Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/testing
History
Arne Welzel 7fac5837c3 iosource/pcap: Support configurable buffer size 
On Linux with a default ext4 or tmpfs filesystem, the default buffer size for
reading a pcap is chosen as 4k (strace/gdb validated). When reading large pcaps
containing raw data transfers, the syscall overhead for read becomes visible
in profiles. Support configurability of the buffer size and default to 128kb.

When processing a ~830M PCAP (16 UDP connections, each transferring ~50MB) in
bare mode, this change improves runtime from 1.39 sec to 1.29 sec. Increasing
the buffer further didn't provide a noticeable boost.
2023-10-10 15:08:51 +02:00
..
benchmark/broker Port Zeek to latest Broker API 2022-04-27 23:02:27 +02:00
btest iosource/pcap: Support configurable buffer size 2023-10-10 15:08:51 +02:00
builtin-plugins Bump cmake submodule for 3.15 requirement 2023-10-09 16:23:12 +02:00
coverage Remove files in build/src/3rdparty from coverage reports 2023-02-09 12:04:53 -07:00
external Merge branch 'topic/awelzel/no-telemetry-log-in-external-baselines' 2023-08-30 11:25:39 +02:00
scripts pre-commit: autoupdate 2023-08-29 09:38:06 +02:00
.gitignore
CMakeLists.txt Integrate the Spicy plugin into Zeek proper. 2023-05-16 10:17:45 +02:00
Makefile
README

README 

This directory contains suites for testing for Zeek's correct
operation:

    btest/
        An ever-growing set of small unit tests testing Zeek's
        functionality.

    external/
        A framework for downloading additional test sets that run more
        complex Zeek configuration on larger traces files. Due to their
        size, these are not included directly. See the README for more
        information. 

    scripts/
        Helpers scripts used by some tests.