-
I recently ran an experiment to see what would happen if I used an external agent (specifically, [Logstash](https://www.elastic.co/logstash/)) to push data to a Zed lake rather than using `zapi load`.…
-
This is probably not a huge deal, however, I just wanted to comment that the field names `target_host` and `target_port` in the log4j.log at first blush seem a bit misleading/confusing, but maybe I'm …
-
**Goal Statement**
This experimental feature of ingesting data from the Splunk HTTP API should be marked as deprecated. We will need to change the text to "deprecated" for each of the [affected integr…
-
Hi,
I was wondering if there are plans to update the used mongo db version so that RITA can be used on ubuntu 22.04 LTS.
Currently it seems that MongoDB 4.2 is not supported on ubuntu 22.04 jammy.
…
-
https://github.com/zeek/zeek/actions/runs/11593218161/job/32276782216#step:4:88
```
[INFO] This may take a few minutes...
An unexpected error has occurred: CalledProcessError: command: ('/home/ru…
-
`PacketFilter::enable_auto_protocol_capture_filters` enables a BPF filter that only allows the traffic of analyzed protocols to pass to Zeek (see https://docs.zeek.org/en/lts/scripts/base/frameworks/p…
-
Docker now supports --build-arg as well as multi-stage dockerfiles which should mean I can remove the use of docker-squash and remove a lot of duplicate code between the versions.
-
Some readme files are not being properly downloaded
-
Zeek version strings follow the schema `MAJOR.MINOR.PATCH[-LOCALVERSION][-debug]` where `LOCALVERSION` can be injected at configure time via `--localversion` and `-debug` gets appended for builds conf…
-
## Goal
The goal of this issue is to migrate existing packages that rely on `log` (`logfile`) input to `filestream`. Updating the package must be backwards compatible. The change in the integration…
kvch updated
2 months ago