Skip to content

2.1.0
Compare
Choose a tag to compare
@github-actions github-actions released this 29 Mar 12:19
· 181 commits to main since this release
v2.1.0
3803847
This commit was signed with the committer’s verified signature. The key has expired.
rsmmr Robin Sommer
GPG key ID: 6BEDA4DA6B8B23E3
Expired
Learn about vigilant mode.

  • GH-25: Add files_columns table that extracts selected columns
    from on-disk files und sends them over to Zeek as a record. See
    the README for documentation.

  • GH-7: Extend the type system for table columns. We can now
    represent addresses, booleans, counts, intervals, ports, records,
    sets, times, and vectors end-to-end, so that they arrive as such
    at Zeek. We also update our tables to use the new types where
    appropriate.

  • GH-34: Disable communication with a Zeek instance if it's package
    version is too old.

  • Add a 2nd 'differences' mode to queries where no initial snapshot
    is provided. We now have (1) "snapshot-and-diffs", which sends an
    initial snapshot first, followed by diffs; and (2) "diffs", which
    sends an empty initial result and then just diffs.

  • Move numerical version number computation from CMake to runtime.

  • Update SQLite to 3.38.1 to give us built-in JSON support.

  • Add Broker version to agent handshake.

  • Support default values for table parameters.

  • Make exception available to table's data acquisition methods to signal failure.

  • Fix assert that could wrongly trigger.

  • Fix console getting stuck on queries with errors, and reduce
    unintended latency until query executes.

  • Fix CI issue on Ubuntu.

  • Fix potential deadlock in unit test.

  • Fix trace-level debug logging.

  • Fix linker issue on Linux.

  • Make --test output available on failure in BTest suite.

  • Clean up unused state in Zeek communication code.

  • Format Zeek scripts with current zeek-format.

Assets 5
Loading