mirror of
https://github.com/zeek/zeek.git
synced 2025-10-03 15:18:20 +00:00
0bc7d0905e
This has come up a few times and the motivation is mainly better "first timer" experience with Zeek. Concretely, if one wants to run a Zeek cluster with multiple workers and reasonable load balancing on Linux, AF_PACKET is a decent start. Without AF_PACKET support being built into Zeek, however, a new user's next experience is that of setting up a development environment in order to compile an external plugin (think compiler, kernel headers, zkg, ...). Only to get what could be termed basic functionality. This is using the ZEEK_INCLUDE_PLUGINS infrastructure. I've used the all upper case spelling of AF_PACKET in the help output because it seems everyone else references/writes it like that. I think we should also write it like that in the docs. |
||
|---|---|---|
| .. | ||
| coverage-calc | ||
| diff-canonifier | ||
| diff-canonifier-external | ||
| diff-clean-doctest | ||
| diff-remove-abspath | ||
| diff-remove-fields | ||
| diff-remove-file-ids | ||
| diff-remove-fractions | ||
| diff-remove-openclose-timestamps | ||
| diff-remove-timestamps | ||
| diff-remove-timestamps-and-sort | ||
| diff-remove-uids | ||
| diff-remove-x509-key-info | ||
| diff-remove-x509-names | ||
| diff-sort | ||
| diff-sort-and-remove-abspath | ||
| diff-sort-conn-service | ||
| diff-sort-set-elements | ||
| external-ca-list.zeek | ||
| fake-sendmail | ||
| file-analysis-test.zeek | ||
| has-writer | ||
| have-af-packet | ||
| have-spicy | ||
| hilti-ignore-cxx-errors | ||
| httpd.py | ||
| rst-filter | ||
| snmp-test.zeek | ||
| update-external-repo-pointer.sh | ||
| wait-for-file | ||