Dominik Lohmann
Dominik Lohmann
This adds support for converting a matching type and data pair into an Arrow Scalar. The conversion is only implemented in one direction for now until we have a use...
This follows up on an idea from @satta: Example configuration: ```yaml trim: fields: - hostname chars: '. ' ``` At this stage of development it's more of an experiment rather...
This adds support for specifying export transforms in a convenient pipe syntax, e.g., ``` vast export --pipe='aggregate(time-resolution: 1 day, group-by: ["timestamp"], sum: ["pkts_toclient", "pkts_toserver"])' json '#type == "suricata.flow" '| ```...
This is best explained using a tony table: BEFORE AFTER ```cpp [self](T&...) -> caf::result { A(); self->request(d1, t, xs...).then( [](response_type& value) { B(value); }, [](caf::error& err) { C(err); }); D();...
CAF 0.18 no longer automatically adds inspect overloads for scoped enums. We require that functionality in some places, so we must add them back manually. There exist three ways go...
VAST currently uses `atom::ok` and `atom::done` in actor behavior return types to signal a handler that returns either nothing or an error. In practice, this leads to the following behavior...
We've built community ID support into [VAST](https://github.com/tenzir/vast) to allow for pivoting between ingested PCAPs, Suricata, Zeek, and NetFlow/IPFIX. Our C++ implementation of community ID computation is available [here](https://github.com/tenzir/vast/blob/master/libvast/vast/community_id.hpp). We have...
When designing a responsive application with an actor system (or any other concurrency framework), it is usually important for message handlers to yield control frequently, e.g., by cutting large amounts...
Scenario: We have the partitions A and B, and automatic rebuilding merges them into the partition AB. All except for the last batch in AB are perfectly sized. Now comes...
### Description This issue is about implementing [RFC-001: Composable Pipelines](https://github.com/tenzir/vast/tree/master/rfc/001-composable-pipelines). In the spirit of continuing the discussion out in the open, we want to lay out our plan for the...