lures to other Zeek components" and "make more sophisticated
>> decisions" would look like?
>
> Yes, right now, any writer error just shuts down the entire thread.
>
> That’s a good solution for destinations like a disk, because if a
> write fails, something
umb tool
that says to start and stop and doesn't end up causing us to spread our
logic around to other tooling.
.Seth
--
Seth Hall * Corelight, Inc * www.corelight.com
___
Zeek-Dev mailing list
Zeek-Dev@zeek.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/zeek-dev
Just wanted to point out that I was surprised this morning when I
recalled for the first time in about 10 years that the Zeek parser can't
handle multiline strings...
event zeek_init()
{
print "Hello,
World!";
}
That code doesn't work. :)
.Seth
--
. :)
.Seth
On 16 Jul 2019, at 10:37, Michael Dopheide wrote:
> Seth,
>
> github.com/dopheide-esnet/zeek-myricom contains Jan’s changes as
> well as
> removes the enum duplicate if you want to steal those.
>
> Dop
>
>
> On Tue, Jul 16, 2019 at 9:29 AM Seth Hall
;
>>>>> I'll look more into what the proper fix is next week, but if
>>>>> you're
>>> just looking to try to get something working in the meantime, a
>>> workaround
>>> may be to comment out or remove the entire RssField enum definition
>>> inside
>>> the init.bro scrip
I don't think we'd add that to the default log, but you should be able to write
a script that does something like that.
.Seth
--
Seth Hall * Corelight, Inc * www.corelight.com
> On Apr 10, 2019, at 6:11 AM, anthony kasza wrote:
>
> I like the idea of logging gap ranges for a c
I think it would be useful. I can't believe we hadn't already thought of
adding that!
.Seth
--
Seth Hall * Corelight, Inc * www.corelight.com
> On Apr 8, 2019, at 10:02 PM, Vern Paxson wrote:
>
> I'm finding it would be handy to be able to glance at a connection log line
&
t discussion for any further clarification you might
> need.
I grabbed the one about renaming events! Thanks for setting the timeline.
.Seth
--
Seth Hall * Corelight, Inc * www.corelight.com
___
zeek-dev mailing list
zeek-dev@zeek.org
http://mailman.ic
Robin?
.Seth
--
Seth Hall * Corelight, Inc * www.corelight.com
___
zeek-dev mailing list
zeek-dev@zeek.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/zeek-dev
ficit.
I guess if there is some more obvious way to do it could make sense, but
I haven't been able to come up with anything after thinking about this
for quite a while.
.Seth
--
Seth Hall * Corelight, Inc * www.corelight.com
___
zeek-dev mailing list
ze
gExtension
{
return MyLogExtension($server_name = my_server_name);
}
redef Log::default_ext_func = add_my_log_extension;
```
.Seth
--
Seth Hall * Corelight, Inc * www.corelight.com
___
zeek-dev mailing list
zeek-dev@zee
g to do) it?
>
> Best wishes,
>
> Mauro
>
> ___
> zeek-dev mailing list
> zeek-dev@zeek.org
> http://mailman.icsi.berkeley.edu/mailman/listinfo/zeek-dev
--
Seth Hall * Corelight, Inc * www.corelight.com
___
zeek-dev mailing list
zeek-dev@zeek.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/zeek-dev
12 matches
Mail list logo
