Vlad Grigorescu

> * Do you want to have CAF take care of the socket returned by `sd_listen_fds,`, i.e., bind an actor to that socket so that others can connect via `remote_actor`?...

This is on CentOS 7. `./configure --prefix=/usr/local/zeek --enable-jemalloc --disable-broker-tests --with-python=/bin/python3` I think the issue might be that broker takes a `--with-python-config` option, but that's not exposed in the Zeek configure...

Looking at https://github.com/zeek/cmake/blob/5174417e539fb610074ee2367370bd6988bd2281/FindPythonDev.cmake#L46, I'm going to try building with `--with-python=/usr/bin/python3`

That worked. I'll leave this open for review, to see if there's an action here. Specifically, python3 with a python2 python-config will break Broker, but cmake doesn't detect this right...

Just to make sure I wasn't shooting myself in the foot, I removed `--disable-broker-tests`, and ran `./configure --prefix=/usr/local/zeek --enable-jemalloc --with-python=/bin/python3`, and it still built into a broken state.

First off, thanks for your updates. I appreciate the help. :-). Can you tell me a bit more about why the setup.py change is needed? Is it breaking something with...

One part (selecting the right indices) is done per 63132c39577239df3dca586a7d15b5ebd0fddfca. - Need to work out how to create a filter based on the time field. - Need to work out...

I think selecting the fields makes sense, but it might also be necessary to provide a mechanism for a protocol analyzer to "close" a connection. In this way, additional traffic...

Reading this, I'm recalling some conversations from years ago about this. I believe that not supporting string lookups in tables of patterns was a deliberate design choice. Patterns can introduce...

Yeah, I've been trying to come up with a use case that's begging for this, and haven't been able to. policy/protocols/http/detect-webapps.zeek ties a regex to the name of a webapp,...