Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-15 21:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
4439 commits 385 branches 198 tags 283 MiB
Commit graph

416 commits

Author SHA1 Message Date
Scott Runnels
cb3e05edd4 Include Notice Policy shortcuts in the Scripting User Manual. 
Include two tests and baselines for the RST output.
 2013-04-28 15:48:44 -04:00
Scott Runnels
59405af804 Notice::policy hooks and tests. 
Include explanation of various Notice::policy hook actions.

Add two btest scripts.  framework_notice_hook_01.bro shows adding an
action to the n$action set while framework_notice_suppression.bro shows
how to add a custom n$suppress_for value for a notice through a policy
hook.  While both scripts include an @load directive, it is left out in
RST document so as to avoid confusion.
 2013-04-23 17:02:42 -04:00
Seth Hall
60605412ab Fix a few tests. 2013-04-22 14:14:50 -04:00
Scott Runnels
2832939026 Include btest-rst-include directives for logging framework examples. 2013-04-22 11:03:20 -04:00
Robin Sommer
10dc8b9279 Updating tests. 2013-04-19 16:35:24 -07:00
Robin Sommer
dfc4cb0881 Moving all analyzers over to new structure. 
This is a checkpoint, it works but there's more cleanup to do. TODOs in
src/analyzer/protocols/TODO.
 2013-04-16 20:52:03 -07:00
Scott Runnels
d7d33db8ec Initial commit to include the Notice Framework in the User Manual. 2013-04-15 23:26:04 -04:00
Robin Sommer
52cd02173d Removing event groups. 2013-04-09 16:49:47 -07:00
Robin Sommer
86551cd429 Fixing test. 2013-04-05 12:38:21 -07:00
Seth Hall
423bf3b3bf Test updates and cleanup. 2013-04-02 00:30:14 -04:00
Robin Sommer
25bf563e1c Restructuring the main documentation index. 
I'm merging in the remaining pieces from the former doc directory and
restructuring things into sub-directories.
 2013-04-01 17:30:12 -07:00
Robin Sommer
e0c4bd1a82 Lots of cleanup and API documentation for the analyzer/* classes. 
I've used the opportunity to also cleanup DPD's expect_connection()
infrastructure, and renamed that bif to schedule_analyzer(), which
seems more appropiate. One can now also schedule more than one
analyzer per connection.

TODOs:
        - "make install" is probably broken.
        - Broxygen is probably broken for plugin-defined events.
        - event groups are broken (do we want to keep them?)
        - parallel btest is broken, but I'm not sure why ...
          (tests all pass individually, but lots of error when running
          in parallel; must be related to *.bif restructuring).
        - Document API for src/plugin/*
        - Document API for src/analyzer/Analyzer.h
        - Document API for scripts/base/frameworks/analyzer
 2013-04-01 13:12:21 -07:00
Robin Sommer
12e4dd8066 Moving the quickstart guide back in. 2013-03-27 13:47:02 -07:00
Robin Sommer
2be985433c Test-suite passes. 
All tests pass with one exception: some Broxygen tests are broken
because dpd_config doesn't exist anymore. Need to update the mechanism
for auto-documenting well-known ports.
 2013-03-26 15:40:23 -07:00
Scott Runnels
e755bf1b54 Hooking into the Logging Framework. 2013-03-24 21:58:28 -04:00
Scott Runnels
a699470145 Spelling fixes. 2013-03-20 00:03:08 -04:00
Scott Runnels
44892cd78d Split logging via Filters in the Logging Framework. 2013-03-20 00:02:20 -04:00
Scott Runnels
65627209c1 Include a brief description of what &log does. 2013-03-19 23:40:29 -04:00
Scott Runnels
b4a92432e3 Changes to framework_logging_factorial_02.bro to make the call to Log::create_stream() more distinct. 2013-03-19 23:28:48 -04:00
Scott Runnels
9ae8487844 Logging Framework (contrived) example: Logging factorials. 2013-03-18 23:44:36 -04:00
Scott Runnels
2e55399a85 Correction of spelling mistakes. 2013-03-18 23:27:31 -04:00
Scott Runnels
940910768b Start on Logging Framework. 2013-03-18 23:23:43 -04:00
Scott Runnels
19c401f8a6 Renamed Advanced Data Structures to simply Record Data Type. 2013-03-18 21:46:19 -04:00
Scott Runnels
daaeca5ef0 correct nomenclature for fields in a record. 2013-03-18 13:38:03 -04:00
Jon Siwek
b30211c178 FileAnalysis: fix unit tests. 2013-03-18 12:29:41 -05:00
Seth Hall
8778761c07 Checkpoint 2013-03-13 22:55:03 -04:00
Seth Hall
09cbaa7ccc Merge remote-tracking branch 'origin/master' into topic/seth/metrics-merge 
Conflicts:
	testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
	testing/btest/Baseline/scripts.base.frameworks.notice.cluster/manager-1.notice.log
	testing/btest/Baseline/scripts.base.frameworks.notice.suppression-cluster/manager-1.notice.log
	testing/btest/Baseline/scripts.base.protocols.ftp.gridftp/notice.log
 2013-03-13 00:26:55 -04:00
Scott Runnels
afdb80a334 Include required blank line after btest directive to avoid python error. 2013-03-12 16:03:17 -04:00
Jon Siwek
1f6cac9b6d Merge branch 'master' into topic/jsiwek/file-analysis 2013-03-11 13:20:45 -05:00
Scott Runnels
5249a30c46 Expanding on records, including two simple examples. 2013-03-11 00:19:23 -04:00
Scott Runnels
d41883fb91 Merge remote-tracking branch 'origin/master' into topic/documentation 
Conflicts:
	doc/index.rst
 2013-03-11 00:17:58 -04:00
Robin Sommer
f830ed3edf s/bro-ids.org/bro.org/g 2013-03-07 19:33:04 -08:00
Scott Runnels
2f54d584e7 Merge remote-tracking branch 'origin/master' into topic/documentation 2013-03-07 13:25:47 -05:00
Jon Siwek
589952f4d9 Merge branch 'master' into topic/jsiwek/file-analysis 
Conflicts:
	src/FileAnalyzer.cc
	testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log
 2013-03-07 11:06:00 -06:00
Robin Sommer
1bd2f26df3 Merge remote-tracking branch 'origin/topic/seth/notice-framework-updates' 
So much nicer!

Closes #954.

* origin/topic/seth/notice-framework-updates:
  Update notice framework documentation to represent the new reality.
  Complete removal of the old table based notice policy mechanism.
  Updates for the notices framework.
 2013-03-06 16:45:30 -08:00
Seth Hall
e56a33b6c5 Update notice framework documentation to represent the new reality. 2013-03-06 10:04:50 -05:00
Scott Runnels
78c81a59e0 Started in on describing records. 2013-03-01 15:55:38 -05:00
Scott Runnels
b53f701ffe Added documentation for the pattern data type as well as btests for time, interval, and pattern. 2013-02-25 01:12:07 -05:00
Scott Runnels
1724784aad After extensive testing it has been revealed that 2.2 secons is not equal to 10 seconds. Scientific paper to follow. 2013-02-20 09:35:53 -05:00
Scott Runnels
11f9b83cd9 Added documentation for the interval data type. 2013-02-18 00:16:59 -05:00
Scott Runnels
7e281015ac Add documentation for the time data type. 2013-02-17 23:23:03 -05:00
Scott Runnels
6b3186780b Added a quick explanation of the port data type. 2013-02-17 22:24:35 -05:00
Scott Runnels
0cd9b82c0f Merge branch 'topic/documentation' of ssh://git.bro-ids.org/bro into topic/documentation 2013-02-17 22:05:49 -05:00
Scott Runnels
19804aa173 Merge remote-tracking branch 'origin/master' into topic/documentation 2013-02-17 21:50:18 -05:00
Daniel Thayer
8524ebc53e Merge remote-tracking branch 'origin/topic/dnthayer/lang-docs' into topic/documentation 2013-02-15 09:27:56 -06:00
Daniel Thayer
6ebc098c21 Merge remote-tracking branch 'origin/master' into topic/documentation 2013-02-15 09:26:48 -06:00
Daniel Thayer
9c9cc0d5db Merge remote-tracking branch 'origin/master' into topic/dnthayer/lang-docs 2013-02-15 09:25:51 -06:00
Scott Runnels
b296f27514 Start definition of address data type. 2013-02-12 23:38:11 -05:00
Scott Runnels
739134dc66 Include an extended explanation of the module and export{} considerations when using global variables. 2013-02-12 22:34:49 -05:00
Seth Hall
9f8ba408ba Updates for the notices framework. 
- Moved the Notice::notice event and Notice::policy table to both be hooks.

 - Renamed the old Notice::policy to Notice::policy_table and documented it as deprecated.
 2013-02-11 14:36:14 -05:00