Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 00:58:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
11634 commits 387 branches 195 tags 259 MiB
Commit graph

11634 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jon Siwek
84e3bc7aca Add GitHub Action for CI notification emails 2019-12-18 13:36:40 -08:00
Jon Siwek
52f97c7e45 Update encrypted key used for CI access 2019-12-18 13:24:47 -08:00
Tim Wojtulewicz
c59b81306b Updating submodules 2019-12-18 13:28:25 -07:00
Tim Wojtulewicz
cf6f88233d Merge remote-tracking branch 'jsiwek/topic/cirrus-ci' 2019-12-18 13:26:38 -07:00
Jon Siwek
cd9fec7bdb Add Cirrus CI config 2019-12-17 15:28:25 -08:00
Jon Siwek
92c2074193 Merge remote-tracking branch 'origin/topic/timw/599-json-leak' 
* origin/topic/timw/599-json-leak:
  GHI-599: avoid memory leak with default pattern matching and json formatting
 2019-12-16 09:40:43 -08:00
Jon Siwek
5658a529f0 Update URL for Malware Hash Registry website 2019-12-16 08:22:46 -08:00
Tim Wojtulewicz
98d1aadb9e GHI-599: avoid memory leak with default pattern matching and json formatting 2019-12-13 10:07:51 -07:00
Jon Siwek
e292110bd8 Updating submodule(s). 
[nomail]
 2019-12-10 14:37:18 -08:00
Jon Siwek
253c4374eb Updating submodule(s). 
[nomail]
 2019-12-10 14:28:54 -08:00
Jon Siwek
ef0b0903f3 Updating submodule(s). 
[nomail]
 2019-12-10 14:25:35 -08:00
Jon Siwek
ca2f3de2d7 Updating submodule(s). 
[nomail]
 2019-12-10 14:18:46 -08:00
Jon Siwek
34379c47f8 Updating submodule(s). 
[nomail]
 2019-12-09 10:12:40 -08:00
Tim Wojtulewicz
92f60397bc Update submodules 2019-12-05 12:48:43 -07:00
Tim Wojtulewicz
679da0b15b Merge remote-tracking branch 'origin/topic/jsiwek/gh-700-zeek-args-bif' 
* origin/topic/jsiwek/gh-700-zeek-args-bif:
  GH-700: add zeek_args() BIF
 2019-12-05 12:36:35 -07:00
Tim Wojtulewicz
66f5f6916b Fix typo in documentation for packet_sources BIF method 2019-12-05 12:21:36 -07:00
Tim Wojtulewicz
5c85b083b6 Merge remote-tracking branch 'origin/topic/jsiwek/gh-700-packet-sources-bif' 
* origin/topic/jsiwek/gh-700-packet-sources-bif:
  GH-700: add packet_sources() BIF
 2019-12-05 11:58:06 -07:00
Tim Wojtulewicz
33571e7d19 Merge remote-tracking branch 'origin/topic/devbali/use-new-zeek-logo' 
* origin/topic/devbali/use-new-zeek-logo:
  Use new Zeek Logo instead of Bro Eyes on README.md
 2019-12-04 14:44:00 -07:00
Jon Siwek
aa1726f9c8 Updating submodule(s). 
[nomail]
 2019-12-02 16:32:23 -08:00
Jon Siwek
30d0b21ecc Merge remote-tracking branch 'origin/topic/dev/print-to-log' 
Adjustments during merge:

- kept the UNKNOWN Log::ID as placeholder value
- changed the coverage.find-bro-logs test to check for arbitrary $path
  field values instead of just string literals
- don't force EnumVal to unsigned integer since the relevant union member
  is the signed integer and added the relevant enum values/types to
  .bif files for easier access
- compare FILE* versus file name to check for stdout equality (don't
  think it matters much, just a bit more efficient)
- minor whitespace/style tweaks

* origin/topic/dev/print-to-log:
  Added a non boolean configuration and other changes as suggested by Jon
  Allow Print Statements to be redirected to a Log# This is a combination of 3 commits.
 2019-12-02 13:47:09 -08:00
Dev Bali
9aabf4eebe
Use new Zeek Logo instead of Bro Eyes on README.md 2019-12-02 10:13:33 -08:00
Jon Siwek
57c7cbdb92 GH-700: add zeek_args() BIF 
Provides access to all zeek command-line arguments ("argv").
 2019-11-28 10:24:48 -08:00
Jon Siwek
6e7b101df2 GH-700: add packet_sources() BIF 
Provides access to properties of packet sources, like interface or pcap
file name.
 2019-11-28 09:44:38 -08:00
Dev Bali
4be6871df2 Added a non boolean configuration and other changes as suggested by Jon 2019-11-26 21:53:21 -08:00
Jon Siwek
c4a086bdcc Updating submodule(s). 
[nomail]
 2019-11-25 10:23:24 -08:00
Jon Siwek
0666217bfa Updating submodule(s). 
[nomail]
 2019-11-25 09:22:47 -08:00
Jon Siwek
e566a6eb30 Updating submodule(s). 
[nomail]
 2019-11-24 10:15:37 -08:00
Johanna Amann
e5db1f085c Merge remote-tracking branch 'origin/topic/jsiwek/gh-684-fix-rpc-parsing' 
* origin/topic/jsiwek/gh-684-fix-rpc-parsing:
  GH-684: Fix parsing of RPC calls with non-AUTH_UNIX flavors

Addresses GH-684
 2019-11-21 08:50:28 -08:00
Johanna Amann
5dafa7218d Merge remote-tracking branch 'origin/topic/jsiwek/fix-zeek-profiler-file' 
* origin/topic/jsiwek/fix-zeek-profiler-file:
  Fix ZEEK_PROFILER_FILE file format/parsing
 2019-11-21 08:37:04 -08:00
Robin Sommer
a00f139f1c Merge remote-tracking branch 'origin/topic/jsiwek/gh-646-conn-removal' 
Clarified doc strings a bit.

* origin/topic/jsiwek/gh-646-conn-removal:
  GH-646: add new "successful_connection_remove" event
 2019-11-18 12:08:12 +00:00
Jon Siwek
620b789126 Updating submodule(s). 
[nomail]
 2019-11-15 18:28:44 -08:00
Jon Siwek
eb4bf2d6a2 Merge remote-tracking branch 'origin/topic/jsiwek/ci-doctest' 
* origin/topic/jsiwek/ci-doctest:
  Run doctest unit tests in Travis CI
  Fix indents/whitespace in Travis CI script
 2019-11-15 18:27:21 -08:00
Jon Siwek
25ae6d90b7 Merge remote-tracking branch 'origin/topic/jsiwek/openbsd' 
* origin/topic/jsiwek/openbsd:
  Adjust btests for OpenBSD portability
  Convert pcapng test suite files to pcap format
  Fix undefined symbols loading libbroker on OpenBSD
  Fix compile warnings on OpenBSD
 2019-11-15 18:26:50 -08:00
Jon Siwek
9941537481 Run doctest unit tests in Travis CI 2019-11-15 16:14:43 -08:00
Jon Siwek
9e83abc5d9 Fix indents/whitespace in Travis CI script 2019-11-15 16:14:43 -08:00
Jon Siwek
17fd371eae Merge remote-tracking branch 'origin/topic/neverlord/doctest' 
- Minor whitespace tweaks
- Add line to build summary output for whether unit tests are enabled

* origin/topic/neverlord/doctest:
  Add doctest license and copyright
  Integrate review feedback
  Fix submodule reference for doctest
  Add initial scaffold for unit testing via doctest
 2019-11-14 19:17:37 -08:00
Jon Siwek
0e0063335a Merge branch 'topic/simon/configure-fail-hint' of https://github.com/simonhf/zeek 
- Adjusted the hint text a bit during merge

* 'topic/simon/configure-fail-hint' of https://github.com/simonhf/zeek:
  Add hint to run make distclean if configure fails
 2019-11-14 17:30:06 -08:00
Jon Siwek
2395a73f26 Install test-all-policy.zeek script 
The zeekygen script, which is already installed, refers to it, and
could also generally be useful for "test everything" type scenarios.
 2019-11-14 17:00:29 -08:00
Dominik Charousset
885707d666 Add doctest license and copyright 2019-11-14 09:19:26 +01:00
Dominik Charousset
773adab76b Integrate review feedback 2019-11-14 09:15:50 +01:00
Dev Bali
c9016f1397 Allow Print Statements to be redirected to a Log# This is a combination of 3 commits. 2019-11-13 19:59:42 -08:00
Simon Hardy-Francis
ca41512826 Add hint to run make distclean if configure fails 2019-11-13 15:40:22 -08:00
Jon Siwek
ca48a1865d Merge branch 'improve-container-record-fields-bif' of https://github.com/henridf/zeek 
- Minor whitespace adjustment in merge

* 'improve-container-record-fields-bif' of https://github.com/henridf/zeek:
  Recursively handle into container types in record_fields()
  tabify
  Apply suggestions from code review
  Print full container types in record_fields()
 2019-11-13 13:46:27 -08:00
Jon Siwek
37a478ae99 GH-684: Fix parsing of RPC calls with non-AUTH_UNIX flavors 
The parsing logic that should be specific to the AUTH_UNIX credential
flavor was previously applied unconditionally to other flavors.
 2019-11-13 13:14:14 -08:00
Henri DF
a645e38b78 Recursively handle into container types in record_fields() 2019-11-13 15:28:06 +01:00
Henri DF
bb8d6bca67 tabify 2019-11-13 14:06:47 +01:00
Henri DF
a0fa5758a6
Apply suggestions from code review 
Co-Authored-By: Jon Siwek <jsiwek@corelight.com>
 2019-11-13 13:49:06 +01:00
Dominik Charousset
8c848079fb Fix submodule reference for doctest 2019-11-12 17:05:17 +01:00
Henri DF
26633eb727 Print full container types in record_fields() 2019-11-12 13:19:12 +01:00
Dominik Charousset
f6407a4e0f Add initial scaffold for unit testing via doctest 2019-11-12 10:03:49 +01:00