Include in Jan's AF_PACKET plugin as builtin plugin
2022-10-13 13:29:27 +02:00
Support other byte lengths in bytestring_to_count
2022-08-17 15:45:30 -07:00
cat_sep: Make fully vararg and do explicit runtime type checks
2022-10-27 13:06:06 +02:00
zeek.bif: Remove cat_sep() fully var_arg changes
2023-04-19 19:30:46 +02:00
zeek.bif: Remove cat_sep() fully var_arg changes
2023-04-19 19:30:46 +02:00
zeek.bif: Remove cat_sep() fully var_arg changes
2023-04-19 19:30:46 +02:00
zeek.bif: Remove cat_sep() fully var_arg changes
2023-04-19 19:30:46 +02:00
zeek.bif: Remove cat_sep() fully var_arg changes
2023-04-19 19:30:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest/decode_base_errors: Avoid binary output in baseline
2023-02-02 18:49:00 +01:00
Downgrade internal errors to reporter warnings in file/directory BiFs
2025-02-05 17:49:37 -08:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
DPD: change handling of pre-confirmation violations, remove max_violations
2025-01-30 16:59:44 +00:00
Add btests for the lookup_connection_analyzer_id() BiF.
2024-05-30 16:38:09 -07:00
Add btests for the lookup_connection_analyzer_id() BiF.
2024-05-30 16:38:09 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
analyzer: Move disabling_analyzer() hook into Analyzer module
2023-01-23 12:22:05 +01:00
More precise error reporting for the disable_analyzer() BiF
2024-05-30 16:38:22 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
enum_names: Support naming types with a string
2022-10-21 20:09:48 +02:00
telemetry: Invoke Telemetry::sync() only at scrape/collection time
2024-10-22 18:49:11 +02:00
Add max_size argument for find_all/find_all_ordered BIFs
2023-02-21 12:27:54 -07:00
Add max_size argument for find_all/find_all_ordered BIFs
2023-02-21 12:27:54 -07:00
Add baseline for find_first test, update comments, and reorder function imports
2025-05-02 11:51:45 +08:00
zeek.bif: Add find_in_zeekpath() helper
2024-02-22 11:33:03 +01:00
Improvements in FNV1A hash functions
2024-10-22 16:07:12 +02:00
refine Val "footprint" to equate long strings with multiple objects
2024-04-29 12:39:36 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Add test with MUD example
2023-06-29 15:57:52 +02:00
get_dns_stats: Expose total cache size and cached text entries
2023-03-10 09:22:45 +01:00
Added Baseline
2025-06-25 21:22:21 +05:30
global_ids: Align script_id$type_name field with type_name()
2024-02-23 17:26:56 +01:00
global_ids(): Include module names
2023-07-05 14:09:20 +02:00
btest remaining: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Address review comments and small updates for DNS warnings
2025-01-14 09:33:48 +00:00
strings: Implement join_string_set() as bif
2022-09-20 23:07:26 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
zeek.bif: Add log2() and ceil()
2023-05-09 18:57:57 +02:00
Add optional packet filtered statistics for packet sources
2023-04-06 09:47:04 -07:00
netbios_decode: use unsigned char for result
2023-02-02 15:48:58 +01:00
bifs/parse_eftp: Prevent reporter warnings/errors on invalid input
2023-01-16 15:20:02 +01:00
tweak btest so it's recognized as a candidate for C++ compilation testing
2022-09-16 16:49:55 -07:00
record_fields: Include information about optionality of fields
2023-04-27 21:18:35 +02:00
Add sleep() BiF.
2024-12-07 00:36:45 -08:00
strings.bif/do_split_string: Pass bol and eol to MatchPrefix()
2023-11-16 08:36:08 +01:00
Convert remove_prefix/suffix BIFs to use std::string_view
2024-01-23 10:38:56 -07:00
Add type checking to string_cat arguments
2022-08-29 08:45:59 -07:00
strings.bif/sub,gsub: Respect anchors in pattern
2023-11-17 14:37:25 +01:00
BTest updates for ZAM regularization changes
2024-08-16 11:18:58 +02:00
Add more test cases
2022-08-11 13:35:27 +08:00
update test suite to avoid GH-2385 problems, including incorrect typing
2022-12-04 17:56:30 -08:00
Merge remote-tracking branch 'markoverholser/master'
2025-02-24 11:38:11 -07:00
Merge remote-tracking branch 'markoverholser/master'
2025-02-24 11:38:11 -07:00
bifs/to_port: Avoid ASAN errors when calling to_port("")
2022-08-31 17:15:50 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
SSL/TLS: Parse CertificateRequest message
2023-03-09 09:12:29 +01:00
btest/x509_verify: Drop OpenSSL 1.0 hack
2025-02-04 09:44:03 +01:00
EventRegistry/Func: Disable events when all bodies are disabled
2023-01-05 12:03:58 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Expand Broker APIs to allow tracking directionality of peering establishment
2025-04-21 14:08:42 -07:00
btest/broker/publish-errors: Avoid exit(0)
2025-06-24 19:06:52 +02:00
broker: Support publish() of unspecified set() / table()
2024-11-06 15:27:26 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
base/frameworks/spicy: Do not load base/misc/version
2023-10-24 13:15:21 +02:00
base/frameworks/spicy: Do not load base/misc/version
2023-10-24 13:15:21 +02:00
Add timestamps to auto published broker events.
2023-05-11 12:54:11 +02:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
Prevent event timestamps set to future
2025-04-11 13:06:33 +02:00
base/frameworks/spicy: Do not load base/misc/version
2023-10-24 13:15:21 +02:00
Add timestamps to manually published broker events.
2023-05-11 12:53:52 +02:00
Add compatibility tests for timestamped events.
2023-05-11 12:54:11 +02:00
Spelling testing
2022-11-16 20:05:03 -05:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
btest/broker: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
broker/store: Extend SQLiteOptions around data safety and performance
2023-01-30 10:25:37 +01:00
broker/store: Extend SQLiteOptions around data safety and performance
2023-01-30 10:25:37 +01:00
broker/store: Extend SQLiteOptions around data safety and performance
2023-01-30 10:25:37 +01:00
broker/store: Extend SQLiteOptions around data safety and performance
2023-01-30 10:25:37 +01:00
Return a warning and fail if creating a store at global scope
2024-12-17 11:32:43 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
telemetry: Rename endpoint label to node label
2025-06-25 09:33:01 +02:00
Add compatibility tests for timestamped events.
2023-05-11 12:54:11 +02:00
broker: Add WebSocketShim backend
2025-04-23 14:27:43 +02:00
btest: Add test for Cluster::hello zero-timestamp
2025-05-26 16:08:27 +02:00
cluster: Add Cluster scoped bifs
2024-11-26 12:58:23 +01:00
btest/cluster: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
cluster: Fix Cluster::publish() of Broker::Data
2024-12-12 17:54:37 +01:00
Broker::publish: Warn on using Broker::publish() when inactive
2024-12-11 17:20:42 +01:00
cluster: Move publish_hrw() and publish_rr() to cluster.bif
2024-12-10 20:33:02 +01:00
cluster: Add Cluster scoped bifs
2024-11-26 12:58:23 +01:00
btest/generic: Add publish_hrw(), publish_rr() and logging tests
2024-12-10 20:33:02 +01:00
cluster: Add Cluster scoped bifs
2024-11-26 12:58:23 +01:00
cluster: Fix Cluster::publish() of Broker::Data
2024-12-12 17:54:37 +01:00
btest/generic: Add publish_hrw(), publish_rr() and logging tests
2024-12-10 20:33:02 +01:00
cluster/serializer/broker: Fix handler lookup
2025-02-05 10:39:56 +01:00
btest/generic: Add publish_hrw(), publish_rr() and logging tests
2024-12-10 20:33:02 +01:00
cluster/Backend: Handle unspecified table/set
2024-12-12 17:54:42 +01:00
broker/Data/data_to_val: Fail on vectors/lists with holes
2025-04-28 18:23:37 +02:00
cluster/serializer: Add binary-serialization-format
2024-12-04 12:40:35 +01:00
btest/cluster/telemetry: Add smoke testing for telemetry
2025-06-25 17:13:01 +02:00
btest/cluster/telemetry: Add smoke testing for telemetry
2025-06-25 17:13:01 +02:00
btest/cluster/telemetry: Add smoke testing for telemetry
2025-06-25 17:13:01 +02:00
RE: Add MatchAll() and MatchSet() for std::string_view
2025-06-30 13:22:31 +02:00
Align WebSocket error in cluster with one in Broker
2025-06-21 18:13:09 +02:00
Align WebSocket error in cluster with one in Broker
2025-06-21 18:13:09 +02:00
Align WebSocket error in cluster with one in Broker
2025-06-21 18:13:09 +02:00
btest/cluster/websocket: Add tests using broker
2025-04-23 14:27:43 +02:00
btest/cluster/websocket: Add tests using broker
2025-04-23 14:27:43 +02:00
btest/cluster/websocket: Add tests using broker
2025-04-23 14:27:43 +02:00
btest/cluster/websocket: Move no-subscriptions test
2025-04-25 10:01:23 +00:00
cluster/zeromq: Attempt publish during termination
2025-04-23 14:27:43 +02:00
cluster/WebSocket: Include X-Application-Name in cluster.log
2025-06-30 17:55:24 +02:00
cluster/websocket: Make websocket dispatcher queue size configurable
2025-04-23 14:27:43 +02:00
cluster/websocket: Implement WebSocket server
2025-03-10 17:07:30 +01:00
cluster/websocket: Deprecate $listen_host, introduce $listen_addr
2025-05-30 11:02:41 +02:00
cluster/websocket: Deprecate $listen_host, introduce $listen_addr
2025-05-30 11:02:41 +02:00
cluster/websocket: Implement WebSocket server
2025-03-10 17:07:30 +01:00
cluster/websocket: Propagate code and reason to websocket_client_lost()
2025-05-13 18:26:03 +02:00
Websocket: Close onloop during Terminate()
2025-05-06 14:19:08 +02:00
btest/cluster/websocket: Harden multi-client tests
2025-03-24 18:36:26 +01:00
cluster/websocket: Implement WebSocket server
2025-03-10 17:07:30 +01:00
btest/cluster/websocket: Add cert-less test
2025-06-16 13:47:33 +02:00
cluster/websocket: Deprecate $listen_host, introduce $listen_addr
2025-05-30 11:02:41 +02:00
btest/cluster/websocket: Harden multi-client tests
2025-03-24 18:36:26 +01:00
btest/cluster/websocket: Move ZeroMQ test and use wstest.py
2025-04-23 14:27:43 +02:00
btest/cluster/websocket: Move no-subscriptions test
2025-04-25 10:01:23 +00:00
cluster/zeromq: Attempt publish during termination
2025-04-23 14:27:43 +02:00
cluster/zeromq: Hook up and enable IPV6 by default
2025-06-24 17:12:45 +02:00
cluster/zeromq: Hook up and enable IPV6 by default
2025-06-24 17:12:45 +02:00
cluster/backend/zeromq: Add ZeroMQ based cluster backend
2024-12-10 20:33:02 +01:00
cluster/backend/zeromq: Add ZeroMQ based cluster backend
2024-12-10 20:33:02 +01:00
cluster/zeromq: Fix node_topic() and nodeid_topic()
2025-03-24 18:36:26 +01:00
cluster/backend/zeromq: Add ZeroMQ based cluster backend
2024-12-10 20:33:02 +01:00
cluster/backend/zeromq: Add ZeroMQ based cluster backend
2024-12-10 20:33:02 +01:00
cluster/zeromq: Fix Unsubscribe() bug caused by \x00 prefix
2025-02-05 10:39:56 +01:00
cluster/zeromq: Fix unsubscription visibility
2025-03-24 18:36:16 +01:00
PPPoE: don't forward more bytes than header indicates
2025-07-08 10:20:59 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
protocol: Add StreamEvent analyzer
2024-12-06 16:12:40 +01:00
protocol: Add StreamEvent analyzer
2024-12-06 16:12:40 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
EventRegistry: Deprecate UsedHandlers() and UnusedHandlers()
2023-11-07 16:06:17 +01:00
Add btest for "-C" flag vs the script-layer ignore_checksums global.
2023-04-24 21:19:05 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Merge branch 'topic/jgras/connection-packet-threshold' of https://github.com/J-Gras/zeek
2025-07-08 17:54:27 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
scan.l: Deprecate DNS resolutions of hostname literals
2025-03-05 19:23:08 +01:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Reintroduce event groups
2022-10-25 18:03:26 +02:00
Reintroduce event groups
2022-10-25 18:03:26 +02:00
Reintroduce event groups
2022-10-25 18:03:26 +02:00
Reintroduce event groups
2022-10-25 18:03:26 +02:00
Reintroduce event groups
2022-10-25 18:03:26 +02:00
zeek.bif: Add has_event_group() / has_module_events()
2022-12-09 16:59:07 +01:00
Reintroduce event groups
2022-10-25 18:03:26 +02:00
Reintroduce event groups
2022-10-25 18:03:26 +02:00
Reintroduce event groups
2022-10-25 18:03:26 +02:00
Reintroduce event groups
2022-10-25 18:03:26 +02:00
Reintroduce event groups
2022-10-25 18:03:26 +02:00
Event: Bail on add_missing_remote_network_timestamp without add_network_timestamp
2025-06-02 17:31:36 +02:00
Event: Use -1.0 for undefined/unset timestamps
2025-06-02 17:31:36 +02:00
Event/zeek.bif: Add EventMetadata current() and current_values() accessors
2025-05-23 19:32:50 +02:00
Event/zeek.bif: Add EventMetadata current() and current_values() accessors
2025-05-23 19:32:50 +02:00
Event/zeek.bif: Add EventMetadata current() and current_values() accessors
2025-05-23 19:32:50 +02:00
EventRegistry/zeek.bif/init-bare: Add event metadata infrastructure
2025-05-23 19:31:58 +02:00
btest/core: Add event-trace test
2025-05-19 18:23:08 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
scan.l: Deprecate DNS resolutions of hostname literals
2025-03-05 19:23:08 +01:00
threading/Manager: Warn if threads are added after termination
2024-07-02 12:34:28 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
scan.l: Deprecate DNS resolutions of hostname literals
2025-03-05 19:23:08 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Update baselines after AnalyzePacket changes
2022-11-08 16:44:15 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Cleanup unused baselines
2025-07-10 16:46:09 -04:00
Cleanup unused baselines
2025-07-10 16:46:09 -04:00
Cleanup unused baselines
2025-07-10 16:46:09 -04:00
pop3: Prevent unbounded state growth
2024-09-18 19:05:39 +02:00
Add btest to verify behavior of re-opened MMDBs opened directly via BIFs
2024-01-10 20:44:40 -08:00
Add btest for succeeding/failing IPv4/IPv6 lookups
2024-01-25 23:54:20 -08:00
btest/core/mmdb: Basic lookup_autonomous_system / lookup_location tests
2023-10-24 13:15:18 +02:00
Fix mmdb.temporary-error testcase when MMDBs are installed on system
2024-01-10 20:28:41 -08:00
Update baselines after AnalyzePacket changes
2022-11-08 16:44:15 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
core.network_time.broker: Test reliability improvement
2023-05-05 14:08:29 +02:00
A set of tests around set_network_time() and timer expiration
2023-03-23 12:41:56 +01:00
Add btest for get_current_packet_ts()
2024-12-09 16:39:38 +01:00
A set of tests around set_network_time() and timer expiration
2023-03-23 12:41:56 +01:00
A set of tests around set_network_time() and timer expiration
2023-03-23 12:41:56 +01:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
option.bif: Short-circuit option changes when terminating
2022-07-29 18:22:03 +02:00
Reintroduce info when overriding packet analyzer mappings.
2023-03-30 16:19:39 +02:00
rule-parse: Remove [event_name] syntax, deprecate msg as identifier
2023-12-14 10:16:35 +01:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Update core.pcap.filter-warning baseline
2024-04-18 12:27:46 +00:00
iosource/pcap: Support configurable buffer size
2023-10-10 15:08:51 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
iosource/pcap: Support configurable buffer size
2023-10-10 15:08:51 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
PPPoE: don't forward more bytes than header indicates
2025-07-08 10:20:59 +01:00
spciy-redis: Bring Redis analyzer into Zeek proper
2025-05-27 09:28:12 -04:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Add length checking to ToRawPktHdrVal for truncated packets
2023-05-19 09:37:18 -07:00
ip4_hdr: Add DF, MF, offset and sum fields
2023-04-29 17:09:43 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
testing/btest: Un-deferred record initalization tests
2023-09-12 12:12:46 +02:00
testing/btest: Un-deferred record initalization tests
2023-09-12 12:12:46 +02:00
testing/btest: Un-deferred record initalization tests
2023-09-12 12:12:46 +02:00
testing/btest: Un-deferred record initalization tests
2023-09-12 12:12:46 +02:00
testing/btest: Un-deferred record initalization tests
2023-09-12 12:12:46 +02:00
testing/btest: Un-deferred record initalization tests
2023-09-12 12:12:46 +02:00
testing/btest: Un-deferred record initalization tests
2023-09-12 12:12:46 +02:00
testing/btest: Un-deferred record initalization tests
2023-09-12 12:12:46 +02:00
testing/btest: Un-deferred record initalization tests
2023-09-12 12:12:46 +02:00
record_fields: Include information about optionality of fields
2023-04-27 21:18:35 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
Support redef'ing the &log attribute of record fields
2022-08-10 17:27:05 +02:00
btest: More verbose recursive-event output
2023-03-23 12:41:56 +01:00
Btest for normalized reporter path reporting
2023-10-03 22:16:00 -07:00
util/init_random_seed: write_file implies deterministic
2025-02-04 11:57:51 +01:00
Introduce ZEEK_SEED_VALUES environment variable
2023-05-12 19:50:37 +02:00
Introduce ZEEK_SEED_VALUES environment variable
2023-05-12 19:50:37 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Add a set of suspend_processing tests
2023-03-23 12:41:56 +01:00
ip4_hdr: Add DF, MF, offset and sum fields
2023-04-29 17:09:43 +02:00
ip4_hdr: Add DF, MF, offset and sum fields
2023-04-29 17:09:43 +02:00
Add a set of suspend_processing tests
2023-03-23 12:41:56 +01:00
ip4_hdr: Add DF, MF, offset and sum fields
2023-04-29 17:09:43 +02:00
Fix a long-standing bug in the math around continue_processing
2023-04-06 10:49:05 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
IP: fix weird name to not be ipv6 specific
2023-05-24 16:29:29 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
PacketAnalyzer::Geneve: Add get_options()
2025-02-22 12:19:42 -08:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
Remove setting non-existent session history for IPTunnel
2024-01-23 12:39:58 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
init-bare: Default Tunnel::max_depth to 4
2024-01-11 10:22:36 +01:00
tunnels: Add 'X' to history when reaching Tunnel::max_depth
2024-01-11 10:22:44 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Update some btests due to timing changes
2025-03-18 10:20:33 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
IPBasedAnalyzer: Don't flip connections when destination is broadcast
2023-08-28 12:15:55 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Do not forward more than the remaining data to downstream UDP analyzer
2023-07-27 13:35:41 +01:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Update btest baselines for analyzer history
2024-08-12 12:21:09 +02:00
Add btest for unknown_protocols.log
2024-12-10 14:54:19 +01:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Add analyzer registration from VLAN to VNTAG
2025-03-18 11:51:27 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
cluster: Introduce telemetry component
2025-06-25 16:59:49 +02:00
Suppress warnings on deprecated DPD scripts during Zeekygen
2025-06-05 17:44:10 -07:00
Introduce basic test triggering when zeek -r triggers script errors
2022-09-27 17:49:58 +02:00
updates for gen-C++ maintenance, including skipping some inappropriate tests
2022-08-01 16:47:17 -07:00
cluster: Introduce telemetry component
2025-06-25 16:59:49 +02:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
OpaqueVal: Register TelemetryVals, too
2023-11-28 09:21:31 +01:00
Add cluster framework telemetry for Broker's send-buffer use
2025-04-25 09:14:33 -07:00
SMTP: Adapt scripts for enable_rfc822_msg_file_analysis
2025-07-16 12:37:33 +02:00
btest/coverage: Avoid warnings in test-all-policy-cluster
2024-12-11 17:20:45 +01:00
btest/coverage/test-all-policy-zeekygen: Load test-all-policy with zeekygen enabled
2025-05-21 11:49:12 +02:00
extend script coverage profiling to track whether conditionals evaluate to true/false
2025-06-26 16:10:50 +02:00
zeek.bif: Introduce blocking_lookup_hostname()
2025-03-05 19:22:57 +01:00
btest: Add integration test for DNS_Mgr
2024-11-08 11:29:31 +01:00
btest: Add integration test for DNS_Mgr
2024-11-08 11:29:31 +01:00
btest/dns_mgr: Update run-dnsmasq, use --host-record
2025-03-05 12:39:15 +01:00
btest: Add integration test for DNS_Mgr
2024-11-08 11:29:31 +01:00
Squelch the zeekygen warnings for command line
2022-08-06 11:35:05 +08:00
zeekygen: Add BIFs to access declaring scripts
2022-11-22 13:23:01 +01:00
zeekygen: Add BIFs to access declaring scripts
2022-11-22 13:23:01 +01:00
zeekygen: Add BIFs to access declaring scripts
2022-11-22 13:23:01 +01:00
RecordType:DescribeReST: Render RecordType using zeek:field directive
2025-05-28 15:59:50 +02:00
RecordType:DescribeReST: Render RecordType using zeek:field directive
2025-05-28 15:59:50 +02:00
RecordType:DescribeReST: Render RecordType using zeek:field directive
2025-05-28 15:59:50 +02:00
Add btest for Zeekygen docs extraction on identifiers defined by the Zeek core.
2024-05-03 12:22:42 -07:00
Spelling fixes: scripts
2022-11-02 17:36:39 -04:00
RecordType:DescribeReST: Render RecordType using zeek:field directive
2025-05-28 15:59:50 +02:00
Spelling fixes: scripts
2022-11-02 17:36:39 -04:00
RecordType:DescribeReST: Render RecordType using zeek:field directive
2025-05-28 15:59:50 +02:00
Spelling testing
2022-11-16 20:05:03 -05:00
btest/javascript: Add file_sniff() and file_state_remove() test
2025-03-10 19:15:06 +01:00
Add experimental JavaScript support when libnode is available
2023-04-14 11:26:41 +02:00
Add experimental JavaScript support when libnode is available
2023-04-14 11:26:41 +02:00
Add experimental JavaScript support when libnode is available
2023-04-14 11:26:41 +02:00
Add experimental JavaScript support when libnode is available
2023-04-14 11:26:41 +02:00
testing/btest: Log::delay() from JavaScript
2023-11-29 12:52:19 +01:00
Add experimental JavaScript support when libnode is available
2023-04-14 11:26:41 +02:00
crash fixes for constructs that expect add/delete expressions to return values
2025-07-11 12:56:08 -04:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Func: Do not crash on va_args confusion for script funcs
2022-11-01 08:55:14 +01:00
Func: Do not crash on va_args confusion for script funcs
2022-11-01 08:55:14 +01:00
BTest updates for ZAM support of (optionally) keeping "assert" statements
2024-12-03 10:40:41 -07:00
Stmt: Introduce assert statement and related hooks
2023-06-12 18:16:02 +02:00
update BIFs to_int() and to_count() to accept optional 'base' argument; allows more more exotic conversions from hex, octal, binary
2025-02-18 06:49:55 -06:00
Stmt: Introduce assert statement and related hooks
2023-06-12 18:16:02 +02:00
Stmt: Introduce assert statement and related hooks
2023-06-12 18:16:02 +02:00
Stmt: Introduce assert statement and related hooks
2023-06-12 18:16:02 +02:00
simplified "assert" by not trying to catch messages that themselves have errors
2024-12-02 10:37:10 -08:00
Stmt: Introduce assert statement and related hooks
2023-06-12 18:16:02 +02:00
Stmt: Introduce assert statement and related hooks
2023-06-12 18:16:02 +02:00
Stmt: Introduce assert statement and related hooks
2023-06-12 18:16:02 +02:00
Stmt: Introduce assert statement and related hooks
2023-06-12 18:16:02 +02:00
Stmt: Introduce assert statement and related hooks
2023-06-12 18:16:02 +02:00
BTest updates for ZAM support of (optionally) keeping "assert" statements
2024-12-03 10:40:41 -07:00
update BIFs to_int() and to_count() to accept optional 'base' argument; allows more more exotic conversions from hex, octal, binary
2025-02-18 06:49:55 -06:00
Stmt: Rework assertion hooks break semantics
2023-06-13 16:18:01 +02:00
Stmt: Introduce assert statement and related hooks
2023-06-12 18:16:02 +02:00
Stmt: Rework assertion hooks break semantics
2023-06-13 16:18:01 +02:00
simplified "assert" by not trying to catch messages that themselves have errors
2024-12-02 10:37:10 -08:00
Stmt: Rework assertion hooks break semantics
2023-06-13 16:18:01 +02:00
Stmt: Fix assert evaluating cond twice
2024-03-04 15:30:09 +01:00
update BIFs to_int() and to_count() to accept optional 'base' argument; allows more more exotic conversions from hex, octal, binary
2025-02-18 06:49:55 -06:00
BTest updates for ZAM support of (optionally) keeping "assert" statements
2024-12-03 10:40:41 -07:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
parse.y/directives: Reject directives as statements
2022-08-26 09:42:50 +02:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
parse: Support @if conditionals in record definitions
2024-01-08 15:21:48 +01:00
parse: Support @if conditionals in record definitions
2024-01-08 15:21:48 +01:00
parse: Support @if conditionals in record definitions
2024-01-08 15:21:48 +01:00
parse: Support @if conditionals in record definitions
2024-01-08 15:21:48 +01:00
parse: Support @if conditionals in record definitions
2024-01-08 15:21:48 +01:00
parse: Support @if conditionals in record definitions
2024-01-08 15:21:48 +01:00
parse: Support @if conditionals in record definitions
2024-01-08 15:21:48 +01:00
parse.y/directives: Reject directives as statements
2022-08-26 09:42:50 +02:00
parse.y/directives: Reject directives as statements
2022-08-26 09:42:50 +02:00
parse.y/directives: Reject directives as statements
2022-08-26 09:42:50 +02:00
parse.y/directives: Reject directives as statements
2022-08-26 09:42:50 +02:00
parse.y/directives: Reject directives as statements
2022-08-26 09:42:50 +02:00
GH-2034: Store module names and use them in lookups for ifdef
2022-08-05 15:36:21 +00:00
GH-2034: Store module names and use them in lookups for ifdef
2022-08-05 15:36:21 +00:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
improved error cascade for invalid attributes
2024-06-04 10:36:36 -07:00
Introduce special treatment for the blank identifier _
2022-10-24 10:36:01 +02:00
Introduce special treatment for the blank identifier _
2022-10-24 10:36:01 +02:00
Introduce special treatment for the blank identifier _
2022-10-24 10:36:01 +02:00
Introduce special treatment for the blank identifier _
2022-10-24 10:36:01 +02:00
Introduce special treatment for the blank identifier _
2022-10-24 10:36:01 +02:00
Introduce special treatment for the blank identifier _
2022-10-24 10:36:01 +02:00
Introduce special treatment for the blank identifier _
2022-10-24 10:36:01 +02:00
Introduce special treatment for the blank identifier _
2022-10-24 10:36:01 +02:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Cleanup unused baselines
2025-07-10 16:46:09 -04:00
Use one-based index in warning message
2025-03-28 14:09:11 +01:00
Cleanup unused baselines
2025-07-10 16:46:09 -04:00
updates for gen-C++ maintenance, including skipping some inappropriate tests
2022-08-01 16:47:17 -07:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
GH-2920: Don't warn on uninitialized container options
2023-04-13 09:05:17 -07:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Expr: Warn on count underflow for c -= 1 and c = c - 1
2022-11-30 10:08:52 +01:00
Allow delete statement for tables, sets and vectors
2024-02-21 18:00:00 +01:00
Allow delete statement for tables, sets and vectors
2024-02-21 18:00:00 +01:00
Replace all the Warning() calls after IsFieldDeprecated() over to Warn()
2022-09-03 19:15:47 +08:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Add enum value negative check
2024-09-17 12:04:19 -04:00
Spelling testing
2022-11-16 20:05:03 -05:00
Skip somer error reporting when the record type has errors
2023-01-27 20:49:22 +01:00
Support :: prefix to reference global namespace, deprecate GLOBAL::
2023-07-11 12:51:21 +02:00
Add timestamp to events.
2023-05-11 12:51:06 +02:00
Prevent event timestamps set to future
2025-04-11 13:06:33 +02:00
BTest updates in support of compiling-scripts-to-C++
2024-12-12 14:30:23 -08:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
GH-2669: Give script location for type clash in for-loop construction
2023-01-26 09:11:10 -07:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Skip somer error reporting when the record type has errors
2023-01-27 20:49:22 +01:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
Return an error if GLOBAL:: prefix is used
2024-08-07 11:58:22 -07:00
Support :: prefix to reference global namespace, deprecate GLOBAL::
2023-07-11 12:51:21 +02:00
Support :: prefix to reference global namespace, deprecate GLOBAL::
2023-07-11 12:51:21 +02:00
Support :: prefix to reference global namespace, deprecate GLOBAL::
2023-07-11 12:51:21 +02:00
Support :: prefix to reference global namespace, deprecate GLOBAL::
2023-07-11 12:51:21 +02:00
Support :: prefix to reference global namespace, deprecate GLOBAL::
2023-07-11 12:51:21 +02:00
Support :: prefix to reference global namespace, deprecate GLOBAL::
2023-07-11 12:51:21 +02:00
Support :: prefix to reference global namespace, deprecate GLOBAL::
2023-07-11 12:51:21 +02:00
Fix module-scoped type definitions that conflict with existing global ones
2022-08-08 15:30:34 -07:00
Tame error reporting and abort() for undefined types
2023-01-26 20:05:02 +01:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
Expr: Remove vector scalar operations
2023-03-20 21:35:48 +01:00
Remove deprecated Cluster::Node::interface field
2024-08-07 11:58:22 -07:00
Change table initialization deprecation to error
2023-06-14 10:07:23 -07:00
split basic "int" btests into main part versus now-separate overflow part
2022-09-16 16:49:22 -07:00
btest tweaks for recent changes
2022-09-16 17:04:06 -07:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Do not export locals
2025-02-12 13:49:12 -08:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Make break/next/continue outside loops an error (6.1 deprecation)
2023-06-14 10:07:22 -07:00
Make break/next/continue outside loops an error (6.1 deprecation)
2023-06-14 10:07:22 -07:00
Make break/next/continue outside loops an error (6.1 deprecation)
2023-06-14 10:07:22 -07:00
Make break/next/continue outside loops an error (6.1 deprecation)
2023-06-14 10:07:22 -07:00
Make break/next/continue outside loops an error (6.1 deprecation)
2023-06-14 10:07:22 -07:00
Make break/next/continue outside loops an error (6.1 deprecation)
2023-06-14 10:07:22 -07:00
Make break/next/continue outside loops an error (6.1 deprecation)
2023-06-14 10:07:22 -07:00
Make break/next/continue outside loops an error (6.1 deprecation)
2023-06-14 10:07:22 -07:00
Make break/next/continue outside loops an error (6.1 deprecation)
2023-06-14 10:07:22 -07:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
TableVal: Propagate &on_change attribute through copy()
2023-02-17 16:21:32 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Merge remote-tracking branch 'origin/topic/vern/bit-shift-fixes'
2022-08-03 09:56:55 -07:00
Expr/Val: Add support for in set[pattern]
2023-11-21 10:34:17 +01:00
Expr: Implement string in table[pattern] of X
2023-11-21 10:34:17 +01:00
Expr/Val: Add support for in set[pattern]
2023-11-21 10:34:17 +01:00
Expr: Implement string in table[pattern] of X
2023-11-21 10:34:17 +01:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
scan.l: Support @pragma, specifically push/pop ignore-deprecations
2023-04-05 10:24:30 +02:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
script optimization for record operations sourced (in part) from other records
2024-06-24 09:38:37 +02:00
Skip somer error reporting when the record type has errors
2023-01-27 20:49:22 +01:00
fix for crashes when record definitions repeat a field name
2023-01-10 13:56:47 -08:00
GH-2920: Don't warn on uninitialized container options
2023-04-13 09:05:17 -07:00
Type/is_supported_index_type: Deal with recursive record types
2023-02-17 17:35:05 +01:00
Type/is_supported_index_type: Deal with recursive record types
2023-02-17 17:35:05 +01:00
BTest updates in support of compiling-scripts-to-C++
2024-12-12 14:30:23 -08:00
Var: Fix null-pointer deref on redefinition of lambdas
2023-10-04 15:18:24 +02:00
Var: Fix null-pointer deref on redefinition of lambdas
2023-10-04 15:18:24 +02:00
Var: Fix null-pointer deref on redefinition of lambdas
2023-10-04 15:18:24 +02:00
Var: Fix null-pointer deref on redefinition of lambdas
2023-10-04 15:18:24 +02:00
Var: Fix null-pointer deref on redefinition of lambdas
2023-10-04 15:18:24 +02:00
Var: Fix null-pointer deref on redefinition of lambdas
2023-10-04 15:18:24 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
parse.y: Improve error reporting of type redef
2023-02-21 11:58:33 +01:00
parse.y: Improve error reporting of type redef
2023-02-21 11:58:33 +01:00
parse.y: Improve error reporting of type redef
2023-02-21 11:58:33 +01:00
parse.y: Improve error reporting of type redef
2023-02-21 11:58:33 +01:00
parse.y: Improve error reporting of type redef
2023-02-21 11:58:33 +01:00
parse.y: Improve error reporting of type redef
2023-02-21 11:58:33 +01:00
Change table initialization deprecation to error
2023-06-14 10:07:23 -07:00
Support JSON roundtripping via to_json()/from_json() for patterns
2024-07-02 14:46:16 -07:00
Fix &ordered attribute not preserved in table initializer assignments
2025-06-04 17:07:34 +08:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Fix port/enum values SizeOf not being a count
2024-09-17 10:55:45 -04:00
Fix smith-waterman sorting to follow correct Compare semantics
2023-04-30 11:54:08 -07:00
fix for needing to always flush optimization information for identifiers
2024-01-15 15:03:56 +01:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
Spelling testing
2022-11-16 20:05:03 -05:00
Support table deserialization in from_json()
2024-07-02 14:46:16 -07:00
Add &default_insert attribute for tables
2023-08-04 12:30:36 +02:00
Add &default_insert attribute for tables
2023-08-04 12:30:36 +02:00
Add &default_insert attribute for tables
2023-08-04 12:30:36 +02:00
Add &default_insert attribute for tables
2023-08-04 12:30:36 +02:00
Add &default_insert attribute for tables
2023-08-04 12:30:36 +02:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
Add &default_insert attribute for tables
2023-08-04 12:30:36 +02:00
Add &default_insert attribute for tables
2023-08-04 12:30:36 +02:00
CompositeHash: Skip record initialization when recovering vals
2023-09-08 13:02:34 +02:00
ID/Stmt: Introduce INIT_SKIP and use in ForStmt
2023-09-08 13:05:44 +02:00
ID/Stmt: Introduce INIT_SKIP and use in ForStmt
2023-09-08 13:05:44 +02:00
Fix &ordered attribute not preserved in table initializer assignments
2025-06-04 17:07:34 +08:00
Change table initialization deprecation to error
2023-06-14 10:07:23 -07:00
Reporter: Add ExprRuntimeWarning()
2022-11-29 15:28:58 +01:00
ensure that language tests pay attention to .stderr
2022-07-29 21:30:40 -07:00
update test suite to avoid GH-2385 problems, including incorrect typing
2022-12-04 17:56:30 -08:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
parse.y: Allow trailing commas for table, set, vector and record construction
2022-12-01 12:05:29 +01:00
GH-1344: Give better warning when using a type that doesn't exist
2022-07-29 12:38:25 -07:00
BTest updates for latest ZAM maintenance
2023-11-10 09:57:35 +01:00
Type coercion fix: transform +=/-= operators with arithmetic targets to explict assignments
2022-11-22 13:01:10 -08:00
Change from_json to return an error rather than print it.
2025-04-23 15:56:12 -07:00
Var/Func: Render function parameters using comma, not semicolon
2023-10-04 17:42:30 +02:00
Updates to BTest baselines due to previous BTest tweaks
2023-06-30 09:36:14 +02:00
parse.y: Make out-of-scope use errors
2023-03-20 21:35:48 +01:00
types: Fix table() resulting in table_type->IsSet() == true
2024-11-06 13:28:57 +01:00
updates for gen-C++ maintenance, including skipping some inappropriate tests
2022-08-01 16:47:17 -07:00
UsageAnalyzer: Collect identifiers found in attributes as seeds
2023-08-01 15:46:10 +02:00
UsageAnalyzer: Collect identifiers found in attributes as seeds
2023-08-01 15:46:10 +02:00
UsageAnalyzer: Collect identifiers found in attributes as seeds
2023-08-01 15:46:10 +02:00
Expr: Fix folding of pattern values to support == and !=
2024-12-16 10:56:02 +01:00
minor BTest reordering to diminish differences with script optimization
2023-09-01 12:17:06 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
stmt: Support iterating over vector values
2022-08-22 16:57:37 +02:00
CompositeHash: Skip record initialization when recovering vals
2023-09-08 13:02:34 +02:00
ID/Stmt: Introduce INIT_SKIP and use in ForStmt
2023-09-08 13:05:44 +02:00
BTest to check for invalid negative vector indices
2023-06-14 17:35:08 -07:00
Fix conversion with record types
2023-08-10 13:42:23 -07:00
Add conversion between set and vector using 'as' keyword
2023-08-09 14:41:54 -07:00
BTest updates for ZAM regularization changes
2024-08-16 11:18:58 +02:00
Expr: Handle TYPE_VOID in SizeExpr and AssignExpr::Typecheck()
2024-03-07 11:24:28 +01:00
Expr: Handle TYPE_VOID in SizeExpr and AssignExpr::Typecheck()
2024-03-07 11:24:28 +01:00
Expr: Handle TYPE_VOID in SizeExpr and AssignExpr::Typecheck()
2024-03-07 11:24:28 +01:00
Expr: Handle TYPE_VOID in SizeExpr and AssignExpr::Typecheck()
2024-03-07 11:24:28 +01:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
Expr: Handle TYPE_VOID in SizeExpr and AssignExpr::Typecheck()
2024-03-07 11:24:28 +01:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
Merge remote-tracking branch 'origin/topic/vern/script-opt-maint.Aug24'
2024-07-24 11:18:18 +02:00
Stmt: Error on deprecated when/local usage
2023-03-20 21:35:53 +01:00
Updates to BTest baselines due to previous BTest tweaks
2023-06-30 09:36:14 +02:00
Check for valid identifier in WhenStmt::Describe
2024-04-10 16:20:36 -07:00
Fix for nested "when" statements leading to confusion over scoping
2023-07-05 17:10:38 -07:00
Updates to BTest baselines due to previous BTest tweaks
2023-06-30 09:36:14 +02:00
"add" and "delete" are now expressions rather than statements
2024-05-29 12:40:06 -07:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
BTests to catch regressions for recent ZAM fixes
2024-01-15 15:03:56 +01:00
fixes for ZAM's propagation of control flow information for some degenerate constructs
2024-11-08 15:34:21 +01:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
fixes for ZAM's propagation of control flow information for some degenerate constructs
2024-11-08 15:34:21 +01:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
script optimization for record operations sourced (in part) from other records
2024-06-24 09:38:37 +02:00
script optimization for record operations sourced (in part) from other records
2024-06-24 09:38:37 +02:00
script optimization for record operations sourced (in part) from other records
2024-06-24 09:38:37 +02:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
fix for ZAM optimization when an aggregate is modified inside of a loop
2025-05-09 15:01:55 -07:00
ZAM fixes for assignments involving "any" record fields
2024-11-11 09:19:54 +01:00
fixes for (mostly ZAM) vector operation issues found by ASAN
2024-11-11 09:19:54 +01:00
fix for error in ZAM's constant propagation logic
2025-07-04 16:05:46 -07:00
fix for ZAM optimization of assigning a record field to result of "in" operation
2024-12-17 19:49:43 -08:00
fixed incorrect ZAM optimization of expressions seen in single-statement inlined functions
2025-04-29 14:29:07 -07:00
fix for crash when interpreting transformed ASTs that include multi-field record assignments/additions
2025-05-30 09:44:26 -07:00
ZAM optimizer fix for += / -= set operations
2025-07-09 13:40:33 -07:00
fixes for (mostly ZAM) vector operation issues found by ASAN
2024-11-11 09:19:54 +01:00
BTests to catch regressions for recent ZAM fixes
2024-01-15 15:03:56 +01:00
BTests to catch regressions for recent ZAM fixes
2024-01-15 15:03:56 +01:00
BTests to catch regressions for recent ZAM fixes
2024-01-15 15:03:56 +01:00
Merge remote-tracking branch 'origin/topic/vern/zam-vector-loop-leak'
2024-11-08 15:32:57 +01:00
Add get_tags_by_category BIF method
2025-06-24 13:47:49 -07:00
btest/plugin: Add plugin testing enum identifiers
2025-04-04 15:36:42 +02:00
tests: Add regression tests for zeek/cmake#61
2023-02-24 19:37:52 +01:00
Spelling testing
2022-11-16 20:05:03 -05:00
ConnKey: Extend DoPopulateConnIdVal() with ctx
2025-07-03 18:19:46 +02:00
Sort streams in "-B help" output, and match case-insensitively throughout
2024-11-15 12:50:13 -08:00
plugin/Manager: Warn when plugin with the same name is found
2023-06-14 17:36:18 +02:00
scan.l: Fix @load-plugin scripts loading
2025-03-04 09:35:00 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest/plugins: Add a plugin testing Init and Done hooks
2024-11-22 13:37:03 +01:00
Add a new plugin test with verbose IO source output
2023-03-21 09:15:39 +01:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
Cleanup unused baselines
2025-07-10 16:46:09 -04:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest/plugin: Test for PublishEventHook()
2025-04-30 17:26:33 +02:00
Cleanup unused baselines
2025-07-10 16:46:09 -04:00
Add STORAGE_ prefixes for backends and serializers
2025-04-14 10:11:13 -07:00
Spelling testing
2022-11-16 20:05:03 -05:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Add extract_limit_includes_missing option for file extraction
2023-09-14 12:11:42 -07:00
signatures: Fix ISO 9960 signature
2024-02-22 12:37:40 +01:00
test-all-policy: Do not load iso-9660.zeek
2024-02-26 17:58:26 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Change x509 not_before/not_after to not be based on local timezone
2025-06-18 13:21:35 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
btest/files/x509/files: Sort analyzers in baseline
2025-04-10 15:02:44 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
packet_analysis: Introduce PacketAnalyzer::__disable_analyzer()
2022-09-30 09:27:22 +02:00
DPD: change policy script for service violation logging; add NEWS
2025-02-06 18:56:30 +00:00
Fix policy/protocols/conn/failed-service-logging.zeek
2025-05-06 13:37:12 +01:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Add two protocol mismatch testcases
2025-03-04 15:38:20 +00:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
ip4_hdr: Add DF, MF, offset and sum fields
2023-04-29 17:09:43 +02:00
btest/frameworks/cluster: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/cluster: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/cluster: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
cluster/logger: Fix leftover-log-rotation in multi-logger setups
2023-06-13 10:47:20 +02:00
broker/messaging: Runtime type checks for pool
2023-04-19 19:30:46 +02:00
btest/frameworks/cluster: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/cluster: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/cluster: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/cluster: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/cluster: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
btest/frameworks/config: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/config: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
testing/missing-enum-value: redef exit_only_after_terminate=T
2022-07-29 18:22:03 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Update btest baselines to reflect the use of local address ranges.
2023-03-15 17:11:04 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Update btest baselines to reflect the use of local address ranges.
2023-03-15 17:11:04 -07:00
Update btest baselines to reflect the use of local address ranges.
2023-03-15 17:11:04 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Update btest baselines to reflect the use of local address ranges.
2023-03-15 17:11:04 -07:00
files.log: Unroll and introduce uid and id fields
2022-08-16 17:22:20 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
input/Manager: Ignore empty record types
2025-07-03 18:21:15 +02:00
input/Manager: Improve type checks of record fields with type any
2024-07-19 11:35:54 +02:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
Merge remote-tracking branch 'amazing-pp/topic/fupeng/from_json_bif'
2023-05-09 10:36:58 +02:00
input: Add location info for invalid enums
2022-11-29 12:36:11 +01:00
Fix input error test nondeterminism
2024-10-02 13:26:41 -04:00
Better input framework error messages for unset non-optionals
2023-07-21 15:11:31 +01:00
Better input framework error messages for unset non-optionals
2023-07-21 15:11:31 +01:00
input: Add location info for invalid enums
2022-11-29 12:36:11 +01:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
input/Raw: Rework GetLine()
2024-10-09 14:21:07 -07:00
input/Raw: Rework GetLine()
2024-10-09 14:21:07 -07:00
input/Raw: Rework GetLine()
2024-10-09 14:21:07 -07:00
input/Raw: Rework GetLine()
2024-10-09 14:21:07 -07:00
btest/input/raw: Fix reread test
2023-05-22 11:06:54 +02:00
input/Raw: Avoid reading file twice in MODE_REREAD
2023-05-22 11:06:25 +02:00
Spelling testing
2022-11-16 20:05:03 -05:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
intel: Add indicator_inserted and indicator_removed hooks
2025-06-02 09:50:48 +02:00
intel: Add indicator_inserted and indicator_removed hooks
2025-06-02 09:50:48 +02:00
btest/frameworks/intel: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/intel: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/intel: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/intel: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
Intel: Introduce Intel::seen_policy() hook
2024-01-25 12:22:47 +01:00
Intel: Introduce Intel::seen_policy() hook
2024-01-25 12:22:47 +01:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
logging/ascii/json: Make TS_MILLIS signed, add TS_MILLIS_UNSIGNED
2025-05-30 17:23:29 +02:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging/Manager: Implement DelayTokenType as an actual opaque
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Better error messages for invalid Log::delay() calls
2023-11-29 11:53:11 +01:00
logging: Better error messages for invalid Log::delay() calls
2023-11-29 11:53:11 +01:00
logging: Better error messages for invalid Log::delay() calls
2023-11-29 11:53:11 +01:00
logging/Manager: Implement DelayTokenType as an actual opaque
2023-11-29 11:53:11 +01:00
logging/Manager: Implement DelayTokenType as an actual opaque
2023-11-29 11:53:11 +01:00
logging: Better error messages for invalid Log::delay() calls
2023-11-29 11:53:11 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Implement get_delay_queue_size()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
logging: Introduce Log::delay() and Log::delay_finish()
2023-11-29 11:53:11 +01:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
added a space when rendering some expressions so they're more readable
2024-05-29 12:40:05 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
logging: Add event_groups to Stream
2022-12-09 16:59:36 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
btest/frameworks/logging: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/logging: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Tighten the scripts.base.frameworks.logging.hooks test
2023-02-01 15:12:20 -08:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
Remove LogAscii::logdir (6.1 deprecation)
2023-06-14 10:07:22 -07:00
logging/Manager: Fix crash for rotation format function not returning
2023-04-13 09:23:51 +02:00
logging/Ascii: Fix abort() for non-existing postrotation functions
2025-06-16 14:55:49 +02:00
logging: Support rotation_postprocessor_command_env
2023-04-17 13:10:14 +00:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
Test synchronous/journal mode options for SQLite log writer
2024-11-26 12:26:38 +00:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
Move telmetry label names out of opts records, into main metric records
2024-06-04 14:14:58 -07:00
Increase size of proto fields to uint16_t, add common default value
2024-11-13 11:25:46 -07:00
BTest baseline update for more complete function/lambda names
2024-09-27 14:16:10 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Netcontrol: add rule_added_policy
2024-02-05 18:52:27 +00:00
logging: Dedicated log flush timer
2024-09-27 15:30:35 +02:00
btest/frameworks/notice: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
analyzer/files: handle non-analyzer names in describe_file()
2022-12-06 11:17:30 +01:00
btest/frameworks/notice: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest remaining: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
Completely rework return values from storage operations
2025-03-18 10:20:33 -07:00
Completely rework return values from storage operations
2025-03-18 10:20:33 -07:00
Completely rework return values from storage operations
2025-03-18 10:20:33 -07:00
Redis: Add support for sending AUTH commands during connection
2025-06-03 11:38:38 -07:00
Completely rework return values from storage operations
2025-03-18 10:20:33 -07:00
Update redis btest baselines
2025-06-03 13:37:03 -07:00
Redis: Fix sync erase, add btest for it
2025-03-18 10:20:34 -07:00
Redis: return proper error if connection fails
2025-05-23 12:13:13 -07:00
Redis: Fix thread-contention issues with Expire(), add more tests
2025-03-18 10:20:33 -07:00
Redis: Fix thread-contention issues with Expire(), add more tests
2025-03-18 10:20:33 -07:00
Update redis btest baselines
2025-06-03 13:37:03 -07:00
Add busy_timeout script-level option, override any busy_timeout pragma
2025-06-05 10:21:50 -07:00
Completely rework return values from storage operations
2025-03-18 10:20:33 -07:00
Allow sync methods to be called from when conditions, add related btest
2025-03-18 10:20:34 -07:00
Add expiration to sqlite-cluster.btest
2025-06-05 10:21:50 -07:00
Prefix sqlite-based btests with sqlite- to match redis tests
2025-05-21 09:38:27 -07:00
Add Storage::is_connected BIF
2025-05-07 08:13:16 -07:00
SQLite: Reset expiration time on overwrite
2025-06-30 14:41:10 -07:00
Make PUT on SQLite backend implicitly overwrite expired entries
2025-07-15 15:50:43 -07:00
Prefix sqlite-based btests with sqlite- to match redis tests
2025-05-21 09:38:27 -07:00
btest/frameworks/sumstats: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/sumstats: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
sumstat/non-cluster: Move last epoch processing to zeek_done()
2024-11-18 15:58:01 +01:00
btest/frameworks/sumstats: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
Spelling testing
2022-11-16 20:05:03 -05:00
btest/frameworks/sumstats: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/sumstats: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/sumstats: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/frameworks/sumstats: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
Add extra metrics to session_mgr
2024-08-05 13:21:44 -07:00
Change all instruments to only handle doubles
2024-05-31 13:36:37 -07:00
Change all instruments to only handle doubles
2024-05-31 13:36:37 -07:00
Bump broker submodule
2025-04-23 14:27:43 +02:00
telemetry: Run callbacks at collect time
2025-03-26 12:07:27 +01:00
telemetry: Invoke Telemetry::sync() only at scrape/collection time
2024-10-22 18:49:11 +02:00
telemetry: Invoke Telemetry::sync() only at scrape/collection time
2024-10-22 18:49:11 +02:00
telemetry: Invoke Telemetry::sync() only at scrape/collection time
2024-10-22 18:49:11 +02:00
Remove unneeded @loads from base/misc/version.zeek
2024-12-06 15:18:05 -08:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
dce-rpc: Test cases for unbounded state growth
2023-06-30 15:14:35 +02:00
dce-rpc: Test cases for unbounded state growth
2023-06-30 15:14:35 +02:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest remaining: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
DNS/dns_binds_rr: Fix complte to complete typo, switch to count
2024-12-09 19:02:28 +01:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
DNS: Add Ed25519 and Ed448 enum values to parser
2023-11-17 19:56:47 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
Add weird for unhandled opcodes in DNS analyzer
2024-09-04 13:01:24 -07:00
Raise warnings when for DNS events that are not raised due to dns_skip_all_addl
2025-01-07 17:46:27 +00:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
Parse DNSSEC AD and CD bits
2023-03-13 14:35:06 -07:00
Spelling testing
2022-11-16 20:05:03 -05:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
DNS: Implement NAPTR RR support
2025-06-24 17:43:27 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
Spelling testing
2022-11-16 20:05:03 -05:00
Add DNS TKEY event
2024-08-16 10:20:42 -04:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
ftp/main: Skip get_pending_command() for intermediate reply lines
2023-03-23 13:50:36 +01:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
ftp/main: Skip get_pending_command() for intermediate reply lines
2023-03-23 13:50:36 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
btest/http: Explain switching-protocols test change as comment
2024-01-22 18:54:38 +01:00
HTTP: Make Content-Range parsing more robust
2023-03-13 18:00:39 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
http: Heuristic around rejecting malformed HTTP/0.9 traffic
2022-11-18 18:19:58 +01:00
MIME: Cap nested MIME analysis depth to 100
2024-01-17 10:18:13 -07:00
HTTP: Implement FlipRoles()
2024-07-04 11:38:33 +02:00
HTTP: Implement FlipRoles()
2024-07-04 11:38:33 +02:00
Add weird for unknown HTTP/0.9 request method
2023-03-10 15:45:11 -07:00
http: Prevent request/response de-synchronization and unbounded state growth
2023-08-28 15:02:58 +02:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
http: fix password capture when enabled
2024-08-28 21:44:39 +02:00
Merge branch 'master' of https://github.com/progmboy/zeek
2023-06-27 18:21:34 +02:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
http: Prevent request/response de-synchronization and unbounded state growth
2023-08-28 15:02:58 +02:00
Ignore case when matching prefix in http analyzer
2025-04-25 10:33:11 -07:00
Add weird for unknown HTTP/0.9 request method
2023-03-10 15:45:11 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
http: Prevent request/response de-synchronization and unbounded state growth
2023-08-28 15:02:58 +02:00
http: Prevent script errors when http$current_entity is not set
2022-09-26 10:18:24 +02:00
Special case HTTP 0.9 early on
2023-03-10 09:52:34 -07:00
btest/http: Demo StreamEvent analyzer with HTTP::upgrade_analyzers
2024-12-06 16:12:40 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Add a revised script for detecting HTTP SQL injection, deprecate original
2025-05-20 16:24:20 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Expose PA_ENC_TIMESTAMP to script land
2022-12-02 15:43:19 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
ldap: Add Sicily Authentication constants
2025-04-15 20:10:56 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest/ldap: Add regression test for #3919
2024-09-06 19:16:49 +02:00
ldap: Fix substring filter parsing and rendering
2024-01-05 16:06:23 +01:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
ldap: Use scalar values in logs where appropriate
2024-01-03 11:57:31 +01:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Fix issues with Modbus message logging
2024-10-30 13:12:27 +01:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
Fix issues with Modbus message logging
2024-10-30 13:12:27 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
mysql: Add mysql_auth_plugin, mysql_auth_more_data and mysql_auth_switch_request events
2024-07-25 11:53:41 +02:00
mysql: Add mysql_auth_plugin, mysql_auth_more_data and mysql_auth_switch_request events
2024-07-25 11:53:41 +02:00
mysql: Handle server connection phase separately from command phase
2024-08-13 22:06:25 +02:00
mysql: Implement and test COM_CHANGE_USER
2024-08-14 10:20:01 +02:00
mysql: Implement and test COM_CHANGE_USER
2024-08-14 10:20:01 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
mysql: Support non-string query attributes
2024-07-25 11:53:41 +02:00
testing/mysql: Add traces recorded with a free-tier MySQL instance
2023-01-27 10:59:23 +01:00
Add support for "auth switch" and "query attrs"
2024-07-25 11:53:40 +02:00
mysql: Support non-string query attributes
2024-07-25 11:53:41 +02:00
MySQL: Fix endianness, introduce mysql_eof() event
2023-01-27 10:59:23 +01:00
MySQL: Fix endianness, introduce mysql_eof() event
2023-01-27 10:59:23 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
postgresql: Initial parser implementation
2024-09-06 16:10:48 +02:00
Merge remote-tracking branch 'origin/master' into topic/johanna/dpd-changes
2025-02-05 09:31:16 +00:00
Merge remote-tracking branch 'origin/master' into topic/johanna/dpd-changes
2025-02-05 09:31:16 +00:00
QUIC: Do not consume EncryptedLongPacketPayload
2025-05-05 14:34:11 +02:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
QUIC: Use initial destination conn_id for decryption
2025-05-05 14:34:11 +02:00
QUIC: Do not consume EncryptedLongPacketPayload
2025-05-05 14:34:11 +02:00
Merge remote-tracking branch 'origin/master' into topic/johanna/dpd-changes
2025-02-05 09:31:16 +00:00
Merge remote-tracking branch 'origin/master' into topic/johanna/dpd-changes
2025-02-05 09:31:16 +00:00
Merge remote-tracking branch 'origin/master' into topic/johanna/dpd-changes
2025-02-05 09:31:16 +00:00
Merge remote-tracking branch 'origin/master' into topic/johanna/dpd-changes
2025-02-05 09:31:16 +00:00
QUIC: Do not consume EncryptedLongPacketPayload
2025-05-05 14:34:11 +02:00
quic: Bump maximum history length, make configurable
2023-10-20 20:42:30 +02:00
Merge remote-tracking branch 'origin/master' into topic/johanna/dpd-changes
2025-02-05 09:31:16 +00:00
QUIC: Handle CRYPTO frames across multiple INITIAL packets
2025-05-05 14:34:11 +02:00
QUIC: Handle CRYPTO frames across multiple INITIAL packets
2025-05-05 14:34:11 +02:00
quic: Log client's source connection id, too.
2024-01-30 21:46:38 +01:00
Merge remote-tracking branch 'origin/master' into topic/johanna/dpd-changes
2025-02-05 09:31:16 +00:00
QUIC: Do not consume EncryptedLongPacketPayload
2025-05-05 14:34:11 +02:00
Merge remote-tracking branch 'origin/master' into topic/johanna/dpd-changes
2025-02-05 09:31:16 +00:00
Merge remote-tracking branch 'origin/master' into topic/johanna/dpd-changes
2025-02-05 09:31:16 +00:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
RDP: cookie is optional
2025-03-04 13:38:01 +00:00
Add test for new handling of unknown RDP keyboards
2023-01-23 13:01:48 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
spicy-redis: Separate error replies from success
2025-05-27 09:31:25 -04:00
Handle more Redis RESP3 protocol pieces
2025-07-01 14:14:15 -04:00
spicy-redis: Separate error replies from success
2025-05-27 09:31:25 -04:00
spicy-redis: Add synchronization and pipeline support
2025-05-27 09:28:12 -04:00
spicy-redis: Separate error replies from success
2025-05-27 09:31:25 -04:00
spicy-redis: Separate error replies from success
2025-05-27 09:31:25 -04:00
spicy-redis: Separate error replies from success
2025-05-27 09:31:25 -04:00
spicy-redis: Separate error replies from success
2025-05-27 09:31:25 -04:00
spicy-redis: Separate error replies from success
2025-05-27 09:31:25 -04:00
spicy-redis: Separate error replies from success
2025-05-27 09:31:25 -04:00
spicy-redis: Separate error replies from success
2025-05-27 09:31:25 -04:00
spicy-redis: Separate error replies from success
2025-05-27 09:31:25 -04:00
Handle more Redis RESP3 protocol pieces
2025-07-01 14:14:15 -04:00
Handle more Redis RESP3 protocol pieces
2025-07-01 14:14:15 -04:00
spicy-redis: Add synchronization and pipeline support
2025-05-27 09:28:12 -04:00
spicy-redis: Abort parsing if server data comes first
2025-05-27 09:28:12 -04:00
Add Redis analyzer array stringification
2025-07-01 10:23:57 -04:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Update btest baselines to reflect the use of local address ranges.
2023-03-15 17:11:04 -07:00
Allow SMB_TCP record to contain multiple protocol identifiers/headers
2024-04-22 15:55:25 -07:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Fix handling of zero-length SMB2 error responses
2024-07-24 12:44:46 -07:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Update btest baselines to reflect the use of local address ranges.
2023-03-15 17:11:04 -07:00
smtp: Fix last_reply column in smtp.log for BDAT LAST
2025-06-06 10:40:49 +02:00
smtp: Fix last_reply column in smtp.log for BDAT LAST
2025-06-06 10:40:49 +02:00
btest/smtp/bdat: Move tests into proper directory
2024-01-23 21:49:50 +01:00
btest/smtp/bdat: Move tests into proper directory
2024-01-23 21:49:50 +01:00
BDAT: Harden parse_bdat_arg()
2024-01-23 21:49:50 +01:00
smtp: Fix last_reply column in smtp.log for BDAT LAST
2025-06-06 10:40:49 +02:00
smtp: Fix last_reply column in smtp.log for BDAT LAST
2025-06-06 10:40:49 +02:00
btest/smtp/bdat: Move tests into proper directory
2024-01-23 21:49:50 +01:00
smtp: Fix last_reply column in smtp.log for BDAT LAST
2025-06-06 10:40:49 +02:00
smtp: Validate mail transaction and disable SMTP analyzer if excessive
2023-03-27 18:41:47 +02:00
smtp: Validate mail transaction and disable SMTP analyzer if excessive
2023-03-27 18:41:47 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Remove non-standard way of forwarding out of the Ethernet analyzer
2023-04-25 12:29:55 -07:00
Make SNAP analyzer use both OUI and protocol for forwarding
2025-03-24 15:20:50 -07:00
Add test for TCP over 802.3/SNAP
2024-10-31 14:37:44 +00:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
socks/dpd: Fix socks5_server side signature
2023-06-05 13:54:47 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
SSH: make banner parsing more robust
2025-03-18 16:19:33 +00:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Added several events for detailed info on the SSH2 key init directions
2022-12-05 12:35:05 +01:00
Added several events for detailed info on the SSH2 key init directions
2022-12-05 12:35:05 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
SSL/TLS: Parse CertificateRequest message
2023-03-09 09:12:29 +01:00
Fix parsing of version field in SSLv2 client hello
2024-08-22 13:14:24 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Make ssl_history work for SSLv2 handshakes/connections
2024-08-13 18:03:06 +01:00
ssl: Prevent unbounded ssl_history growth
2023-10-25 09:35:45 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Only pass session ticket data in ssl_session_ticket_handshake event
2025-06-24 16:33:14 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
SSL: do not try to disable failed analyzer
2023-05-03 11:16:14 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
SSL: Add new extension types and ECH test
2023-10-30 14:19:16 +00:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
websocket: Address review feedback for BinPac code
2024-01-22 18:54:41 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
websocket: Fix opcode for continuation frames
2024-01-24 22:57:24 +01:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
websocket: Verify Sec-WebSocket-Key/Accept headers and review feedback
2024-01-22 18:54:38 +01:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
websocket: Handle breaking from WebSocket::configure_analyzer()
2024-01-22 18:54:41 +01:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
Merge remote-tracking branch 'origin/topic/awelzel/3424-http-upgrade-websocket-v1'
2024-01-23 18:17:50 +01:00
Make conn.log service field ordered
2025-01-30 16:59:44 +00:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Add is_valid_subnet BiF
2025-03-18 20:25:32 -07:00
Update btest baselines to reflect the use of local address ranges.
2023-03-15 17:11:04 -07:00
UPDATED: improving email address splitting for common comma case
2022-08-05 17:38:54 -04:00
{http,smtp}/entities: Align header regexes with extract_filename_from_content_disposition()
2022-11-08 16:45:25 -07:00
Improvements in FNV1A hash functions
2024-10-22 16:07:12 +02:00
Change all instruments to only handle doubles
2024-05-31 13:36:37 -07:00
Add interval_as_double argument to control how intervals are converted to JSON
2024-12-03 09:26:08 -07:00
utils: Introduce packages.zeek with can_load() helper
2024-02-22 11:41:50 +01:00
GH-2319: Add change handlers to Site
2022-08-05 16:17:50 +02:00
Add btests for new Site::local_nets behavior
2023-03-15 17:11:08 -07:00
Add btests for new Site::local_nets behavior
2023-03-15 17:11:08 -07:00
Add btests for new Site::local_nets behavior
2023-03-15 17:11:08 -07:00
Add btests for new Site::local_nets behavior
2023-03-15 17:11:08 -07:00
Add btests for new Site::local_nets behavior
2023-03-15 17:11:08 -07:00
Add btests for new Site::local_nets behavior
2023-03-15 17:11:08 -07:00
Add btests for new Site::local_nets behavior
2023-03-15 17:11:08 -07:00
Add btests for new Site::local_nets behavior
2023-03-15 17:11:08 -07:00
Add btests for new Site::local_nets behavior
2023-03-15 17:11:08 -07:00
strings: Implement join_string_set() as bif
2022-09-20 23:07:26 +02:00
Update btest baselines to reflect the use of local address ranges.
2023-03-15 17:11:04 -07:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
btest/policy: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
btest/policy: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
Add cluster_started restart tests.
2023-04-21 19:04:52 +02:00
Add cluster_started restart tests.
2023-04-21 19:04:52 +02:00
Add a VLAN-aware flow tuple implementation.
2025-06-25 13:19:26 +02:00
ip/vlan_fivetuple: Populate nested conn_id_context, not conn_id
2025-07-03 18:19:46 +02:00
Add a VLAN-aware flow tuple implementation.
2025-06-25 13:19:26 +02:00
ip/vlan_fivetuple: Populate nested conn_id_context, not conn_id
2025-07-03 18:19:46 +02:00
ip/vlan_fivetuple: Populate nested conn_id_context, not conn_id
2025-07-03 18:19:46 +02:00
ip/vlan_fivetuple: Populate nested conn_id_context, not conn_id
2025-07-03 18:19:46 +02:00
ip/vlan_fivetuple: Populate nested conn_id_context, not conn_id
2025-07-03 18:19:46 +02:00
ip/vlan_fivetuple: Populate nested conn_id_context, not conn_id
2025-07-03 18:19:46 +02:00
ip/vlan_fivetuple: Populate nested conn_id_context, not conn_id
2025-07-03 18:19:46 +02:00
Introduce generic analyzer_confirmation_info and analyzer_violation_info
2022-09-27 17:49:51 +02:00
intel/seen/file-names: Use file_over_new_connection()
2023-01-10 10:10:28 +01:00
intel/seen/file-names: Use file_over_new_connection()
2023-01-10 10:10:28 +01:00
intel/seen/manage-event-groups: Policy script for toggling intel event groups
2025-06-02 09:51:14 +02:00
performance speed-up for SMB base scripts
2024-04-25 09:15:12 -07:00
btest/policy: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
policy/community-id: Populate conn$community_id in new_connection()
2024-11-08 18:19:55 +01:00
Merge remote-tracking branch 'origin/topic/jazoff/gh-3268t '
2023-09-04 14:01:23 +02:00
misc/stats: Add zeek_net_timestamp_seconds
2024-10-22 18:49:17 +02:00
Remove prefix column from telemetry.log
2024-06-04 14:14:58 -07:00
telemetry: Rename endpoint label to node label
2025-06-25 09:33:01 +02:00
GH-163: Use ID name (including module name) to create EventExpr when possible
2022-08-17 13:15:01 -07:00
SMTP: Adapt scripts for enable_rfc822_msg_file_analysis
2025-07-16 12:37:33 +02:00
btest/policy: Use generic cluster-layout.zeek
2025-05-20 20:30:01 +02:00
policy: Import zeek-community-id scripts into protocols/conn frameworks/notice
2023-04-24 09:43:19 +02:00
policy/community-id: Populate conn$community_id in new_connection()
2024-11-08 18:19:55 +01:00
Add btests for ip_proto policy files
2024-11-15 16:49:10 -07:00
Modify known-services policy script to add storage framework support
2025-07-10 08:55:01 -07:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
Update btests for new local-only subnets
2025-01-09 22:16:42 -07:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
IPv6 support for detect-external-names and testcase
2025-02-04 17:34:43 +00:00
IPv6 support for detect-external-names and testcase
2025-02-04 17:34:43 +00:00
dns: Remove AD and CD flags from log
2023-03-16 10:09:27 +01:00
ftp/main: Skip get_pending_command() for intermediate reply lines
2023-03-23 13:50:36 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
SSL/TLS: Parse CertificateRequest message
2023-03-09 09:12:29 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Default canonifier change to only remove first timestamp in line
2025-06-18 15:41:48 +01:00
Fix parsing of version field in SSLv2 client hello
2024-08-22 13:14:24 +01:00
rule-parse: Remove [event_name] syntax, deprecate msg as identifier
2023-12-14 10:16:35 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
signatures: Add data_end_offset to signature_match() and custom events
2024-10-30 13:29:58 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Rename protocol_id field to ip_proto and similar renaming for name field
2024-11-13 12:02:00 -07:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Test how the signature framework matches HTTP body
2023-11-03 15:28:15 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Add is_used attribute to an ID if used in a signature eval statement
2022-08-31 14:58:23 -07:00
Attr: Duplicated &is_used is allowed
2022-12-02 17:15:05 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Order rule traversal in RuleMatcher::Match() operations by Rule index
2024-11-18 09:45:09 -08:00
signatures: Add data_end_offset to signature_match() and custom events
2024-10-30 13:29:58 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Add spicy runtime-support current_analyzer_id(), use it to set id in events
2024-12-18 15:44:09 -07:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Bump Spicy to current main.
2024-01-29 09:59:46 +01:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Port Spicy integration to new AST API.
2024-03-04 15:48:39 +01:00
Port Spicy integration to new AST API.
2024-03-04 15:48:39 +01:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Spicy: Rework code for converting Spicy values to Zeek values.
2025-04-02 17:45:19 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Spicy: Improve error messages reporting malformed unit names in EVT files.
2024-11-08 13:44:09 +01:00
Spicy: Improve error messages reporting malformed unit names in EVT files.
2024-11-08 13:44:09 +01:00
Spicy: Improve error messages reporting malformed unit names in EVT files.
2024-11-08 13:44:09 +01:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Spicy: Fix support for exporting bitfields.
2023-09-21 09:55:12 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Spicy: Map Spicy's Protocol enum to Zeek's transport_proto.
2024-04-29 08:38:53 +02:00
[Spicy] Support switch fields when exporting Spicy types to Zeek.
2023-07-06 08:40:54 +02:00
[Spicy] Extend functionality of export in EVT files.
2023-08-21 10:26:25 +02:00
Fix disappearing unit fields in Spicy type export.
2023-05-26 11:37:23 +02:00
Port Spicy integration to new AST API.
2024-03-04 15:48:39 +01:00
[Spicy] Extend functionality of export in EVT files.
2023-08-21 10:26:25 +02:00
Port Spicy integration to new AST API.
2024-03-04 15:48:39 +01:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Spicy: Query Zeek scriptland for file handles.
2024-05-06 09:20:38 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Move the options from policy/tuning/defaults to actual Zeek defaults, deprecate that package
2024-05-06 11:13:04 -07:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Spicy: Query Zeek scriptland for file handles.
2024-05-06 09:20:38 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Spicy: Provide runtime API to access Zeek-side globals.
2024-06-20 12:02:54 +02:00
Test .evt file &priority
2024-10-14 08:51:58 -04:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Do not automatically load Spicy modules in dot paths.
2023-09-26 11:56:52 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Fix packet analyzer replacement.
2024-05-06 09:45:11 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Settle on analyzer.log for the dpd.log replacement
2025-06-03 17:33:36 +01:00
Spicy: Register well-known ports through an event handler.
2024-08-22 10:24:55 +02:00
Spicy: Register well-known ports through an event handler.
2024-08-22 10:24:55 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Make ports for LDAP analyzers fully configurable
2023-10-10 18:28:13 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Spicy: Port over to Spicy's new tuple representation.
2025-04-02 14:14:26 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Spicy: Support UDP in Spicy's protocol_* runtime functions.
2024-05-07 18:19:46 +02:00
Spicy: Support UDP in Spicy's protocol_* runtime functions.
2024-05-07 18:19:46 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest/spicy: Make replaces-conflicts trigger replaces code path
2024-08-06 11:52:52 +02:00
Spicy: Disallow repeating replacements of the same analyzer.
2024-06-14 13:10:47 +02:00
Spicy: Disallow repeating replacements of the same analyzer.
2024-06-14 13:10:47 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Spicy: Provide zeek::skip_input() to disable deliver to current analyzer.
2023-11-09 10:43:49 +01:00
Spicy: Provide zeek::skip_input() to disable deliver to current analyzer.
2023-11-09 10:43:49 +01:00
Provide infrastructure to migrate legacy analyzers to Spicy.
2023-02-01 11:33:48 +01:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Analyzer failure logging: tweaks and test fixes
2025-06-03 15:56:42 +01:00
[Spicy] Let zeek::protocol_handle_close() send a TCP EOF.
2025-07-09 17:28:19 +02:00
Bump Spicy to pull in fix.
2025-05-28 15:50:47 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
Spicy: Port over to Spicy's new tuple representation.
2025-04-02 14:14:26 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
Integrate the Spicy plugin into Zeek proper.
2023-05-16 10:17:45 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
btest: Update tests and baselines after adding ctx to conn_id
2025-07-03 18:19:46 +02:00
spicy/manager: Ensure Zeekygen knows identifier for registered types
2023-10-11 13:31:20 +02:00
spicy/manager: Ensure Zeekygen knows identifier for registered types
2023-10-11 13:31:20 +02:00
cluster/supervisor: Multi-logger awareness
2023-05-05 12:27:25 +02:00
Add pcap_file option to supervised nodes.
2023-03-21 16:18:02 +01:00
Remove Supervisor::NodeConfig (6.1 deprecation)
2023-06-14 10:07:22 -07:00
Add pcap_file option to supervised nodes.
2023-03-21 16:18:02 +01:00
Remove deprecated Cluster::Node::interface field
2024-08-07 11:58:22 -07:00
Change all instruments to only handle doubles
2024-05-31 13:36:37 -07:00
Change all instruments to only handle doubles
2024-05-31 13:36:37 -07:00
Change all instruments to only handle doubles
2024-05-31 13:36:37 -07:00
cluster/zeromq: Fix node_topic() and nodeid_topic()
2025-03-24 18:36:26 +01:00
