Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new bot: bro output file #1963

Merged
17 commits merged into from
Sep 17, 2021
Merged

Add new bot: bro output file #1963

17 commits merged into from
Sep 17, 2021

Conversation

mariuskarotkis
Copy link
Contributor

Add new bot: bro output file

@ghost
Copy link

ghost commented Jun 7, 2021

What is bro? Are the fields fixed in bro, or is this user-/implementation-specific?

@ghost ghost added component: bots feature request Indicates new feature requests labels Jun 7, 2021
@mariuskarotkis
Copy link
Contributor Author

What is bro? Are the fields fixed in bro, or is this user-/implementation-specific?

Bro intel (zeek) for IDS.

@ghost
Copy link

ghost commented Jun 8, 2021

https://zeek.org/2019/09/23/zeek-3-0-0/ indicates that bro has been renamed to zeek. is this output bot only compatible to bro or to zeek as well? Is there any format specification available? Are the fields fixed in bro, or is this user-/implementation-specific?

@mariuskarotkis
Copy link
Contributor Author

https://zeek.org/2019/09/23/zeek-3-0-0/ indicates that bro has been renamed to zeek. is this output bot only compatible to bro or to zeek as well? Is there any format specification available? Are the fields fixed in bro, or is this user-/implementation-specific?

This was made bro intel, but the format I think should fit and zeek (needs testing).

@ghost ghost added the needs: feedback label Aug 20, 2021
@codecov-commenter
Copy link

codecov-commenter commented Aug 25, 2021
edited

Codecov Report

Merging #1963 (a86ca53) into develop (0750a3d) will increase coverage by 0.16%.
The diff coverage is 66.66%.

@@             Coverage Diff             @@
##           develop    #1963      +/-   ##
===========================================
+ Coverage    75.74%   75.91%   +0.16%     
===========================================
  Files          414      438      +24     
  Lines        22169    23505    +1336     
  Branches      2944     3143     +199     
===========================================
+ Hits         16793    17843    +1050     
- Misses        4697     4932     +235     
- Partials       679      730      +51
Impacted Files Coverage Δ
intelmq/bots/outputs/bro_file/output.py 56.60% <56.60%> (ø)
intelmq/tests/bots/outputs/bro_file/test_output.py 100.00% <100.00%> (ø)
intelmq/tests/bots/experts/wait/test_expert.py 50.00% <0.00%> (-50.00%) ⬇️
intelmq/bots/experts/wait/expert.py 48.57% <0.00%> (-31.43%) ⬇️
intelmq/bin/intelmqctl.py 9.32% <0.00%> (-3.56%) ⬇️
intelmq/bots/parsers/cert_eu/parser_csv.py 78.84% <0.00%> (-2.79%) ⬇️
intelmq/bots/parsers/misp/parser.py 85.45% <0.00%> (-2.79%) ⬇️
intelmq/lib/cache.py 42.42% <0.00%> (-2.74%) ⬇️
intelmq/bots/experts/tor_nodes/expert.py 46.42% <0.00%> (-2.33%) ⬇️
intelmq/bots/experts/domain_suffix/expert.py 42.69% <0.00%> (-2.01%) ⬇️
... and 429 more

ghost
ghost suggested changes Sep 17, 2021
View reviewed changes
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just a minor comment on how default values are set, otherwise ready for merge!

intelmq/bots/outputs/bro_file/output.py Outdated Show resolved Hide resolved
intelmq/bots/outputs/bro_file/output.py Outdated Show resolved Hide resolved
mariuskarotkis and others added 4 commits September 17, 2021 20:47
@mariuskarotkis
Update intelmq/bots/outputs/bro_file/output.py
774ce37 
Co-authored-by: Wagner <wagner+github@cert.at>
@mariuskarotkis
Apply suggestions from code review
576f85b 
Co-authored-by: Wagner <wagner+github@cert.at>
@mariuskarotkis
Fix
ea10af4
@mariuskarotkis
Fix
a86ca53
@ghost ghost added this to the 3.1.0 milestone Sep 17, 2021
@ghost ghost self-assigned this Sep 17, 2021
@ghost ghost merged commit d71e4d2 into certtools:develop Sep 17, 2021
@ghost
Copy link

ghost commented Sep 17, 2021

Thank you also for this nice addition! Apologies for the delays again - we very much value your contributions and your commitment!

@mariuskarotkis mariuskarotkis deleted the add_bot_bro_file branch September 18, 2021 04:04
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
Assignees
No one assigned
Labels
component: bots feature request Indicates new feature requests needs: feedback
Projects
None yet
Milestone
3.1.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mariuskarotkis @codecov-commenter