[Bro-Dev] [Auto] Merge Status
Open Merge Requests === IDComponentReporterAssignee Updated For VersionPrioritySummary --- -- -- - -- - BIT-1564 [1] BroControl Scott Knick - 2016-04-06 2.5 Low BroControl incorrectly references ok attribute of results even when None type is returned BIT-1563 [2] Bro Daniel Thayer - 2016-03-30 2.5 Normal BrokerComm and BrokerStore namespaces should be combined BIT-1557 [3] Broccoli Daniel Thayer - 2016-03-21 2.5 Low broccoli code examples don't compile BIT-1549 [4] BroControl Daniel Thayer Justin Azoff 2016-04-01 2.5 Normal broctl top command doesn't work on OS X 10.10 or newer BIT-1528 [5] Bro Justin Azoff- 2016-03-24 2.5 Normal SNMP and SIP scans show up in known services. BIT-1507 [6] Bro Jan Grashoefer Seth Hall 2016-01-25 - Low Intel framework does not match mail addresses properly Open GitHub Pull Requests = Issue ComponentUser Updated Title --- --- -- --- #63 [7] bro WilliamTom [8] 2016-03-26 Wrong regex literal in scripting doc [9] #52 [10] bro J-Gras [11] 2016-01-18 Fixed matching mail address intel [12] #22 [13] bro-plugins nickwallen [14] 2016-04-04 BIT-1559 Bro-Plugins Send each log stream to different kafka topic [15] #18 [16] bro-plugins jshlbrd [17] 2016-03-03 SSDP analyzer [18] [1] BIT-1564 https://bro-tracker.atlassian.net/browse/BIT-1564 [2] BIT-1563 https://bro-tracker.atlassian.net/browse/BIT-1563 [3] BIT-1557 https://bro-tracker.atlassian.net/browse/BIT-1557 [4] BIT-1549 https://bro-tracker.atlassian.net/browse/BIT-1549 [5] BIT-1528 https://bro-tracker.atlassian.net/browse/BIT-1528 [6] BIT-1507 https://bro-tracker.atlassian.net/browse/BIT-1507 [7] Pull Request #63 https://github.com/bro/bro/pull/63 [8] WilliamTom https://github.com/WilliamTom [9] Merge Pull Request #63 with git pull --no-ff --no-commit https://github.com/WilliamTom/bro.git master [10] Pull Request #52 https://github.com/bro/bro/pull/52 [11] J-Gras https://github.com/J-Gras [12] Merge Pull Request #52 with git pull --no-ff --no-commit https://github.com/J-Gras/bro.git topic/jgras/bit-1507 [13] Pull Request #22 https://github.com/bro/bro-plugins/pull/22 [14] nickwallen https://github.com/nickwallen [15] Merge Pull Request #22 with git pull --no-ff --no-commit https://github.com/nickwallen/bro-plugins.git support-many-kafka-topics [16] Pull Request #18 https://github.com/bro/bro-plugins/pull/18 [17] jshlbrd https://github.com/jshlbrd [18] Merge Pull Request #18 with git pull --no-ff --no-commit https://github.com/jshlbrd/bro-plugins-1.git topic/jshlbrd/ssdp ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
Re: [Bro-Dev] Per item expiration for tables
On Wed, Apr 06, 2016 at 15:11 +0200, you wrote: > What are your opinions on that? Which approach would you prefer or do > you think per item expiration is a bad idea in general? I understand the motivation but I would prefer to stick with existing mechanisms, as per item expiration times can get expensive (that would require storing an additional float for all table entries). It might also be a bit too specialized a use case to add new syntax to support it. Let me try an idea: could you limit the set if expiration times to a predefined list of choices (e.g., 10mins, 1hr, 1d, 1w, 1m)? Then you could work with a set of tables with corresponding expiration intervals. Robin -- Robin Sommer * ICSI/LBNL * ro...@icir.org * www.icir.org/robin ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1510) Crash reports when no crash happened
[ https://bro-tracker.atlassian.net/browse/BIT-1510?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Daniel Thayer updated BIT-1510: --- Status: Merge Request (was: Open) > Crash reports when no crash happened > > > Key: BIT-1510 > URL: https://bro-tracker.atlassian.net/browse/BIT-1510 > Project: Bro Issue Tracker > Issue Type: Problem > Components: BroControl >Affects Versions: git/master >Reporter: Seth Hall > Fix For: 2.5 > > > We need to make broctl stop sending crash reports when Bro was shutdown by a > signal. It's confusing for users because they will get these emails > sporadically when restarting Bro. > The crash report typically has the following text and no backtrace: > stderr.log > KILLED > received termination signal -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-023#72002) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1564) BroControl incorrectly references ok attribute of results even when None type is returned
[
https://bro-tracker.atlassian.net/browse/BIT-1564?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Thayer reassigned BIT-1564:
--
Assignee: Justin Azoff
> BroControl incorrectly references ok attribute of results even when None type
> is returned
> -
>
> Key: BIT-1564
> URL: https://bro-tracker.atlassian.net/browse/BIT-1564
> Project: Bro Issue Tracker
> Issue Type: Problem
> Components: BroControl
>Reporter: Scott Knick
>Assignee: Justin Azoff
>Priority: Low
> Fix For: 2.5
>
>
> The various do_ methods in bin/broctl attempt to reference the "ok"
> attribute of the results object returned from the BroCtl class' corresponding
> method. However, these methods can return the None type which has no "ok"
> attribute. This results in errors like this from BroControl:
> {{[root@system spool]# /usr/local/bro/bin/broctl install
> error: Unable to do xyz in plugin
> Error: 'NoneType' object has no attribute 'ok'}}
> I discovered this when returning False from the cmd_install_pre() method of
> my custom BroControl plugin.
--
This message was sent by Atlassian JIRA
(v7.2.0-OD-05-023#72002)
___
bro-dev mailing list
bro-dev@bro.org
http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1510) Crash reports when no crash happened
[ https://bro-tracker.atlassian.net/browse/BIT-1510?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Daniel Thayer reassigned BIT-1510: -- Assignee: Justin Azoff > Crash reports when no crash happened > > > Key: BIT-1510 > URL: https://bro-tracker.atlassian.net/browse/BIT-1510 > Project: Bro Issue Tracker > Issue Type: Problem > Components: BroControl >Affects Versions: git/master >Reporter: Seth Hall >Assignee: Justin Azoff > Fix For: 2.5 > > > We need to make broctl stop sending crash reports when Bro was shutdown by a > signal. It's confusing for users because they will get these emails > sporadically when restarting Bro. > The crash report typically has the following text and no backtrace: > stderr.log > KILLED > received termination signal -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-023#72002) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1557) broccoli code examples don't compile
[ https://bro-tracker.atlassian.net/browse/BIT-1557?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robin Sommer reassigned BIT-1557: - Assignee: Robin Sommer > broccoli code examples don't compile > > > Key: BIT-1557 > URL: https://bro-tracker.atlassian.net/browse/BIT-1557 > Project: Bro Issue Tracker > Issue Type: Task > Components: Broccoli >Reporter: Daniel Thayer >Assignee: Robin Sommer >Priority: Low > Fix For: 2.5 > > > In the broccoli manual, there are code examples, and some of them contain > errors that prevent the code from compiling. -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-023#72002) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] [JIRA] (BIT-1528) SNMP and SIP scans show up in known services.
[ https://bro-tracker.atlassian.net/browse/BIT-1528?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Robin Sommer reassigned BIT-1528: - Assignee: Robin Sommer > SNMP and SIP scans show up in known services. > - > > Key: BIT-1528 > URL: https://bro-tracker.atlassian.net/browse/BIT-1528 > Project: Bro Issue Tracker > Issue Type: Problem > Components: Bro >Affects Versions: 2.4 >Reporter: Justin Azoff >Assignee: Robin Sommer > Fix For: 2.5 > > > It appears that single packet SIP and SNMP scans cause the destination host > to end up in known_services as running a SIP or SNMP service, even though > they are not running that service and did not respond to the packet. -- This message was sent by Atlassian JIRA (v7.2.0-OD-05-023#72002) ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
[Bro-Dev] Merging BIT-1563 (Re: [Auto] Merge Status)
On Thu, Apr 07, 2016 at 00:00 -0700, you wrote: > BIT-1563 [2] Bro Daniel Thayer - 2016-03-30 2.5 > Normal BrokerComm and BrokerStore namespaces should be combined I think this change makes sense but it will break all Bro scripts out there that are currently using Broker. I think it's still ok to do such breaking changes for Broker now, but before going ahead and merge, I wanted to ask if anybody believes that's not a good idea? Robin -- Robin Sommer * ICSI/LBNL * ro...@icir.org * www.icir.org/robin ___ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev
