mirror of
https://github.com/zeek/zeek.git
synced 2025-10-12 11:38:20 +00:00
a5e9a535a5
Broker had changed the semantics of remote logging: it sent over the
original Bro record containing the values to be logged, which on the
receiving side would then pass through the logging framework normally,
including triggering filters and events. The old communication system
however special-cases logs: it sends already processed log entries,
just as they go into the log files, and without any receiver-side
filtering etc. This more efficient as it short-cuts the processing
path, and also avoids the more expensive Val serialization. It also
lets the sender determine the specifics of what gets logged (and how).
This commit changes Broker over to now use the same semantics as the
old communication system.
TODOs:
- The new Broker code doesn't have consistent #ifdefs yet.
- Right now, when a new log receiver connects, all existing logs
are broadcasted out again to all current clients. That doesn't so
any harm, but is unncessary. Need to add a way to send the
existing logs to just the new client.
|
||
|---|---|---|
| .. | ||
| btest | ||
| external | ||
| scripts | ||
| .gitignore | ||
| Makefile | ||
| README | ||
This directory contains suites for testing for Bro's correct
operation:
btest/
An ever-growing set of small unit tests testing Bro's
functionality.
external/
A framework for downloading additional test sets that run more
complex Bro configuration on larger traces files. Due to their
size, these are not included directly. See the README for more
information.
scripts/
Helpers scripts used by some tests.