base/bif/reporter.bif.zeek
- GLOBAL
- Reporter
The reporter built-in functions allow for the scripting layer to generate messages of varying severity. If no event handlers exist for reporter messages, the messages are output to stderr. If event handlers do exist, it’s assumed they take care of determining how/where to output the messages.
See base/frameworks/reporter/main.zeek for a convenient reporter message logging framework.
- Namespaces:
GLOBAL, Reporter
Summary
Functions
Generates a “conn” weird. |
|
Generates a usually non-fatal error indicative of a definite problem that should be addressed. |
|
Generates a fatal error on stderr and terminates program execution. |
|
Generates a fatal error on stderr and terminates program execution after dumping a core file |
|
Generates a “file” weird. |
|
Generates a “flow” weird. |
|
Gets the current weird sampling duration. |
|
Gets the weird sampling global list |
|
Gets the current weird sampling rate. |
|
Gets the current weird sampling threshold |
|
Gets the weird sampling whitelist |
|
Generates an informational message. |
|
Generates a “net” weird. |
|
Sets the current weird sampling duration. |
|
Sets the weird sampling global list |
|
Sets the weird sampling rate. |
|
Sets the current weird sampling threshold |
|
Sets the weird sampling whitelist |
|
Generates a message that warns of a potential problem. |
Detailed Interface
Functions
- Reporter::conn_weird
- Type:
function(name:string, c:connection, addl:string&default=""&optional, source:string&default=""&optional) :bool
Generates a “conn” weird.
- Parameters:
name – the name of the weird.
c – the connection associated with the weird.
addl – additional information to accompany the weird.
- Returns:
Always true.
- Reporter::error
-
Generates a usually non-fatal error indicative of a definite problem that should be addressed. Program execution does not terminate unless the error is reported during initialization (e.g.,
zeek_init).- Parameters:
msg – The error message to report.
- Returns:
Always true.
See also:
reporter_error
- Reporter::fatal
-
Generates a fatal error on stderr and terminates program execution.
- Parameters:
msg – The error message to report.
- Returns:
Always true.
- Reporter::fatal_error_with_core
-
Generates a fatal error on stderr and terminates program execution after dumping a core file
- Parameters:
msg – The error message to report.
- Returns:
Always true.
- Reporter::file_weird
- Type:
function(name:string, f:fa_file, addl:string&default=""&optional, source:string&default=""&optional) :bool
Generates a “file” weird.
- Parameters:
name – the name of the weird.
f – the file associated with the weird.
addl – additional information to accompany the weird.
- Returns:
true if the file was still valid, else false.
- Reporter::flow_weird
- Type:
function(name:string, orig:addr, resp:addr, addl:string&default=""&optional, source:string&default=""&optional) :bool
Generates a “flow” weird.
- Parameters:
name – the name of the weird.
orig – the originator host associated with the weird.
resp – the responder host associated with the weird.
- Returns:
Always true.
- Reporter::get_weird_sampling_duration
-
Gets the current weird sampling duration.
- Returns:
weird sampling duration.
- Reporter::get_weird_sampling_global_list
- Type:
function() :string_set
Gets the weird sampling global list
- Returns:
Current weird sampling global list
- Reporter::get_weird_sampling_rate
-
Gets the current weird sampling rate.
- Returns:
weird sampling rate.
- Reporter::get_weird_sampling_threshold
-
Gets the current weird sampling threshold
- Returns:
current weird sampling threshold.
- Reporter::get_weird_sampling_whitelist
- Type:
function() :string_set
Gets the weird sampling whitelist
- Returns:
Current weird sampling whitelist
- Reporter::info
-
Generates an informational message.
- Parameters:
msg – The informational message to report.
- Returns:
Always true.
See also:
reporter_info
- Reporter::net_weird
- Type:
function(name:string, addl:string&default=""&optional, source:string&default=""&optional) :bool
Generates a “net” weird.
- Parameters:
name – the name of the weird.
- Returns:
Always true.
- Reporter::set_weird_sampling_duration
-
Sets the current weird sampling duration. Please note that this will not delete already running timers.
- Parameters:
weird_sampling_duration – New weird sampling duration.
- Returns:
always returns True
- Reporter::set_weird_sampling_global_list
- Type:
function(weird_sampling_global_list:string_set) :bool
Sets the weird sampling global list
- Parameters:
global_list – New weird sampling rate.
- Returns:
Always true.
- Reporter::set_weird_sampling_rate
-
Sets the weird sampling rate.
- Parameters:
weird_sampling_rate – New weird sampling rate.
- Returns:
Always returns true.
- Reporter::set_weird_sampling_threshold
-
Sets the current weird sampling threshold
- Parameters:
threshold – New weird sampling threshold.
- Returns:
Always returns true;
- Reporter::set_weird_sampling_whitelist
- Type:
function(weird_sampling_whitelist:string_set) :bool
Sets the weird sampling whitelist
- Parameters:
whitelist – New weird sampling rate.
- Returns:
Always true.
- Reporter::warning
-
Generates a message that warns of a potential problem.
- Parameters:
msg – The warning message to report.
- Returns:
Always true.
See also:
reporter_warning