[Zeek] pkg add-interfaces
Jan Grashöfer
jan.grashoefer at gmail.com
Mon Dec 9 09:38:35 PST 2019
Hi Scot,
unfortunately I cannot reproduce the issue.
> Looking at the code for the function interface_ext_func looks like the
> condition is most likely failing and there is no return value specified.
>
> function interface_ext_func(path: string): AddedFields
>
> {
>
> if ( Cluster::nodes[Cluster::node]?$interface )
>
> return AddedFields($interface =
> Cluster::nodes[Cluster::node]$interface);
>
> }
You might try to add something like the following to deal with timing
issues:
else
return AddedFields($interface = fmt("%s:unknown-interface",
Cluster::node));
However, if the interfaces do not appear in the logs after an initial
warm-up, there might be something else wrong.
Jan
More information about the Zeek
mailing list