-
As of the release of the GA combo of zq v0.25.0 and Brim v0.21.0, the JSON typing config for Suricata alert records is rigid such that we only accept the fields we expect to receive from the embedded …
-
-
Per #1183 , encode a data files time span in its name, use that info when selecting files to read for a query . As part of this work, we should also stop storing span/index information in the zar.json…
-
zapi needs a subcommand that can perform an archive index search, using the api introduced in https://github.com/brimsec/zq/pull/833 .
-
A community user asked:
> With some non-Zeek NDJSON data sources we turn into ZNG and store, we also may want to write to a SQL db (JSON works but prefer CSV) to populate visualizations of the dat…
-
Implement the byte type and add to coercion logic.
-
From an index search, we want a user to be able to choose one or more records from the tabular search results, and create a subspace where they can search the full data. We've discussed allowing contr…
-
/kind bug
**What steps did you take and what happened:**
```
Activating service-account ...
Activated service account credentials for: [kubeflow-testing@kubeflow-ci.iam.gserviceaccount.com]
Cre…
-
On another topic triggered by working on zst, I would like to figure out what we do with sets. They come from zeek and show up in the brim app, but we've only ever seen single-type sets and the spec …
-
Design and implement the means by which suricata's json alerts from the eve.json output file will be converted into zng. The solution will likely involve something à la types.json, but if some other a…