Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 01:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
9059 commits 388 branches 195 tags 264 MiB
Commit graph

9059 commits

This branch
This branch
All branches
Author SHA1 Message Date
Robin Sommer
dacc019f1f Adding test for alarm mail. 
Can't test all the functionality, so skipping DNS lookup and the
actual mailing via sendmail.
 2011-11-15 08:51:48 -08:00
Robin Sommer
2dc04b2ce5 Merge remote-tracking branch 'origin/master' into topic/robin/pp-alarms 2011-11-15 08:36:44 -08:00
Bernhard Amann
cde8153c18 switch to set if record or simple value is desired. 2011-11-15 08:36:03 -08:00
Jon Siwek
83aa4b535f Move sphinx source tree up a level. 2011-11-15 10:10:30 -06:00
Robin Sommer
21146abda2 Updating submodule(s). 2011-11-15 07:56:48 -08:00
Robin Sommer
fa76330afb Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Binary packaging script tweaks.
  More default "weird" tuning for the "SYN_with_data" notice.
  Tiny bugfix for http file extraction along with test.
 2011-11-15 07:53:36 -08:00
Seth Hall
908b1a17d1 Adding PPPoE support to Bro. 
- Still needs a small test tracefile and test.
 2011-11-15 09:51:02 -05:00
Bernhard Amann
1a642f3568 tried enum support - doesn't yet work due to internal bro interface problems... 2011-11-14 17:18:28 -08:00
Jon Siwek
d1787523fc Binary packaging script tweaks. 
- Now requiring CMake 2.8.6
- Make moving of packages into build/ independent of package names.
- Bro-all package renamed to Bro and Bro renamed to Bro-minimal
  which is more similar to source packages now.
 2011-11-14 15:13:20 -06:00
Seth Hall
4942767c4d More default "weird" tuning for the "SYN_with_data" notice. 
- I think the default tuning should be that anything not requiring
  a session to be established should use ACTION_LOG_PER_ORIG.

- We need to get some tie-in with the metrics framework in place
  so that we can find when lots of these values are being suppressed.
 2011-11-14 16:12:38 -05:00
Seth Hall
d14349a6f8 Merge remote-tracking branch 'origin/master' into fastpath 2011-11-14 16:06:44 -05:00
Seth Hall
b12d2c768e Tiny bugfix for http file extraction along with test. 2011-11-14 15:24:15 -05:00
Jon Siwek
5865bf3850 Add decode_base64_custom BiF to allow alternate base64 alphabets. 
Addresses #670
 2011-11-11 13:48:11 -06:00
Jon Siwek
d750c3ba74 Promote libz and libmagic to required dependencies. 2011-11-11 12:39:00 -06:00
Jon Siwek
a92592d08d Fix parallel make from top-level to work on more platforms 2011-11-11 11:18:49 -06:00
Bernhard Amann
c8a713da3d Merge remote-tracking branch 'origin/master' into input 2011-11-08 15:34:07 -08:00
Bernhard Amann
5983d44d95 read header line in bro logfile format 2011-11-08 15:33:32 -08:00
Jon Siwek
eb1b0b9502 Broxygen doc style tweaks. 2011-11-08 06:32:26 -06:00
Jon Siwek
5b1f0b1bc5 Merge branch 'master' into topic/jsiwek/broxygen-cleanup 2011-11-08 06:23:58 -06:00
Robin Sommer
151664bc26 Updating submodule(s). 2011-11-07 05:56:40 -08:00
Robin Sommer
8935663981 Updating CHANGES and VERSION. 2011-11-07 05:44:38 -08:00
Robin Sommer
bd279d90fe Updating submodule(s). 2011-11-06 19:27:22 -08:00
Jon Siwek
d594a84393 quickstart doc fixes 2011-11-04 17:25:10 -05:00
Bernhard Amann
1d39eaf32d small fixes, less leakiness 2011-11-04 15:03:40 -07:00
Bernhard Amann
2aa0f6da57 beautify script calls, track filters 2011-11-04 14:33:34 -07:00
Bernhard Amann
72736510de Merge remote-tracking branch 'origin/master' into input 2011-11-04 14:12:59 -07:00
Bernhard Amann
5f37040c96 filters really working as intented (though probably still memleaky) 2011-11-04 13:59:43 -07:00
Bernhard Amann
2e3874331d support for filters and little event fix 2011-11-04 12:41:10 -07:00
Robin Sommer
9aef0c0f5a Fixing packet filter test. 
Adapting the IPv6 one as well, though I believe that's already
broken anyway ...
 2011-11-03 17:42:06 -07:00
Robin Sommer
7f44aedb64 Merge branch 'master' into topic/robin/pp-alarms 2011-11-03 16:13:46 -07:00
Robin Sommer
506ce026ed Updating submodule(s). 2011-11-03 16:10:40 -07:00
Robin Sommer
376a9853d5 Updating submodule(s). 2011-11-03 16:04:02 -07:00
Robin Sommer
28eed39836 Updating submodule(s). 2011-11-03 16:03:26 -07:00
Robin Sommer
9fec8707af Merge branch 'master' into topic/robin/pp-alarms 2011-11-03 16:01:36 -07:00
Robin Sommer
aa8b3677f0 Updating submodule(s). 2011-11-03 16:01:16 -07:00
Robin Sommer
ad4bcec338 Updating submodule(s). 2011-11-03 15:36:28 -07:00
Robin Sommer
e0692b898e Merge branch 'master' into topic/robin/pp-alarms 2011-11-03 15:30:41 -07:00
Robin Sommer
f4ce631231 Updating submodule(s). 2011-11-03 15:28:26 -07:00
Robin Sommer
41a443677b Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  No longer write to the PacketFilter::LOG stream if not reading traffic.
 2011-11-03 15:27:23 -07:00
Robin Sommer
3b1f13b861 Merge remote-tracking branch 'origin/topic/jsiwek/compiler-warnings' 
* origin/topic/jsiwek/compiler-warnings:
  Fixing compiler warnings (addresses #388)
 2011-11-03 15:18:11 -07:00
Jon Siwek
40f6e1e098 Better adaptation of Bro website style in Broxygen docs. 2011-11-03 16:53:24 -05:00
Bernhard Amann
4845c3a9a6 send events when input entries change 2011-11-03 14:04:13 -07:00
Robin Sommer
c4d6f814ff Tuning the pretty-printed alarms output. 
- Now including the included time range into the subject.

- With some notices, it got confused who's the orginator.
 2011-11-02 18:09:09 -07:00
Bernhard Amann
b5a77aa77b reading seems to work with all atomic types + records... 2011-11-02 15:36:36 -07:00
Bernhard Amann
638976791e hashing seems to work _correctly_ now... 2011-11-02 15:36:36 -07:00
Bernhard Amann
f20125d22d little snag with hashing functionality... 2011-11-02 15:36:36 -07:00
Bernhard Amann
86730c13dd more complex types... 2011-11-02 15:36:35 -07:00
Bernhard Amann
b245d4168a yay, basic table assignment. 2011-11-02 15:36:35 -07:00
Bernhard Amann
5b0c307f87 very basic input to event working... 2011-11-02 15:36:34 -07:00
amannb
d7a3b85fcd many helper functions 2011-11-02 15:36:34 -07:00