Output tab needs timestamps

[GoogleCodeExporter]

It would be nice if the information displayed via the output tab was 
attributable to actions within ZAP.

What is the expected output? What do you see instead?
<timestamp> : <component> : <message>
such as:
20130418112534 : Active Scan : Failed to login

(Format date/time as you see fit)

What version of the product are you using? On what operating system?
ZAP: 2.0.0
Win: 2003 R2 SP1
Java: 1.7.0_17

Perhaps I should open a second issue for this but it would also be nice if you 
could clear the output tab.

Original issue reported on code.google.com by kingtho...@gmail.com on 18 Apr 2013 at 3:28

[GoogleCodeExporter]

Thought of adding an option for clearing the tab, but not thought of 
timestamping the output.
That would be very useful :)

Original comment by psii...@gmail.com on 22 Apr 2013 at 11:59

• Changed state: Accepted
• Added labels: Type-Enhancement
• Removed labels: Type-Defect

[GoogleCodeExporter]

Can the timestamps have a variable format?
For some applications Date by itself would be enough, some may need 
milliseconds and date would just eat valuable place.

(I love the Wireshark options of selecting full date, epoch, time relative to 
start, time relative to a reference point, time relative to previous)

Original comment by ruzicka....@gmail.com on 13 Jun 2013 at 9:16

[GoogleCodeExporter]

Thats a good point - so the user would be able to select whichever format was 
most applicable for them?

Original comment by psii...@gmail.com on 14 Jun 2013 at 9:36

[GoogleCodeExporter]

I think that would be a great move.

Original comment by kingtho...@gmail.com on 2 Jul 2013 at 3:18

[GoogleCodeExporter]

Flagging this as a IdealFirstBug - this can apply to just the timestamps and 
clearing options rather than the full variable format.
Although that could be done via a simple config option with a SimpleDateFormat 
string?

Original comment by psii...@gmail.com on 9 Oct 2013 at 3:43

• Added labels: IdealFirstBug

[GoogleCodeExporter]

Is the output tab even used anymore?

I just ran spider, active scan, fuzzer, forced browse, and ajax spider against 
a dummy site but saw nothing in the output tab.

Original comment by kingtho...@gmail.com on 23 Apr 2014 at 6:33

[GoogleCodeExporter]

Yep, it's still used.

The output tab is normally used to report exceptions/errors so it's normal that 
it doesn't show anything when everything goes well.

Oh, and it's also used to report the progress of un/installation of the add-ons.

Original comment by THC...@gmail.com on 24 Apr 2014 at 4:25

[GoogleCodeExporter]

Looks like clearing the output tab has already been addressed.
http://code.google.com/p/zaproxy/issues/detail?id=890

I'm looking at tackling this timestamp issue, I could use some feedback. I 
don't mean to drag this across a bunch of different mediums/resources but I 
started a thread in the dev group thinking my questions might gather answers 
helpful to others...
https://groups.google.com/forum/#!topic/zaproxy-develop/2nnoBixUORU

Original comment by kingtho...@gmail.com on 25 Apr 2014 at 2:02

[GoogleCodeExporter]

Replied to your dev group post - was on my todo list ;)

Original comment by psii...@gmail.com on 25 Apr 2014 at 2:08

[GoogleCodeExporter]

Thanks for linking the Issue 890 here, forgot to do that in the day, sorry.

Original comment by THC...@gmail.com on 26 Apr 2014 at 2:12

[GoogleCodeExporter]

I'm attaching two patches. They add just a simple timestamp to the output of 
both the standard output tab and scripts output tab.

In a future iteration I'll look at adding.
1) A button to each panel to enable/disable timestamps.
2) A configuration option to set the format(s).

Let me know what you think. They're functional though I'm not 100% happy with 
them. 
a) If you search our workspace you find many instances of SimpleDateFormat with 
different options/handling.
b) I've had to define getTimeStamp once in each patch because there didn't seem 
to be a good place within org.zaproxy.zap.utils for a pure helper 
function....(maybe I overlooked something).
c) The script output panel patch is a little kludgey in that it has to ignore 
newlines passed down the pipe from Rhino (I check if the append is only a 
newline and don't timestamp, otherwise timestamp).

Original comment by kingtho...@gmail.com on 28 Apr 2014 at 7:59

Attachments:

• scripts_OutputPanel.patch
• parosProxy_OutputPanel.patch

[GoogleCodeExporter]

Original comment by psii...@gmail.com on 30 Apr 2014 at 8:49

[GoogleCodeExporter]

Very minor nitpick - I'd be very tempted to declare the SimpleDateFormat as a 
static final, eg like 
https://code.google.com/p/zaproxy/source/browse/trunk/src/org/parosproxy/paros/e
xtension/report/ReportGenerator.java#58

I agree a helper function would be better and I'd have no problem with a new 
date/time related helper class.
Then we could give the user to option to define their own format via the 
options at some stage.

Anyway, you now have commit access so you can commit this change yourself and 
mark this issue as Committed.

Thanks for your contribution :)
How would you like to be credited? 
https://code.google.com/p/zaproxy/wiki/HelpCredits

Cheers,

Simon

Original comment by psii...@gmail.com on 1 May 2014 at 11:55

[GoogleCodeExporter]

Source info is not going to be possible at this time. Ascertaining source 
component would require reviewing all code to see what/when/who appends to the 
output tabs and ensure they're passing a source indicator to be included in the 
messages.

While psiinon has accepted my initial simple patch we've come the conclusion 
that a more robust/configurable option would be preferred so I'm currently 
working towards that.

Original comment by kingtho...@gmail.com on 2 May 2014 at 1:28

[GoogleCodeExporter]

r4834

Original comment by kingtho...@gmail.com on 12 May 2014 at 12:36

[GoogleCodeExporter]

Setting status to started. 

Original issue has been addressed in r4834. Adding the same functionality has 
been coded for the scripts output panel but can not be added until after a 
release/core update.

Original comment by kingtho...@gmail.com on 15 May 2014 at 6:41

• Changed state: Started

[GoogleCodeExporter]

Might be better to split those changes into other issue so this one can be 
marked as "Committed" (and "Fixed" once released) independently of the changes 
of the add-on.

Original comment by THC...@gmail.com on 15 May 2014 at 7:03

[GoogleCodeExporter]

Good call. I've opened Issue 1197.

Original comment by kingtho...@gmail.com on 15 May 2014 at 8:16

• Changed state: Committed

[GoogleCodeExporter]

r4920

Original comment by kingtho...@gmail.com on 25 May 2014 at 1:11

[GoogleCodeExporter]

Original comment by THC...@gmail.com on 2 Jun 2014 at 12:53

• Added labels: Build-20140519

[GoogleCodeExporter]

Issue 1192 has been merged into this issue.

Original comment by kingtho...@gmail.com on 16 Jun 2014 at 1:10

[GoogleCodeExporter]

 r5036

Original comment by kingtho...@gmail.com on 26 Jun 2014 at 1:57

[GoogleCodeExporter]

 r5037

Original comment by kingtho...@gmail.com on 26 Jun 2014 at 2:25

[GoogleCodeExporter]

 r5136

Original comment by kingtho...@gmail.com on 12 Jul 2014 at 1:10

[GoogleCodeExporter]

 r5138

Original comment by kingtho...@gmail.com on 12 Jul 2014 at 7:41

[GoogleCodeExporter]

Original comment by kingtho...@gmail.com on 12 Jul 2014 at 9:22

• Changed title: Output tab needs timestamps

[GoogleCodeExporter]

r5203

Original comment by kingtho...@gmail.com on 10 Aug 2014 at 2:44

[GoogleCodeExporter]

 r5277

Original comment by kingtho...@gmail.com on 23 Aug 2014 at 2:37

[GoogleCodeExporter]

Original comment by kingtho...@gmail.com on 28 Aug 2014 at 2:04

• Added labels: Version-2.4.0

[GoogleCodeExporter]

Removing the Version-2.4.0 label as this change has been committed :)

Original comment by psii...@gmail.com on 28 Aug 2014 at 2:11

• Removed labels: Version-2.4.0

[GoogleCodeExporter]

 r5309 - Simplified
 r5310 - Even better

Original comment by kingtho...@gmail.com on 29 Aug 2014 at 12:59

[GoogleCodeExporter]

Original comment by psii...@gmail.com on 3 Oct 2014 at 11:18

• Removed labels: IdealFirstBug

[GoogleCodeExporter]

Fixed in 2.4.0

Original comment by psii...@gmail.com on 14 Apr 2015 at 11:03

• Changed state: Fixed