base/bif/reporter.bif.zeek
- GLOBAL
- Reporter
The reporter built-in functions allow for the scripting layer to generate messages of varying severity. If no event handlers exist for reporter messages, the messages are output to stderr. If event handlers do exist, it’s assumed they take care of determining how/where to output the messages.
See base/frameworks/reporter/main.zeek for a convenient reporter message logging framework.
- Namespaces
GLOBAL, Reporter
Summary
Functions
Generates a “conn” weird. |
|
Generates a non-fatal error indicative of a definite problem that should be addressed. |
|
Generates a fatal error on stderr and terminates program execution. |
|
Generates a fatal error on stderr and terminates program execution after dumping a core file |
|
Generates a “file” weird. |
|
Generates a “flow” weird. |
|
Gets the current weird sampling duration. |
|
Gets the weird sampling global list |
|
Gets the current weird sampling rate. |
|
Gets the current weird sampling threshold |
|
Gets the weird sampling whitelist |
|
Generates an informational message. |
|
Generates a “net” weird. |
|
Sets the current weird sampling duration. |
|
Sets the weird sampling global list |
|
Sets the weird sampling rate. |
|
Sets the current weird sampling threshold |
|
Sets the weird sampling whitelist |
|
Generates a message that warns of a potential problem. |
Detailed Interface
Functions
- Reporter::conn_weird
- Type
function
(name:string
, c:connection
, addl:string
&default
=""
&optional
, source:string
&default
=""
&optional
) :bool
Generates a “conn” weird.
- Name
the name of the weird.
- C
the connection associated with the weird.
- Addl
additional information to accompany the weird.
- Returns
Always true.
- Reporter::error
-
Generates a non-fatal error indicative of a definite problem that should be addressed. Program execution does not terminate.
- Msg
The error message to report.
- Returns
Always true.
See also:
reporter_error
- Reporter::fatal
-
Generates a fatal error on stderr and terminates program execution.
- Msg
The error message to report.
- Returns
Always true.
- Reporter::fatal_error_with_core
-
Generates a fatal error on stderr and terminates program execution after dumping a core file
- Msg
The error message to report.
- Returns
Always true.
- Reporter::file_weird
- Type
function
(name:string
, f:fa_file
, addl:string
&default
=""
&optional
, source:string
&default
=""
&optional
) :bool
Generates a “file” weird.
- Name
the name of the weird.
- F
the file associated with the weird.
- Addl
additional information to accompany the weird.
- Returns
true if the file was still valid, else false.
- Reporter::flow_weird
- Type
function
(name:string
, orig:addr
, resp:addr
, addl:string
&default
=""
&optional
, source:string
&default
=""
&optional
) :bool
Generates a “flow” weird.
- Name
the name of the weird.
- Orig
the originator host associated with the weird.
- Resp
the responder host associated with the weird.
- Returns
Always true.
- Reporter::get_weird_sampling_duration
-
Gets the current weird sampling duration.
- Returns
weird sampling duration.
- Reporter::get_weird_sampling_global_list
- Type
function
() :string_set
Gets the weird sampling global list
- Returns
Current weird sampling global list
- Reporter::get_weird_sampling_rate
-
Gets the current weird sampling rate.
- Returns
weird sampling rate.
- Reporter::get_weird_sampling_threshold
-
Gets the current weird sampling threshold
- Returns
current weird sampling threshold.
- Reporter::get_weird_sampling_whitelist
- Type
function
() :string_set
Gets the weird sampling whitelist
- Returns
Current weird sampling whitelist
- Reporter::info
-
Generates an informational message.
- Msg
The informational message to report.
- Returns
Always true.
See also:
reporter_info
- Reporter::net_weird
- Type
function
(name:string
, addl:string
&default
=""
&optional
, source:string
&default
=""
&optional
) :bool
Generates a “net” weird.
- Name
the name of the weird.
- Returns
Always true.
- Reporter::set_weird_sampling_duration
-
Sets the current weird sampling duration. Please note that this will not delete already running timers.
- Weird_sampling_duration
New weird sampling duration.
- Returns
always returns True
- Reporter::set_weird_sampling_global_list
- Type
function
(weird_sampling_global_list:string_set
) :bool
Sets the weird sampling global list
- Global_list
New weird sampling rate.
- Returns
Always true.
- Reporter::set_weird_sampling_rate
-
Sets the weird sampling rate.
- Weird_sampling_rate
New weird sampling rate.
- Returns
Always returns true.
- Reporter::set_weird_sampling_threshold
-
Sets the current weird sampling threshold
- Threshold
New weird sampling threshold.
- Returns
Always returns true;
- Reporter::set_weird_sampling_whitelist
- Type
function
(weird_sampling_whitelist:string_set
) :bool
Sets the weird sampling whitelist
- Whitelist
New weird sampling rate.
- Returns
Always true.
- Reporter::warning
-
Generates a message that warns of a potential problem.
- Msg
The warning message to report.
- Returns
Always true.
See also:
reporter_warning