base/bif/reporter.bif.zeek
- GLOBAL
- Reporter
The reporter built-in functions allow for the scripting layer to generate messages of varying severity. If no event handlers exist for reporter messages, the messages are output to stderr. If event handlers do exist, it’s assumed they take care of determining how/where to output the messages.
See base/frameworks/reporter/main.zeek for a convenient reporter message logging framework.
- Namespaces
GLOBAL, Reporter
Summary
Functions
Generates a “conn” weird. |
|
Generates a non-fatal error indicative of a definite problem that should be addressed. |
|
Generates a fatal error on stderr and terminates program execution. |
|
Generates a fatal error on stderr and terminates program execution after dumping a core file |
|
Generates a “file” weird. |
|
Generates a “flow” weird. |
|
Gets the current weird sampling duration. |
|
Gets the weird sampling global list |
|
Gets the current weird sampling rate. |
|
Gets the current weird sampling threshold |
|
Gets the weird sampling whitelist |
|
Generates an informational message. |
|
Generates a “net” weird. |
|
Sets the current weird sampling duration. |
|
Sets the weird sampling global list |
|
Sets the weird sampling rate. |
|
Sets the current weird sampling threshold |
|
Sets the weird sampling whitelist |
|
Generates a message that warns of a potential problem. |
Detailed Interface
Functions
- Reporter::conn_weird
- Type
function(name:string, c:connection, addl:string&default=""&optional, source:string&default=""&optional) :bool
Generates a “conn” weird.
- Parameters
name – the name of the weird.
c – the connection associated with the weird.
addl – additional information to accompany the weird.
- Returns
Always true.
- Reporter::error
-
Generates a non-fatal error indicative of a definite problem that should be addressed. Program execution does not terminate.
- Parameters
msg – The error message to report.
- Returns
Always true.
See also:
reporter_error
- Reporter::fatal
-
Generates a fatal error on stderr and terminates program execution.
- Parameters
msg – The error message to report.
- Returns
Always true.
- Reporter::fatal_error_with_core
-
Generates a fatal error on stderr and terminates program execution after dumping a core file
- Parameters
msg – The error message to report.
- Returns
Always true.
- Reporter::file_weird
- Type
function(name:string, f:fa_file, addl:string&default=""&optional, source:string&default=""&optional) :bool
Generates a “file” weird.
- Parameters
name – the name of the weird.
f – the file associated with the weird.
addl – additional information to accompany the weird.
- Returns
true if the file was still valid, else false.
- Reporter::flow_weird
- Type
function(name:string, orig:addr, resp:addr, addl:string&default=""&optional, source:string&default=""&optional) :bool
Generates a “flow” weird.
- Parameters
name – the name of the weird.
orig – the originator host associated with the weird.
resp – the responder host associated with the weird.
- Returns
Always true.
- Reporter::get_weird_sampling_duration
-
Gets the current weird sampling duration.
- Returns
weird sampling duration.
- Reporter::get_weird_sampling_global_list
- Type
function() :string_set
Gets the weird sampling global list
- Returns
Current weird sampling global list
- Reporter::get_weird_sampling_rate
-
Gets the current weird sampling rate.
- Returns
weird sampling rate.
- Reporter::get_weird_sampling_threshold
-
Gets the current weird sampling threshold
- Returns
current weird sampling threshold.
- Reporter::get_weird_sampling_whitelist
- Type
function() :string_set
Gets the weird sampling whitelist
- Returns
Current weird sampling whitelist
- Reporter::info
-
Generates an informational message.
- Parameters
msg – The informational message to report.
- Returns
Always true.
See also:
reporter_info
- Reporter::net_weird
- Type
function(name:string, addl:string&default=""&optional, source:string&default=""&optional) :bool
Generates a “net” weird.
- Parameters
name – the name of the weird.
- Returns
Always true.
- Reporter::set_weird_sampling_duration
-
Sets the current weird sampling duration. Please note that this will not delete already running timers.
- Parameters
weird_sampling_duration – New weird sampling duration.
- Returns
always returns True
- Reporter::set_weird_sampling_global_list
- Type
function(weird_sampling_global_list:string_set) :bool
Sets the weird sampling global list
- Parameters
global_list – New weird sampling rate.
- Returns
Always true.
- Reporter::set_weird_sampling_rate
-
Sets the weird sampling rate.
- Parameters
weird_sampling_rate – New weird sampling rate.
- Returns
Always returns true.
- Reporter::set_weird_sampling_threshold
-
Sets the current weird sampling threshold
- Parameters
threshold – New weird sampling threshold.
- Returns
Always returns true;
- Reporter::set_weird_sampling_whitelist
- Type
function(weird_sampling_whitelist:string_set) :bool
Sets the weird sampling whitelist
- Parameters
whitelist – New weird sampling rate.
- Returns
Always true.
- Reporter::warning
-
Generates a message that warns of a potential problem.
- Parameters
msg – The warning message to report.
- Returns
Always true.
See also:
reporter_warning