Skip to content

Commit

Permalink
Fix Zeek won't run if no scripts in path (#156)
Browse files Browse the repository at this point in the history
  • Loading branch information
@0x120102181f0a040a01181c
0x120102181f0a040a01181c committed Sep 27, 2022
1 parent a0e5f64 commit 29d0df0
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 2 deletions.
2 changes: 1 addition & 1 deletion VERSION
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
3.2.4
3.2.5
5 changes: 4 additions & 1 deletion dalton-agent/dalton-agent.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1206,7 +1206,10 @@ def run_zeek(json_logs):
zeek_command = "cd %s && %s -C -r %s" % (IDS_LOG_DIRECTORY, IDS_BINARY, PCAP_FILES[0])
if json_logs:
zeek_command += " -e 'redef LogAscii::use_json=T;redef LogAscii::json_timestamps=JSON::TS_ISO8601;'"
zeek_command += " /opt/dalton-agent/zeek_scripts/*"

if len([f for f in os.listdir('/opt/dalton-agent/zeek_scripts/') if not f.startswith('.')]) > 0:
zeek_command += " /opt/dalton-agent/zeek_scripts/*"

print_msg("Starting Zeek and Running Pcap(s)...")
print_debug("Running Zeek with the following command command:\n%s" % zeek_command)
zeek_output_fh = open(JOB_IDS_LOG, "w")
Expand Down

0 comments on commit 29d0df0

Please sign in to comment.