Jan
Jan
@Neverlord pointed out that the `zeek.hh` could move into Zeek to fully decouple Zeek and broker. As far as I can tell, this would require the python bindings as well...
As discussed in #331, it would be nice to have a generic mechanism to add metadata to Zeek events. @awelzel sketched the following: > One more thought: Could we go...
As discussed in https://github.com/zeek/zeek/discussions/2879 and #331, there is no versioning for the Zeek-layer serialization. While the broker protocol has versioning, this does not extend to the format of entities such...
Something strange was going on with #57. Github says it's merged but somehow the changes didn't make it into master.
Previously only a subset of config options was available via zeekctl.
Using the docker image, it might be possible to implement some basic testing using `tcpreplay`. The tests could be realized as optional btests so that they don't mess up installation...
The ring layout still uses a magic value. Other approaches take the MTU to determine a suitable block size (using `TPACKET_ALIGN` for alignment).
Looks like `SPICY_SCRIPTS_OUTPUT_DIR_INSTALL` is never set.
So far the `build_command` of a plugin can only be customized using `user_vars`. However, `user_vars` enforce feedback of the user in all cases. Building the AF_Packet plugin for containers may...
Complementary to #2480 it would be nice to have a way to shutdown a cluster gracefully. In particular this means taking care of logs being written.