Would you like to add more error handling for return values from functions like the following?

• malloc ⇒ moloch_trie_init
• [MOLOCH_LOCK_INIT](https://github.com/aol/moloch/blob/664ffe25810380f12823941c210

zeek-cut currently has ability to output "header blocks" in prefix to records. It would be helpful if there was an option that output a simple header row that contained only the corresponding field names, the target format supporting essentially CSV ready output.

Convoluted example of how we're achieving/using today with (for example) the Miller tool to postprocess:

$ zeek-cut -F, -c < 

The project works with 8 modules < reference source/Module >

• Creating issue to accelerate/track test frame building of each module
• The test folder has a very basic example to start with.
• Feel free to make a pull request for the test cases

I'm trying a simple test with tcpliveplay but it seems tcpliveplay doesn't handle TCP handshake properly.
Let me describe the steps from my testing.

1. Logged as root on machine A I ran this command to capture all the traffic to the host 104.31.95.22 (my website).

# tcpdump host 104.31.95.22 -n -s 65535 -w http.pcap

2. In another shell instance under the same machine I performed a