Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 10:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
7254 commits 390 branches 195 tags 268 MiB
Commit graph

631 commits

Author SHA1 Message Date
Seth Hall
e56a33b6c5 Update notice framework documentation to represent the new reality. 2013-03-06 10:04:50 -05:00
Scott Runnels
78c81a59e0 Started in on describing records. 2013-03-01 15:55:38 -05:00
Scott Runnels
b53f701ffe Added documentation for the pattern data type as well as btests for time, interval, and pattern. 2013-02-25 01:12:07 -05:00
Scott Runnels
1724784aad After extensive testing it has been revealed that 2.2 secons is not equal to 10 seconds. Scientific paper to follow. 2013-02-20 09:35:53 -05:00
Scott Runnels
11f9b83cd9 Added documentation for the interval data type. 2013-02-18 00:16:59 -05:00
Scott Runnels
7e281015ac Add documentation for the time data type. 2013-02-17 23:23:03 -05:00
Scott Runnels
6b3186780b Added a quick explanation of the port data type. 2013-02-17 22:24:35 -05:00
Scott Runnels
0cd9b82c0f Merge branch 'topic/documentation' of ssh://git.bro-ids.org/bro into topic/documentation 2013-02-17 22:05:49 -05:00
Scott Runnels
19804aa173 Merge remote-tracking branch 'origin/master' into topic/documentation 2013-02-17 21:50:18 -05:00
Daniel Thayer
8524ebc53e Merge remote-tracking branch 'origin/topic/dnthayer/lang-docs' into topic/documentation 2013-02-15 09:27:56 -06:00
Daniel Thayer
6ebc098c21 Merge remote-tracking branch 'origin/master' into topic/documentation 2013-02-15 09:26:48 -06:00
Daniel Thayer
9c9cc0d5db Merge remote-tracking branch 'origin/master' into topic/dnthayer/lang-docs 2013-02-15 09:25:51 -06:00
Scott Runnels
b296f27514 Start definition of address data type. 2013-02-12 23:38:11 -05:00
Scott Runnels
739134dc66 Include an extended explanation of the module and export{} considerations when using global variables. 2013-02-12 22:34:49 -05:00
Seth Hall
9f8ba408ba Updates for the notices framework. 
- Moved the Notice::notice event and Notice::policy table to both be hooks.

 - Renamed the old Notice::policy to Notice::policy_table and documented it as deprecated.
 2013-02-11 14:36:14 -05:00
Jon Siwek
b9d204005d Merge branch 'master' into topic/jsiwek/file-analysis 2013-02-08 09:53:27 -06:00
Scott Runnels
ed8267dd38 Added a more simple example to the section on Constants to re-inforce &redef. 2013-02-07 23:28:33 -05:00
Scott Runnels
614f85259a Remove references to event.bif.bro 2013-02-07 22:36:17 -05:00
Seth Hall
f8be65ca56 Merge remote-tracking branch 'origin/master' into topic/seth/metrics-merge 2013-02-07 10:01:13 -05:00
Scott Runnels
2fd187f991 Start to integrate suggestions from Robin 2013-02-06 01:22:42 -05:00
Seth Hall
a2556642e6 Merge remote-tracking branch 'origin/topic/matthias/notary' 
* origin/topic/matthias/notary:
  Small cosmetic changes.
  Give log buffer the correct name.
  Simplify delayed logging of SSL records.
  Implement delay-token style SSL logging.
  More style tweaks: replace spaces with tabs.
  Factor notary code into separte file.
  Adhere to Bro coding style guidelines.
  Enhance ssl.log with information from notary.

Closes #928
 2013-02-05 02:06:33 -05:00
Scott Runnels
adfae5448f Tables with aggregate keys. 2013-01-22 23:37:43 -05:00
Scott Runnels
61e95e8d4e Reorganize to introduce sets, then tables, then vectors. Rewrite of the section on sets. Start of discussion on tables. 2013-01-21 00:19:29 -05:00
Scott Runnels
52eae050d8 documentation of Sets. 2013-01-20 00:27:04 -05:00
Jon Siwek
69bd46b3af Fix coverage unit tests due to added file analysis scripts. 2013-01-16 12:08:09 -06:00
Scott Runnels
f9359ad40d Moving to new rootedliteralinclude directive. 2013-01-09 14:23:09 -05:00
Jon Siwek
01090cf09f Teach sphinx a new ".. rootedliteralinclude::" directive. 
It's like ".. literalinclude::" except the argument is an absolute path
which may contain environment variables to be be expanded when
generating documents.
 2013-01-09 11:16:43 -06:00
Scott Runnels
c453c228cb Iteration over vectors. 2013-01-08 15:31:56 -05:00
Scott Runnels
7d583b6b78 Vector declarations and explanations, including btests 2013-01-08 14:47:39 -05:00
Scott Runnels
5260e10290 A short discussion of variables versus values in the section on Local Variables. 2013-01-05 17:59:47 -05:00
Scott Runnels
b8c31458ff Local variables. Baselines and data_type_local.bro btest-able script. 2013-01-03 17:03:45 -05:00
Daniel Thayer
1c0905914c Document undocumented attributes 2012-12-20 15:25:29 -06:00
Daniel Thayer
75f32093ab Merge remote-tracking branch 'origin/master' into topic/dnthayer/lang-docs 2012-12-20 14:06:36 -06:00
Scott Runnels
cce5565d63 Merge remote-tracking branch 'origin/master' into topic/documentation 2012-12-19 23:20:52 -05:00
Seth Hall
69030fdff3 Merge remote-tracking branch 'origin/master' into topic/seth/metrics-merge 2012-12-17 10:00:34 -05:00
Daniel Thayer
cb7fd7c87c Remove unused attributes 
Removed attributes &postprocessor and &match from documentation
and source code.  Removed undocumented attribute &attr from
source code.  Removed internal attribute (&tracked) from documentation.
 2012-12-10 15:43:13 -06:00
Daniel Thayer
8c73e83c55 More updates to built-in types document 2012-12-05 17:34:31 -06:00
Daniel Thayer
0fe7c4cf9d Merge remote-tracking branch 'origin/master' into topic/dnthayer/lang-docs 2012-12-04 17:21:32 -06:00
Daniel Thayer
2dc2076b44 Improve description of built-in types 
Added more information on operators and literals.
 2012-12-04 17:15:05 -06:00
Seth Hall
d61d175a04 Merge remote-tracking branch 'origin/master' into topic/seth/metrics-merge 2012-12-04 00:17:43 -05:00
Scott Runnels
d35268a41c Beginning exploration of network centric data types, starting with subnets. 2012-12-01 02:22:52 -05:00
Jon Siwek
4e85fe0454 Change hook calls to only be allowed when preceded by "hook" keyword. 2012-11-30 15:39:00 -06:00
Jon Siwek
3b3b05fbbb Clarification in hook documentation. 2012-11-29 10:07:38 -06:00
Seth Hall
956c23eb66 Merge remote-tracking branch 'origin/master' into topic/seth/metrics-merge 2012-11-28 14:57:42 -05:00
Jon Siwek
378ee699ff Hook functions now directly callable instead of w/ "hook" statements. 
The return value of the call is an implicit boolean value of T if all
hook handlers ran, or F if one hook handler exited as a result of a
break statement and potentially prevented other handlers from running.

Scripts don't need to declare hooks with an explicit return type of bool
(internally, that's assumed), and any values given to (optional) return
statements in handler definitions are just ignored.

Addresses #918.
 2012-11-26 17:09:29 -06:00
Seth Hall
5921a68e91 More test updates. 2012-11-20 11:18:55 -05:00
Jon Siwek
e0fb9eb2b2 Add new function flavor called a "hook". 
This new flavor of function behaves like a "synchronous event".
See documentation for more details on usage.
 2012-11-15 13:45:13 -06:00
Scott Runnels
a3d010e9d8 Rewriting explanation of detect-MHR.bro to match recent changes to lookup_hostname_txt() 2012-11-11 23:27:14 -05:00
Scott Runnels
1f45d5df1e Merge remote-tracking branch 'origin/master' into topic/documentation 
Conflicts:
	doc/index.rst
 2012-11-08 16:38:17 -05:00
Scott Runnels
cd489913f4 Additions, spelling corrections, prior to addition of custom scripts to be used in the User Manual. 2012-11-08 09:53:37 -05:00