[Bro-Dev] #914: topic/seth/intel-framework

Bro Tracker bro at tracker.bro-ids.org
Wed Oct 31 16:22:44 PDT 2012


#914: topic/seth/intel-framework
----------------------------+------------------------
  Reporter:  seth           |      Owner:  robin
      Type:  Merge Request  |     Status:  new
  Priority:  Normal         |  Milestone:  Bro2.2
 Component:  Bro            |    Version:  git/master
Resolution:                 |   Keywords:
----------------------------+------------------------

Comment (by robin):

 The latter point leads to something more general: is there a mix-up with
 the tests in some form? They actually all fail for me:


 {{{
  scripts.base.frameworks.intel.cluster-transparency ... failed
   % 'btest-diff manager-1/intel.log' failed unexpectedly (exit code 1)
   % cat .diag
   == File ===============================
   #separator \x09
   #set_separator        ,
   #empty_field  (empty)
   #unset_field  -
   #path intel
   #open 2012-10-31-23-21-25
   #fields       ts      uid     id.orig_h       id.orig_p       id.resp_h
 id.resp_p       seen.host       seen.str        seen.str_type   seen.where
 sources
   #types        time    string  addr    port    addr    port    addr
 string  enum    enum    table[string]
   1351725685.541586     -       -       -       -       -
 123.123.123.123 -       -       Intel::IN_ANYWHERE      worker-1
   #close        2012-10-31-23-21-35
   == Diff ===============================
   --- /tmp/test-diff.5238.manager-1.intel.log.baseline.tmp      2012-10-31
 23:21:39.234980964 +0000
   +++ /tmp/test-diff.5238.manager-1.intel.log.tmp       2012-10-31
 23:21:39.247981478 +0000
   @@ -4,7 +4,7 @@
   #unset_field  -
   #path intel
   #open XXXX-XX-XX-XX-XX-XX
   -#fields      ts      uid     id.orig_h       id.orig_p       id.resp_h
 id.resp_p       seen.host       seen.str        seen.str_type   seen.where
   -#types       time    string  addr    port    addr    port    addr
 string  enum    enum
   -XXXXXXXXXX.XXXXXX    -       -       -       -       -
 123.123.123.123 -       -       Intel::IN_ANYWHERE
   +#fields      ts      uid     id.orig_h       id.orig_p       id.resp_h
 id.resp_p       seen.host       seen.str        seen.str_type   seen.where
 sources
   +#types       time    string  addr    port    addr    port    addr
 string  enum    enum    table[string]
   +XXXXXXXXXX.XXXXXX    -       -       -       -       -
 123.123.123.123 -       -       Intel::IN_ANYWHERE      worker-1
   #close XXXX-XX-XX-XX-XX-XX
   =======================================

   % cat .stderr
   <<< [5133]
 BROPATH=.:/home/robin/bro/master/scripts:/home/robin/bro/master/scripts/policy:/home/robin/bro/master/scripts/site:/home/robin/bro/master/build/src:..
 CLUSTER_NODE=manager-1 bro
 /da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
 .cluster-transparency/cluster-transparency.bro
   >>>
   <<< [5147]
 BROPATH=.:/home/robin/bro/master/scripts:/home/robin/bro/master/scripts/policy:/home/robin/bro/master/scripts/site:/home/robin/bro/master/build/src:..
 CLUSTER_NODE=worker-1 bro
 /da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
 .cluster-transparency/cluster-transparency.bro
   >>>
   <<< [5159]
 BROPATH=.:/home/robin/bro/master/scripts:/home/robin/bro/master/scripts/policy:/home/robin/bro/master/scripts/site:/home/robin/bro/master/build/src:..
 CLUSTER_NODE=worker-2 bro
 /da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
 .cluster-transparency/cluster-transparency.bro
   >>>

 [ 25%] scripts.base.frameworks.intel.input-and-match ... failed
   % 'bro
 /da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
 .input-and-match/input-and-match.bro >out' failed unexpectedly (exit code
 1)
   % cat .stderr
   error in
 /da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
 .input-and-match/input-and-match.bro, line 11: unknown identifier
 Intel::matcher, at or near "Intel::matcher"

 [ 50%] scripts.base.frameworks.intel.item-merge ... failed
   % 'bro
 /da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
 .item-merge/item-merge.bro >out' failed unexpectedly (exit code 1)
   % cat .stderr
   error in
 /da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
 .item-merge/item-merge.bro, line 6: unknown identifier Intel::MALICIOUS,
 at or near "Intel::MALICIOUS"

 [ 75%] scripts.base.frameworks.intel.matching ... failed
   % 'bro
 /da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel.matching/matching.bro
 >out' failed unexpectedly (exit code 1)
   % cat .stderr
   error in
 /da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel.matching/matching.bro,
 line 7: unknown identifier Intel::MALICIOUS, at or near "Intel::MALICIOUS"

 4 of 4 tests failed

 }}}

-- 
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/914#comment:2>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker



More information about the bro-dev mailing list