Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-11 19:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/policy
History
Jon Siwek d3f88ba9d1 Improve performance of MHR script, addresses BIT-1139. 
The MHR script involves a "when" statement which can be expensive due to
the way it clones frames/vals.  In this case, the fa_file record is
expensive to clone, but this change works around that by unrolling only
the necessary fields from it that are needed to populate a Notice::Info
record.  A drawback to this is that the full fa_file or connection
records aren't available in the Notice::Info record when evaluating
Notice::policy hooks for MHR hit notices (though they can possibly be
recovered by using e.g. the lookup_connection() builtin_function).
2014-03-11 13:18:14 -05:00
..
frameworks Improve performance of MHR script, addresses BIT-1139. 2014-03-11 13:18:14 -05:00
integration Add more script package README files 2013-10-22 14:44:59 -05:00
misc Merge branch 'topic/robin/event-dumper' 2013-12-04 12:13:07 -08:00
protocols Rewrite DNS state tracking which matches queries and replies. 2014-01-30 17:21:01 -06:00
tuning Add more script package README files 2013-10-23 16:36:14 -05:00