[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-3.2.1-215-g9ff8882

OISF Git noreply at openinfosecfoundation.org
Fri Apr 7 07:33:17 UTC 2017 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".

The branch, master has been updated
       via  9ff8882cbdaf4ab2dc9f736fdd8ea56dcbe84fb1 (commit)
       via  8436a892f95efbe1b01e81d657a52d2210a4f955 (commit)
       via  673549e5cf34188a08d7934b1cafa36f2e3bdeb6 (commit)
       via  59b98649de2fad5594756983b3a86c940a3575c7 (commit)
       via  8b9f84bff2d8bd95030e8d2d4a586a3cd3d2c649 (commit)
       via  37a12fe799252bde8cc37c187126ca6a2bfae018 (commit)
       via  ffbf8cec162c9f6c77663d4df22e17bd5f8b5a01 (commit)
       via  47a5b493d748e899c478ec7f75c4858fee4552ee (commit)
       via  db6c80fd8e4232d963553def0451f191a9c81888 (commit)
      from  bc480fa8c3fe47f3fe1fea182904f2c17beb4fe3 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 9ff8882cbdaf4ab2dc9f736fdd8ea56dcbe84fb1
Author: Jason Ish <ish at unx.ca>
Date:   Wed Mar 15 10:52:57 2017 -0600

    detect: don't consider an empty rule file an error

commit 8436a892f95efbe1b01e81d657a52d2210a4f955
Author: Jason Ish <ish at unx.ca>
Date:   Tue Apr 4 22:44:21 2017 -0600

    logging: only do non-blocking writes if live
    
    If running against a pcap there is no reason to drop events,
    a blocking socket is fine here. So only do non-blocking writes
    when running off a live device.

commit 673549e5cf34188a08d7934b1cafa36f2e3bdeb6
Author: Jason Ish <ish at unx.ca>
Date:   Tue Apr 4 22:21:37 2017 -0600

    eve: log number of events dropped at exit

commit 59b98649de2fad5594756983b3a86c940a3575c7
Author: Jason Ish <ish at unx.ca>
Date:   Thu Feb 23 16:22:42 2017 -0600

    logging: don't block on socket writes
    
    Writing to a unix socket can cause Suricata to block in the
    packet path. This could happen if the read-endpoint of the
    unix socket stays connected, but stops reading, or simply
    can't read fast enough as part of its event processing.
    
    To choose packets over events, do non-blocking socket
    writes and drop the event if the write would block and
    update a dropped counter.

commit 8b9f84bff2d8bd95030e8d2d4a586a3cd3d2c649
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Tue Feb 14 10:59:41 2017 +0100

    doc: add documentation for date modifiers in eve-log

commit 37a12fe799252bde8cc37c187126ca6a2bfae018
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Tue Feb 14 10:53:34 2017 +0100

    doc: add documentation for eve-log file rotation

commit ffbf8cec162c9f6c77663d4df22e17bd5f8b5a01
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Tue Feb 14 10:32:33 2017 +0100

    logging: create log directories when needed
    
    Recursively create new log directories when needed. This makes it
    possible to use date modifiers in the file path to create
    directories based on date, e.g.:
    
      /var/log/suricata/2017/02/14/

commit 47a5b493d748e899c478ec7f75c4858fee4552ee
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Tue Feb 14 08:41:40 2017 +0100

    output-json: rotate log file based on time
    
    Rotate log file based on time. Support both rotating based on a timer (XXs,
    XXm, XXd, XXw) and rotating based on a absolute time, like each minute,
    hour or day.

commit db6c80fd8e4232d963553def0451f191a9c81888
Author: Mats Klepsland <mats.klepsland at gmail.com>
Date:   Tue Feb 14 08:29:44 2017 +0100

    logging: support date modifiers in log filenames
    
    Allow log filenames to contain date modifiers, e.g.:
    
      - eve-log:
        filename: eve-%Y-%m-%d-%H:%M:%S.json

-----------------------------------------------------------------------

Summary of changes:
 doc/userguide/output/eve/eve-json-output.rst |  44 ++++++
 src/detect.c                                 |  12 +-
 src/output-json.c                            |   5 +
 src/suricata.c                               |   6 +-
 src/suricata.h                               |   1 +
 src/util-error.c                             |   1 +
 src/util-error.h                             |   1 +
 src/util-logopenfile.c                       | 203 +++++++++++++++++++++++----
 src/util-logopenfile.h                       |  19 ++-
 src/util-time.c                              | 111 +++++++++++++++
 src/util-time.h                              |   4 +
 11 files changed, 376 insertions(+), 31 deletions(-)


hooks/post-receive
-- 
OISF

More information about the Oisf-devel mailing list