Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/testing/btest/Baseline/coverage.record-fields/out.bare
Johanna Amann 58613f0313 Introduce new c$failed_analyzers field 
This field is used internally to trace which analyzers already had a
violation. This is mostly used to prevent duplicate logging.

In the past, c$service_violation was used for a similar purpose -
however it has slightly different semantics. Where c$failed_analyzers
tracks analyzers that were removed due to a violation,
c$service_violation tracks violations - and doesn't care if an analyzer
was actually removed due to it.
2025-06-04 12:07:13 +01:00

40 lines
1.5 KiB
Text
Raw Blame History

### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
[zeek, -b, <...>/record-fields.zeek]
connection {
* duration: interval, log=F, optional=F
* failed_analyzers: set[string], log=F, optional=T
* history: string, log=F, optional=F
* id: record conn_id, log=F, optional=F
conn_id {
* orig_h: addr, log=T, optional=F
* orig_p: port, log=T, optional=F
* proto: count, log=F, optional=T
* resp_h: addr, log=T, optional=F
* resp_p: port, log=T, optional=F
}
* inner_vlan: int, log=F, optional=T
* orig: record endpoint, log=F, optional=F
endpoint {
* flow_label: count, log=F, optional=F
* l2_addr: string, log=F, optional=T
* num_bytes_ip: count, log=F, optional=T
* num_pkts: count, log=F, optional=T
* size: count, log=F, optional=F
* state: count, log=F, optional=F
}
* removal_hooks: set[func], log=F, optional=T
* resp: record endpoint, log=F, optional=F
endpoint { ... }
* service: set[string], log=F, optional=F
* service_violation: set[string], log=F, optional=T
* start_time: time, log=F, optional=F
* tunnel: vector of record Tunnel::EncapsulatingConn, log=F, optional=T
Tunnel::EncapsulatingConn {
* cid: record conn_id, log=T, optional=F
conn_id { ... }
* tunnel_type: enum Tunnel::Type, log=T, optional=F
* uid: string, log=T, optional=T
}
* uid: string, log=F, optional=F
* vlan: int, log=F, optional=T
}
Reference in a new issue View git blame Copy permalink