mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
0bc7d0905e
This has come up a few times and the motivation is mainly better "first timer" experience with Zeek. Concretely, if one wants to run a Zeek cluster with multiple workers and reasonable load balancing on Linux, AF_PACKET is a decent start. Without AF_PACKET support being built into Zeek, however, a new user's next experience is that of setting up a development environment in order to compile an external plugin (think compiler, kernel headers, zkg, ...). Only to get what could be termed basic functionality. This is using the ZEEK_INCLUDE_PLUGINS infrastructure. I've used the all upper case spelling of AF_PACKET in the help output because it seems everyone else references/writes it like that. I think we should also write it like that in the docs. |
||
|---|---|---|
| .. | ||
| benchmark/broker | ||
| btest | ||
| coverage | ||
| external | ||
| scripts | ||
| .gitignore | ||
| CMakeLists.txt | ||
| Makefile | ||
| README | ||
This directory contains suites for testing for Zeek's correct
operation:
btest/
An ever-growing set of small unit tests testing Zeek's
functionality.
external/
A framework for downloading additional test sets that run more
complex Zeek configuration on larger traces files. Due to their
size, these are not included directly. See the README for more
information.
scripts/
Helpers scripts used by some tests.