[METRON-815] sensor-stubs sometimes send malformed bro timestamps - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Done
Priority: Major
Resolution: Done
Affects Version/s: None
Fix Version/s: 0.4.0
Labels:
None

Description

The bro sensor-stub sends malformed timestamps when transforming an input timestamp that has less than 6 digits. For instance:

[vagrant@node1 bin]$ SEARCH="\"ts\"\:[0-9]+.[0-9]{6}"
[vagrant@node1 bin]$ REPLACE="\"ts\"\:`date +%s`.000000"
[vagrant@node1 bin]$ cat /opt/sensor-stubs/data/bro.out | sed -e "s/$SEARCH/$REPLACE/g"
...
{"dns":

{"ts":1491064638.000000.38621,"uid":"CQ5vBa2GcEToa4NKt5","id.orig_h":"192.168.66.1","id.orig_p":5353,"id.resp_h":"224.0.0.251","id.resp_p":5353,"proto":"udp","trans_id":0,"query":"_googlecast._tcp.local","qclass":1,"qclass_name":"C_INTERNET","qtype":12,"qtype_name":"PTR","AA":false,"TC":false,"RD":false,"RA":false,"Z":0,"rejected":false}

}

Attachments

Issue Links

links to

GitHub Pull Request #503

Activity

People

Assignee:: Jon Zeolla

Reporter:: Jon Zeolla

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 01/Apr/17 16:41

Updated:: 27/Jun/17 00:08

Resolved:: 17/Apr/17 22:19