[metron-bro-plugin-kafka] branch master updated: METRON-2000 Fix bro plugin docker line counting for BRO_COUNT (JonZeolla via jonzeolla) closes apache/metron-bro-plugin-kafka#24

Thu, 14 Feb 2019 06:29:41 -0800 

This is an automated email from the ASF dual-hosted git repository.

jonzeolla pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/metron-bro-plugin-kafka.git


The following commit(s) were added to refs/heads/master by this push:
     new bfc9cbb  METRON-2000 Fix bro plugin docker line counting for BRO_COUNT 
(JonZeolla via jonzeolla) closes apache/metron-bro-plugin-kafka#24
bfc9cbb is described below

commit bfc9cbbdc97c3a12c59e9d9786bd7e3996a196f5
Author: JonZeolla <[email protected]>
AuthorDate: Thu Feb 14 09:27:45 2019 -0500

    METRON-2000 Fix bro plugin docker line counting for BRO_COUNT (JonZeolla 
via jonzeolla) closes apache/metron-bro-plugin-kafka#24
---
 docker/in_docker_scripts/configure_bro_plugin.sh | 6 ++++++
 docker/scripts/split_kakfa_output_by_log.sh      | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/docker/in_docker_scripts/configure_bro_plugin.sh 
b/docker/in_docker_scripts/configure_bro_plugin.sh
index 74551c2..c292504 100755
--- a/docker/in_docker_scripts/configure_bro_plugin.sh
+++ b/docker/in_docker_scripts/configure_bro_plugin.sh
@@ -37,5 +37,11 @@ echo "Configuring kafka plugin"
   echo "redef Software::asset_tracking = ALL_HOSTS;"
 } >> /usr/local/bro/share/bro/site/local.bro
 
+# Load "known-devices-and-hostnames.bro" which is necessary in bro 2.5.5 to
+# create the log Known::DEVICES_LOG
 sed -i '86 a @load policy/protocols/dhcp/known-devices-and-hostnames.bro' 
/usr/local/bro/share/bro/site/local.bro
 
+# Comment out the load statement for "log-hostcerts-only.bro" in bro 2.5.5's
+# default local.bro in order to log all certificates to x509.log
+sed -i 's%^@load protocols/ssl/log-hostcerts-only%#&%' 
/usr/local/bro/share/bro/site/local.bro
+
diff --git a/docker/scripts/split_kakfa_output_by_log.sh 
b/docker/scripts/split_kakfa_output_by_log.sh
index 71ec82b..74d55e3 100755
--- a/docker/scripts/split_kakfa_output_by_log.sh
+++ b/docker/scripts/split_kakfa_output_by_log.sh
@@ -97,7 +97,7 @@ do
       grep {\""${BASE_LOG_FILE_NAME}"\": "${LOG_DIRECTORY}"/kafka-output.log > 
"${LOG_DIRECTORY}"/"${BASE_LOG_FILE_NAME}".kafka.log
 
       KAKFA_COUNT=$(cat "${LOG_DIRECTORY}/${BASE_LOG_FILE_NAME}.kafka.log" | 
wc -l)
-      BRO_COUNT=$(grep -v "#" "${log}" | wc -l)
+      BRO_COUNT=$(grep -v "^#" "${log}" | wc -l)
 
       echo "${BASE_LOG_FILE_NAME},${BRO_COUNT},${KAKFA_COUNT}" >> 
"${RESULTS_FILE}"
     fi

Reply via email to