Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-12 19:48:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/testing/btest/Baseline/scripts.base.frameworks.logging.dataseries.rotate/out
Robin Sommer a0575158ef DataSeries updates and fixes.
2012-05-04 21:58:39 -07:00

380 lines
12 KiB
Text
Raw Blame History

test.2011-03-07-03-00-05.ds test 11-03-07_03.00.05 11-03-07_04.00.05 0 dataseries
test.2011-03-07-04-00-05.ds test 11-03-07_04.00.05 11-03-07_05.00.05 0 dataseries
test.2011-03-07-05-00-05.ds test 11-03-07_05.00.05 11-03-07_06.00.05 0 dataseries
test.2011-03-07-06-00-05.ds test 11-03-07_06.00.05 11-03-07_07.00.05 0 dataseries
test.2011-03-07-07-00-05.ds test 11-03-07_07.00.05 11-03-07_08.00.05 0 dataseries
test.2011-03-07-08-00-05.ds test 11-03-07_08.00.05 11-03-07_09.00.05 0 dataseries
test.2011-03-07-09-00-05.ds test 11-03-07_09.00.05 11-03-07_10.00.05 0 dataseries
test.2011-03-07-10-00-05.ds test 11-03-07_10.00.05 11-03-07_11.00.05 0 dataseries
test.2011-03-07-11-00-05.ds test 11-03-07_11.00.05 11-03-07_12.00.05 0 dataseries
test.2011-03-07-12-00-05.ds test 11-03-07_12.00.05 11-03-07_12.59.55 1 dataseries
> test.2011-03-07-03-00-05.ds
# Extent Types ...
<ExtentType name="DataSeries: ExtentIndex">
<field type="int64" name="offset" />
<field type="variable32" name="extenttype" />
</ExtentType>
<ExtentType name="DataSeries: XmlType">
<field type="variable32" name="xmltype" />
</ExtentType>
<ExtentType name="test" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1000" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
extent offset ExtentType
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
# Extent, type='test'
t id.orig_h id.orig_p id.resp_h id.resp_p
1.299467e+09 10.0.0.1 20 10.0.0.2 1024
1.299471e+09 10.0.0.2 20 10.0.0.3 0
# Extent, type='DataSeries: ExtentIndex'
offset extenttype
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
> test.2011-03-07-04-00-05.ds
# Extent Types ...
<ExtentType name="DataSeries: ExtentIndex">
<field type="int64" name="offset" />
<field type="variable32" name="extenttype" />
</ExtentType>
<ExtentType name="DataSeries: XmlType">
<field type="variable32" name="xmltype" />
</ExtentType>
<ExtentType name="test" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1000" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
extent offset ExtentType
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
# Extent, type='test'
t id.orig_h id.orig_p id.resp_h id.resp_p
1.29947e+09 10.0.0.1 20 10.0.0.2 1025
1.299474e+09 10.0.0.2 20 10.0.0.3 1
# Extent, type='DataSeries: ExtentIndex'
offset extenttype
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
> test.2011-03-07-05-00-05.ds
# Extent Types ...
<ExtentType name="DataSeries: ExtentIndex">
<field type="int64" name="offset" />
<field type="variable32" name="extenttype" />
</ExtentType>
<ExtentType name="DataSeries: XmlType">
<field type="variable32" name="xmltype" />
</ExtentType>
<ExtentType name="test" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1000" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
extent offset ExtentType
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
# Extent, type='test'
t id.orig_h id.orig_p id.resp_h id.resp_p
1.299474e+09 10.0.0.1 20 10.0.0.2 1026
1.299478e+09 10.0.0.2 20 10.0.0.3 2
# Extent, type='DataSeries: ExtentIndex'
offset extenttype
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
> test.2011-03-07-06-00-05.ds
# Extent Types ...
<ExtentType name="DataSeries: ExtentIndex">
<field type="int64" name="offset" />
<field type="variable32" name="extenttype" />
</ExtentType>
<ExtentType name="DataSeries: XmlType">
<field type="variable32" name="xmltype" />
</ExtentType>
<ExtentType name="test" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1000" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
extent offset ExtentType
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
# Extent, type='test'
t id.orig_h id.orig_p id.resp_h id.resp_p
1.299478e+09 10.0.0.1 20 10.0.0.2 1027
1.299482e+09 10.0.0.2 20 10.0.0.3 3
# Extent, type='DataSeries: ExtentIndex'
offset extenttype
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
> test.2011-03-07-07-00-05.ds
# Extent Types ...
<ExtentType name="DataSeries: ExtentIndex">
<field type="int64" name="offset" />
<field type="variable32" name="extenttype" />
</ExtentType>
<ExtentType name="DataSeries: XmlType">
<field type="variable32" name="xmltype" />
</ExtentType>
<ExtentType name="test" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1000" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
extent offset ExtentType
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
# Extent, type='test'
t id.orig_h id.orig_p id.resp_h id.resp_p
1.299481e+09 10.0.0.1 20 10.0.0.2 1028
1.299485e+09 10.0.0.2 20 10.0.0.3 4
# Extent, type='DataSeries: ExtentIndex'
offset extenttype
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
> test.2011-03-07-08-00-05.ds
# Extent Types ...
<ExtentType name="DataSeries: ExtentIndex">
<field type="int64" name="offset" />
<field type="variable32" name="extenttype" />
</ExtentType>
<ExtentType name="DataSeries: XmlType">
<field type="variable32" name="xmltype" />
</ExtentType>
<ExtentType name="test" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1000" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
extent offset ExtentType
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
# Extent, type='test'
t id.orig_h id.orig_p id.resp_h id.resp_p
1.299485e+09 10.0.0.1 20 10.0.0.2 1029
1.299489e+09 10.0.0.2 20 10.0.0.3 5
# Extent, type='DataSeries: ExtentIndex'
offset extenttype
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
> test.2011-03-07-09-00-05.ds
# Extent Types ...
<ExtentType name="DataSeries: ExtentIndex">
<field type="int64" name="offset" />
<field type="variable32" name="extenttype" />
</ExtentType>
<ExtentType name="DataSeries: XmlType">
<field type="variable32" name="xmltype" />
</ExtentType>
<ExtentType name="test" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1000" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
extent offset ExtentType
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
# Extent, type='test'
t id.orig_h id.orig_p id.resp_h id.resp_p
1.299488e+09 10.0.0.1 20 10.0.0.2 1030
1.299492e+09 10.0.0.2 20 10.0.0.3 6
# Extent, type='DataSeries: ExtentIndex'
offset extenttype
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
> test.2011-03-07-10-00-05.ds
# Extent Types ...
<ExtentType name="DataSeries: ExtentIndex">
<field type="int64" name="offset" />
<field type="variable32" name="extenttype" />
</ExtentType>
<ExtentType name="DataSeries: XmlType">
<field type="variable32" name="xmltype" />
</ExtentType>
<ExtentType name="test" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1000" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
extent offset ExtentType
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
# Extent, type='test'
t id.orig_h id.orig_p id.resp_h id.resp_p
1.299492e+09 10.0.0.1 20 10.0.0.2 1031
1.299496e+09 10.0.0.2 20 10.0.0.3 7
# Extent, type='DataSeries: ExtentIndex'
offset extenttype
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
> test.2011-03-07-11-00-05.ds
# Extent Types ...
<ExtentType name="DataSeries: ExtentIndex">
<field type="int64" name="offset" />
<field type="variable32" name="extenttype" />
</ExtentType>
<ExtentType name="DataSeries: XmlType">
<field type="variable32" name="xmltype" />
</ExtentType>
<ExtentType name="test" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1000" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
extent offset ExtentType
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
# Extent, type='test'
t id.orig_h id.orig_p id.resp_h id.resp_p
1.299496e+09 10.0.0.1 20 10.0.0.2 1032
1.2995e+09 10.0.0.2 20 10.0.0.3 8
# Extent, type='DataSeries: ExtentIndex'
offset extenttype
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
> test.2011-03-07-12-00-05.ds
# Extent Types ...
<ExtentType name="DataSeries: ExtentIndex">
<field type="int64" name="offset" />
<field type="variable32" name="extenttype" />
</ExtentType>
<ExtentType name="DataSeries: XmlType">
<field type="variable32" name="xmltype" />
</ExtentType>
<ExtentType name="test" version="1.0" namespace="bro-ids.org">
<field type="double" name="t" pack_relative="t" pack_scale="1000" pack_scale_warn="no"/>
<field type="variable32" name="id.orig_h" pack_unique="yes"/>
<field type="int64" name="id.orig_p" />
<field type="variable32" name="id.resp_h" pack_unique="yes"/>
<field type="int64" name="id.resp_p" />
</ExtentType>
<!-- t : time -->
<!-- id.orig_h : addr -->
<!-- id.orig_p : port -->
<!-- id.resp_h : addr -->
<!-- id.resp_p : port -->
extent offset ExtentType
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
# Extent, type='test'
t id.orig_h id.orig_p id.resp_h id.resp_p
1.299499e+09 10.0.0.1 20 10.0.0.2 1033
1.299503e+09 10.0.0.2 20 10.0.0.3 9
# Extent, type='DataSeries: ExtentIndex'
offset extenttype
40 DataSeries: XmlType
372 test
484 DataSeries: ExtentIndex
Reference in a new issue View git blame Copy permalink