Duplicate conn_long.log entries.

[ghuband]

I sometimes see exact duplicate log entries for a connection in conn_long.log. I've seen this in Zeek 6.01 and 6.2. A detailed discussion is on Slack https://zeekorg.slack.com/archives/CSZBXF6TH/p1714741043670259.

For example, below is a grep of a connection id showing entries from conn_long.log and conn.log. The conn.log is correct. The conn_long.log has a duplicate for two durations, 497.067039 and 1174.802963.

grep -r . -e CUSFwv4PxaEwrgTaQd ./conn_long.log:1714749731.572229 CUSFwv4PxaEwrgTaQd 192.168.68.78 60450 67.174.65.90 61678 udp - 346.403224 3044 1703 SF T F 0 Dd 404164 37 2739 - ./conn_long.log:1714749731.572229 CUSFwv4PxaEwrgTaQd 192.168.68.78 60450 67.174.65.90 61678 udp - 497.067039 4627 2549 SF T F 0 Dd 596279 55 4089 - ./conn_long.log:1714749731.572229 CUSFwv4PxaEwrgTaQd 192.168.68.78 60450 67.174.65.90 61678 udp - 497.067039 4627 2549 SF T F 0 Dd 596279 55 4089 - ./conn_long.log:1714749731.572229 CUSFwv4PxaEwrgTaQd 192.168.68.78 60450 67.174.65.90 61678 udp - 888.609726 6551 2726 SF T F 0 Dd 818819 58 4350 - ./conn_long.log:1714749731.572229 CUSFwv4PxaEwrgTaQd 192.168.68.78 60450 67.174.65.90 61678 udp - 933.781072 7018 2726 SF T F 0 Dd 869426 58 4350 - ./conn_long.log:1714749731.572229 CUSFwv4PxaEwrgTaQd 192.168.68.78 60450 67.174.65.90 61678 udp - 1174.802963 7114 2726 SF T F 0 Dd 929690 58 4350 - ./conn_long.log:1714749731.572229 CUSFwv4PxaEwrgTaQd 192.168.68.78 60450 67.174.65.90 61678 udp - 1174.802963 7114 2726 SF T F 0 Dd 929690 58 4350 - ./conn.log:1714749731.572229 CUSFwv4PxaEwrgTaQd 192.168.68.78 60450 67.174.65.90 61678 udp - 1174.802963 7114 2726 SF T F 0 Dd 92 9690 58 4350 -