Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-11 02:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts
History
Robin Sommer cdadd934ce
[Spicy] Extend functionality of export in EVT files. 
We now support selecting which fields of a unit type get exported into
the automatically created Zeek record; as well as selecting which
fields get a `&log` attribute added automatically to either all fields
or to selected fields.

Syntax:

- To export only selected fields:

    export Foo::X with { field1, field3 };

- To export all but selected fields:

    export Foo::X without { field2, field3 };

- To `&log` all fields:

    export Foo::X &log;

- To `&log` only selected fields:

    export Foo::X with { field1 &log, field3 }; # exports (only) field1 and field3, and marks field1 for logging

Syntax is still subject to change.

Closes #3218.
Closes #3219.
2023-08-21 10:26:25 +02:00
..
base Pass parsed file record information with ReadFile/WriteFile events 2023-08-07 13:44:38 -07:00
policy telemetry: Disable metrics centralization by default 2023-06-21 20:13:55 +02:00
site telemetry: Disable metrics centralization by default 2023-06-21 20:13:55 +02:00
spicy [Spicy] Extend functionality of export in EVT files. 2023-08-21 10:26:25 +02:00
zeekygen Remove full scripts marked as 6.1 deprecations 2023-06-14 10:07:22 -07:00
CMakeLists.txt Use the same rules as cmake submodule to reformat Zeek 2023-05-09 08:31:43 -07:00
test-all-policy.zeek telemetry: Disable metrics centralization by default 2023-06-21 20:13:55 +02:00