Skip to content

Implement a zeek-tsv format #3114

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 25 commits into from
May 11, 2023
Merged

Implement a zeek-tsv format #3114

merged 25 commits into from
May 11, 2023

Conversation

Dakostu
Copy link

@Dakostu Dakostu commented May 2, 2023
edited
Loading

This PR implements a zeek-tsv pipeline format that enables the user to parse and print Zeek TSV logs inside a pipeline.

@Dakostu Dakostu requested a review from a team May 2, 2023 14:14
@Dakostu Dakostu added the feature New functionality label May 2, 2023
@Dakostu Dakostu force-pushed the topic/zeek-tsv-format branch 10 times, most recently from f68ce95 to 6a451c7 Compare May 3, 2023 14:37
@Dakostu Dakostu marked this pull request as ready for review May 3, 2023 15:49
@Dakostu
Copy link
Author

Dakostu commented May 3, 2023
edited
Loading

This PR is ready for review, although not quite cleaned up yet. E.g. I wonder if we need the slice casting at all.

This should only be merged after topic/flatten has been merged for a proper rebasing of this branch. The current implementation is flatten-less.

@Dakostu Dakostu force-pushed the topic/zeek-tsv-format branch 2 times, most recently from deaf0b9 to 1942e2e Compare May 4, 2023 08:12
@Dakostu Dakostu requested a review from mavam May 4, 2023 09:36
@Dakostu Dakostu changed the title Implement a zeek format Implement a zeek-tsv format May 4, 2023
@dominiklohmann dominiklohmann force-pushed the topic/flatten branch 3 times, most recently from 327913d to 3bd8856 Compare May 4, 2023 14:19
@Dakostu Dakostu force-pushed the topic/zeek-tsv-format branch from ac91332 to 8a19b5a Compare May 8, 2023 13:58
@Dakostu Dakostu changed the base branch from topic/flatten to main May 8, 2023 13:59
@Dakostu Dakostu force-pushed the topic/zeek-tsv-format branch from 8a19b5a to 119512f Compare May 8, 2023 14:00
mavam
mavam approved these changes May 8, 2023
View reviewed changes
Copy link
Member

@mavam mavam left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Solid! The integration tests cover this well.

May I ask you to review the docs for the zeek-tsv format in #3127?

@Dakostu Dakostu force-pushed the topic/zeek-tsv-format branch from d10ff0d to ac8b399 Compare May 9, 2023 12:44
mavam
mavam reviewed May 11, 2023
View reviewed changes
@Dakostu Dakostu enabled auto-merge May 11, 2023 11:15
@Dakostu Dakostu merged commit 747adb5 into main May 11, 2023
@Dakostu Dakostu deleted the topic/zeek-tsv-format branch May 11, 2023 11:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mavam mavam mavam approved these changes

@dominiklohmann dominiklohmann dominiklohmann left review comments

Assignees
No one assigned
Labels
feature New functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Dakostu @mavam @dominiklohmann