[Bro-Dev] Organizing plugins (Re: [JIRA] (BIT-1222) topic/robin/reader-writer-plugins)

[Robin Sommer]

(Taking this to the mailing list for discussion.)

On Mon, Aug 04, 2014 at 12:40 -0500, you wrote:

> I think that script and any tests (assuming the plugin test
> infrastructure is in place?) need to move into the plugin.

Agreed in general. But there are two more general questions going in
here I think:

     - Part of the problem is that right now, Bro's standard tree of
       scripts is still unchanged: while the core
       analyzers/readers/writers are now plugins, their corresponding
       scripts remains where they always were (and hence get pulled in
       unconditionally).

       Question is: do we want to change that? I'm reluctant to do
       that right now, as it would be major structural change, and we
       don't have much experience yet with the plugins' organization.
       I would prefer to leave the standard scripts as they are for
       now.

     - What's our strategy for moving non-standard stuff out of the
       main distribution?

       Generally, I think we should start a separate bro-plugins
       repository where we keep non-standard plugins (both from us,
       and from external folks as long as there's a clear maintainer).

       We could then take the stance that everything dependending on
       optional functionality would go there, rather than into Bro
       itself. Right now, I think that would mean support for
       DataSeries and ElasticSearch.


So, in short: what would you guys think about solving the problem by
moving DataSeries and ElasticSearch (including their scripts and
tests) out into a new bro-plugin repository, but otherwise leaving
things as they are right now?

Robin