Fixed more typos, reformatted the code examples to remove the
horizontal scroll bars, and removed some redundant sections that were
just outdated copies of information in the auto-generated reference
docs.
Making two changes here:
- Renaming the hook to SetupAnalyzerTree.
- Reverting the reversal of the script load order. Instead, I'm
adding an additional script that Bro looks for to load first,
"__preload__.bro". Also extending the plugin docs to cover this.
- Increasing plugin API version, as I suppose adding a new virtual
function may invalidate binary compatibility.
* 'topic/jswaro/feature/HookAddToAnalyzer-tcprs-support' of https://github.com/jswaro/bro:
Add hook 'HookAddToAnalyzerTree' to support TCPRS plugin
Updated the install section for FreeBSD and OS X.
Added a section to explain how to quickly test that everything is
setup correctly.
Improved the usage section by removing the misleading record definition
(a link to the reference doc is provided), and explaining that some
fields will be uninitialized.
Corrected the example so that it doesn't try to access uninitialized
fields.
This means CAF is now a required dependency. For now, I'm keeping a
switch --disable-broker to turn it off, but I'm thinking that
eventually we should remove that as well.
Lots of good stuff! Thanks for catchign the plugin doc inconsistencies!
* origin/topic/dnthayer/doc-improvements-2.4:
Add missing documentation on the "Bro Package Index" page
More improvements to the Logging Framework doc
Fix documentation typo
Update the "Log Files" documentation
Add links in the logging framework doc
Add a link to the bro-plugins documentation
Update bro man page
Update script language reference documentation
Fix typos in the "writing bro plugins" doc
Fix a "make doc" warning
Improve logging framework doc
Add link to broctl doc from the quickstart doc
Update install documentation and fix some typos
Minor improvements to logging framework documentation
Correct a minor typo in the docs
Reorganized the content to be easier to follow, added a few more examples,
fixed some ugly formatting (removed scrollbars that make the examples
difficult to read).
* origin/topic/seth/more-file-type-ident-fixes:
File API updates complete.
Fixes for file type identification.
API changes to file analysis mime type detection.
Make HTTP 206 reassembly require ETags by default.
More file type identification improvements
Fix an issue with files having gaps before the bof_buffer is filled.
Fix an issue with packet loss in http file reporting.
Adding WOFF fonts to file type identification.
Extended JSON matching and added OCSP responses.
Another large signature update.
More signature updates.
Even more file type ident clean up.
Lots of fixes for file type identification.
BIT-1368 #merged
Removed "file_mime_type" and "file_mime_types" event, replacing them
with a new event called "file_metadata_inferred". It has a record
argument of type "inferred_file_metadata", which contains the mime type
information that the earlier events used to supply. The idea here is
that future extensions to the record with new metadata will be less
likely to break user code than the alternatives (adding new events or
new event parameters).
Addresses BIT-1368.
- Some scripts used wrong SSH module/namespace scoping on events.
- Fix outdated notice documentation related to SSH password guessing.
- Add a unit test for SSH pasword guessing notice.
I added the $path to the create_stream() calls inside doc/ as well.
* origin/topic/jsiwek/bit-1324:
Allow logging filters to inherit default path from stream.
BIT-1324: #merged
Fixing one missing index adjustment (I believe ...)
BIT-757 #merged
* origin/topic/jsiwek/deprecation:
Fix typo.
Update documentation (broken links, outdated tests).
Update NEWS for deprecated/changed functions.
Deprecate split* family of BIFs.
Improve use of &deprecated on functions.
Add a new attribute: &deprecated.
