28 -08:00
Jon Siwek
d1787523fc Binary packaging script tweaks. 
- Now requiring CMake 2.8.6
- Make moving of packages into build/ independent of package names.
- Bro-all package renamed to Bro and Bro renamed to Bro-minimal
  which is more similar to source packages now.
 2011-11-14 15:13:20 -06:00
Seth Hall
4942767c4d More default "weird" tuning for the "SYN_with_data" notice. 
- I think the default tuning should be that anything not requiring
  a session to be established should use ACTION_LOG_PER_ORIG.

- We need to get some tie-in with the metrics framework in place
  so that we can find when lots of these values are being suppressed.
 2011-11-14 16:12:38 -05:00
Seth Hall
d14349a6f8 Merge remote-tracking branch 'origin/master' into fastpath 2011-11-14 16:06:44 -05:00
Seth Hall
b12d2c768e Tiny bugfix for http file extraction along with test. 2011-11-14 15:24:15 -05:00
Jon Siwek
5865bf3850 Add decode_base64_custom BiF to allow alternate base64 alphabets. 
Addresses #670
 2011-11-11 13:48:11 -06:00
Jon Siwek
d750c3ba74 Promote libz and libmagic to required dependencies. 2011-11-11 12:39:00 -06:00
Jon Siwek
a92592d08d Fix parallel make from top-level to work on more platforms 2011-11-11 11:18:49 -06:00
Bernhard Amann
c8a713da3d Merge remote-tracking branch 'origin/master' into input 2011-11-08 15:34:07 -08:00
Bernhard Amann
5983d44d95 read header line in bro logfile format 2011-11-08 15:33:32 -08:00
Jon Siwek
eb1b0b9502 Broxygen doc style tweaks. 2011-11-08 06:32:26 -06:00
Jon Siwek
5b1f0b1bc5 Merge branch 'master' into topic/jsiwek/broxygen-cleanup 2011-11-08 06:23:58 -06:00
Robin Sommer
151664bc26 Updating submodule(s). 2011-11-07 05:56:40 -08:00
Robin Sommer
8935663981 Updating CHANGES and VERSION. 2011-11-07 05:44:38 -08:00
Robin Sommer
bd279d90fe Updating submodule(s). 2011-11-06 19:27:22 -08:00
Jon Siwek
d594a84393 quickstart doc fixes 2011-11-04 17:25:10 -05:00
Bernhard Amann
1d39eaf32d small fixes, less leakiness 2011-11-04 15:03:40 -07:00
Bernhard Amann
2aa0f6da57 beautify script calls, track filters 2011-11-04 14:33:34 -07:00
Bernhard Amann
72736510de Merge remote-tracking branch 'origin/master' into input 2011-11-04 14:12:59 -07:00
Bernhard Amann
5f37040c96 filters really working as intented (though probably still memleaky) 2011-11-04 13:59:43 -07:00
Bernhard Amann
2e3874331d support for filters and little event fix 2011-11-04 12:41:10 -07:00
Robin Sommer
9aef0c0f5a Fixing packet filter test. 
Adapting the IPv6 one as well, though I believe that's already
broken anyway ...
 2011-11-03 17:42:06 -07:00
Robin Sommer
7f44aedb64 Merge branch 'master' into topic/robin/pp-alarms 2011-11-03 16:13:46 -07:00
Robin Sommer
506ce026ed Updating submodule(s). 2011-11-03 16:10:40 -07:00
Robin Sommer
376a9853d5 Updating submodule(s). 2011-11-03 16:04:02 -07:00
Robin Sommer
28eed39836 Updating submodule(s). 2011-11-03 16:03:26 -07:00
Robin Sommer
9fec8707af Merge branch 'master' into topic/robin/pp-alarms 2011-11-03 16:01:36 -07:00
Robin Sommer
aa8b3677f0 Updating submodule(s). 2011-11-03 16:01:16 -07:00
Robin Sommer
ad4bcec338 Updating submodule(s). 2011-11-03 15:36:28 -07:00
Robin Sommer
e0692b898e Merge branch 'master' into topic/robin/pp-alarms 2011-11-03 15:30:41 -07:00
Robin Sommer
f4ce631231 Updating submodule(s). 2011-11-03 15:28:26 -07:00
Robin Sommer
41a443677b Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  No longer write to the PacketFilter::LOG stream if not reading traffic.
 2011-11-03 15:27:23 -07:00
Robin Sommer
3b1f13b861 Merge remote-tracking branch 'origin/topic/jsiwek/compiler-warnings' 
* origin/topic/jsiwek/compiler-warnings:
  Fixing compiler warnings (addresses #388)
 2011-11-03 15:18:11 -07:00
Jon Siwek
40f6e1e098 Better adaptation of Bro website style in Broxygen docs. 2011-11-03 16:53:24 -05:00
Bernhard Amann
4845c3a9a6 send events when input entries change 2011-11-03 14:04:13 -07:00
Robin Sommer
c4d6f814ff Tuning the pretty-printed alarms output. 
- Now including the included time range into the subject.

- With some notices, it got confused who's the orginator.
 2011-11-02 18:09:09 -07:00
Bernhard Amann
b5a77aa77b reading seems to work with all atomic types + records... 2011-11-02 15:36:36 -07:00
Bernhard Amann
638976791e hashing seems to work _correctly_ now... 2011-11-02 15:36:36 -07:00
Bernhard Amann
f20125d22d little snag with hashing functionality... 2011-11-02 15:36:36 -07:00
Bernhard Amann
86730c13dd more complex types... 2011-11-02 15:36:35 -07:00