Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/scripts/base
History
Arne Welzel 93813a5079 logging/ascii/json: Make TS_MILLIS signed, add TS_MILLIS_UNSIGNED 
It seems TS_MILLIS is specifically for Elasticsearch and starting with
Elasticsearch 8.2 epoch_millis does (again?) support negative epoch_millis,
so make Zeek produce that by default.

If this breaks a given deployment, they can switch Zeek back to TS_MILLIS_UNSIGNED.

https://discuss.elastic.co/t/migration-from-es-6-8-to-7-17-issues-with-negative-date-epoch-timestamp/335259
https://github.com/elastic/elasticsearch/pull/80208

Thanks for @timo-mue for reporting!

Closes #4494
2025-05-30 17:23:29 +02:00
..
files Copy timestamp from file object 2024-05-17 15:03:06 +02:00
frameworks cluster/websocket: Deprecate $listen_host, introduce $listen_addr 2025-05-30 11:02:41 +02:00
misc Fix errors from rst linting on the generated docs 2025-01-24 11:41:36 -07:00
packet-protocols Add analyzer registration from VLAN to VNTAG 2025-03-18 11:51:27 -07:00
protocols spicy-redis: Separate error replies from success 2025-05-27 09:31:25 -04:00
utils Fix errors from rst linting on the generated docs 2025-01-24 11:41:36 -07:00
init-bare.zeek logging/ascii/json: Make TS_MILLIS signed, add TS_MILLIS_UNSIGNED 2025-05-30 17:23:29 +02:00
init-default.zeek spciy-redis: Bring Redis analyzer into Zeek proper 2025-05-27 09:28:12 -04:00
init-frameworks-and-bifs.zeek Minor comment tweaks for init-frameworks-and-bifs.zeek 2024-10-18 09:56:29 -07:00
init-supervisor.zeek Establish a separate init script when using the supervisor 2021-07-08 13:12:53 -07:00