[Bro-Dev] #914: topic/seth/intel-framework
Bro Tracker
bro at tracker.bro-ids.org
Wed Oct 31 16:22:44 PDT 2012
#914: topic/seth/intel-framework
----------------------------+------------------------
Reporter: seth | Owner: robin
Type: Merge Request | Status: new
Priority: Normal | Milestone: Bro2.2
Component: Bro | Version: git/master
Resolution: | Keywords:
----------------------------+------------------------
Comment (by robin):
The latter point leads to something more general: is there a mix-up with
the tests in some form? They actually all fail for me:
{{{
scripts.base.frameworks.intel.cluster-transparency ... failed
% 'btest-diff manager-1/intel.log' failed unexpectedly (exit code 1)
% cat .diag
== File ===============================
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path intel
#open 2012-10-31-23-21-25
#fields ts uid id.orig_h id.orig_p id.resp_h
id.resp_p seen.host seen.str seen.str_type seen.where
sources
#types time string addr port addr port addr
string enum enum table[string]
1351725685.541586 - - - - -
123.123.123.123 - - Intel::IN_ANYWHERE worker-1
#close 2012-10-31-23-21-35
== Diff ===============================
--- /tmp/test-diff.5238.manager-1.intel.log.baseline.tmp 2012-10-31
23:21:39.234980964 +0000
+++ /tmp/test-diff.5238.manager-1.intel.log.tmp 2012-10-31
23:21:39.247981478 +0000
@@ -4,7 +4,7 @@
#unset_field -
#path intel
#open XXXX-XX-XX-XX-XX-XX
-#fields ts uid id.orig_h id.orig_p id.resp_h
id.resp_p seen.host seen.str seen.str_type seen.where
-#types time string addr port addr port addr
string enum enum
-XXXXXXXXXX.XXXXXX - - - - -
123.123.123.123 - - Intel::IN_ANYWHERE
+#fields ts uid id.orig_h id.orig_p id.resp_h
id.resp_p seen.host seen.str seen.str_type seen.where
sources
+#types time string addr port addr port addr
string enum enum table[string]
+XXXXXXXXXX.XXXXXX - - - - -
123.123.123.123 - - Intel::IN_ANYWHERE worker-1
#close XXXX-XX-XX-XX-XX-XX
=======================================
% cat .stderr
<<< [5133]
BROPATH=.:/home/robin/bro/master/scripts:/home/robin/bro/master/scripts/policy:/home/robin/bro/master/scripts/site:/home/robin/bro/master/build/src:..
CLUSTER_NODE=manager-1 bro
/da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
.cluster-transparency/cluster-transparency.bro
>>>
<<< [5147]
BROPATH=.:/home/robin/bro/master/scripts:/home/robin/bro/master/scripts/policy:/home/robin/bro/master/scripts/site:/home/robin/bro/master/build/src:..
CLUSTER_NODE=worker-1 bro
/da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
.cluster-transparency/cluster-transparency.bro
>>>
<<< [5159]
BROPATH=.:/home/robin/bro/master/scripts:/home/robin/bro/master/scripts/policy:/home/robin/bro/master/scripts/site:/home/robin/bro/master/build/src:..
CLUSTER_NODE=worker-2 bro
/da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
.cluster-transparency/cluster-transparency.bro
>>>
[ 25%] scripts.base.frameworks.intel.input-and-match ... failed
% 'bro
/da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
.input-and-match/input-and-match.bro >out' failed unexpectedly (exit code
1)
% cat .stderr
error in
/da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
.input-and-match/input-and-match.bro, line 11: unknown identifier
Intel::matcher, at or near "Intel::matcher"
[ 50%] scripts.base.frameworks.intel.item-merge ... failed
% 'bro
/da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
.item-merge/item-merge.bro >out' failed unexpectedly (exit code 1)
% cat .stderr
error in
/da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel
.item-merge/item-merge.bro, line 6: unknown identifier Intel::MALICIOUS,
at or near "Intel::MALICIOUS"
[ 75%] scripts.base.frameworks.intel.matching ... failed
% 'bro
/da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel.matching/matching.bro
>out' failed unexpectedly (exit code 1)
% cat .stderr
error in
/da/home/robin/bro/master/testing/btest/.tmp/scripts.base.frameworks.intel.matching/matching.bro,
line 7: unknown identifier Intel::MALICIOUS, at or near "Intel::MALICIOUS"
4 of 4 tests failed
}}}
--
Ticket URL: <http://tracker.bro-ids.org/bro/ticket/914#comment:2>
Bro Tracker <http://tracker.bro-ids.org/bro>
Bro Issue Tracker
More information about the bro-dev
mailing list