Arne Welzel
Arne Welzel
While writing a test for #4473, I realized Zeek script trace files produced with ZAM enabled fail with an error about `Broker::flush_logs()` not being exported: ``` $ ZEEK_ZAM=1 zeek --event-trace...
I think Tim promoted the idea sometime ago and every time we add or remove distros from CI, it seems it's too much churn. It'd be great if there's a...
This test appears to have become flaky after #4295. ``` [#1] broker.store.brokerstore-attr-persistence-clone ... failed % 'btest-bg-wait 20' failed unexpectedly (exit code 1) % cat .stderr The following processes did not...
With Zeek 7.1 and Zeek 7.2, the ZeroMQ cluster backend implementation is similar to the original Broker approach of never dropping events. In contrast to Broker, the `Cluster::publish()` script layer...
The LDAP authentication supports SPNEGO, NTLMSSP, [Sicily Authentication](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-adts/8b9dbfb2-5b6a-497a-a533-7e709cb9a982) and possibly more. The payload (opaque to the LDAP analyzer for the most part) contains interesting information about the user and remote...
After adding a new testing baseline with #4064 containing significant amounts of QUIC traffic, we observe segfaults when this PCAP is processed with a TSAN build: https://cirrus-ci.com/task/4924913906089984?logs=test#L2047 Creating this ticket...