Recently I git cloned a zeek plugin, built it, and then wanted to add additional instrumentation (to understand it better) via the PLUGIN_DBG_LOG() macro mentioned here [1].

While adding the debug macros worked fine, I had difficulties switching on the debugging via the zeek --debug option. Why? Because the plugin name to be specified is case sensitive and if you get it wrong then there is

An increasing number of sites are supporting HTTP 2.0 which manifests very different than HTTP 1.* traffic. This analyzer adds an http2 log as well as intel framework extensions. Because it is an analyzer it requires access to the compiled source of Bro to be compiled itself as opposed to a regular bro script.

https://github.com/MITRECND/bro-http2

As the http2 analyzer documentation states

$ python3 loki.py
Traceback (most recent call last):
  File "loki.py", line 43, in <module>
    from lib.lokilogger import *
  File "/Users/w/Downloads/Loki/lib/lokilogger.py", line 15, in <module>
    from helpers import removeNonAsciiDrop
ModuleNotFoundError: No module named 'helpers'

Python 3.7.7 homebrew
Cloned directly from master.
helpers.py is present in

Bug / Feature Request

Work Environment

Problem Description

There are no longer any default dashboards

Possible Solutions

Add the default da

With #1159 the ability to click parts of a chart and create a search in explore opens up the possibility to define an aggregation ID as well in the URL, eg: https://<TS_HOST>/sketch/<SKETCH_ID>/explore?q=my_search_query&a=132 - would point to a saved aggregation with an aggregation id 132... so clicking a bar (or data point) on the chart would bring you to explore, displaying that filtered view

See #88

Description

Package uwsgi from Ubuntu repo is advised in production usage, but it is too old and won't work. File yeti_uwsgi.service has -w switch which is absent in this package.

Pip version works, probably it's sufficient to add uwsgi to requirements.txt

Environment

There is a broken link in the README.md file, in the sentence that reads:

Right clicking on a node exposes a context menu that allows you to run graph mutators.

It appears that the word graph mutators in the above sentence is intended to link to a mutators.md file under docs. But it seems that no such file exists. Is there another document it should be pointing to? Let me know if I ca

I was wondering the benefit of using Modular File Management vs Single Config File Management? Why do you consider it easier to use multiple files and then compile? Trying to figure out what the best case is for my use case. Thanks. #

Include Dockerfile in root of project

Request Type

Feature Request

Description

As part of the development and release cycle, please include the Dockerfile generated by docker.sbt in the root of the project so that the container can be built directly from the repo itself.

I was wondering if you had any updated documentation that could be added. The most current documentation is for version 1.3.0 4 years ago, and I know there has been a lot of things added since then.

Thanks!

Right now a lot of the logging from the tasks does not get propagated back to the user, so we should make sure that all of the tasks are adding logs and errors to the results so that at minimum the data gets put into the worker-log.txt. Ideally we would store this info in datastore so that the clients could query it later (this part is in #115).

Icons should bring up relevant window:

• Cookies icon on the tree should show cookies with associated information (URLs)
• Cookies on the detailed view should show the whole cookie