Thanks Robin, that helps.
On Thu, Jun 18, 2020 at 2:11 AM Robin Sommer wrote:
>
> There are two parts here: (1) deploying the Zeek installation itself,
> and (2) deploying any configuration changes (incl. new Zeek scripts).
>
> For (1), the above applies: we'll rely on standard sysadmin
I'm still fuzzy on the Supervisor framework, as we're still in the process
of upgrading systems to the point of supporting the new C++ requirements.
As a concrete example, what does a cluster upgrade look like? Today, that
means install the new version on the manager, and then do `zeekctl
>From what I can tell, trace-summary and zeekctl are the only things
that use pysubnettree. pytricia seems to have become the de-facto
module that's used for these structures in Python:
https://github.com/jsommers/pytricia
In fact, pytricia has a comparison section where it claim that it's
faster
Master has code for setting up the cluster framework with time machine
nodes, and is_external_connection is a BIF that determines if a connection
has been received from an external source, but in Broker, I don't see how I
would send a packet into the Zeek packet processing system.
Does such
On Wed, Mar 13, 2019 at 10:17 AM anthony kasza
wrote:
> However, the docs don't detail much beyond creating a built in function. A
> colleague pointed me at this quickstart script for binpac:
> https://github.com/grigorescu/binpac_quickstart
>
Oops! Sorry about that. Try this one:
I think compatibility is a growing issue with scripts being released as
plugins. I'm already seeing some code shift to:
> @if (Version ...)
> new event
> @else
> old event
I _think_ I like Seth's idea of records, but I'm still thinking it through.
It would formalize a growing trend towards
