2.5 Roadmap

robin · May 7, 2016, 12:56am

To summarize a team discussion today, we decided that we'll start
wrapping up development for Bro 2.5.

There's a lot of new functionality in git master now, and it will be
good to get that all into general use. The main piece missing from our
original 2.5 roadmap is porting the Bro Cluster to Broker. While much
of that work is in place already in a development branch, we are going
to postpone integration for now and will instead merge it at the
beginning of the upcoming 2.6 development cycle. That way we will have
more time for testing stability and performance of that new cluster
setup.

For 2.5, we're still targetting a few more pieces that aren't yet in
master, including:

     - Fixing the flare code to improve performance.
     - New SMB and NTP analyzers.
     - A simpler Broker API.

Furthermore, if there are any tickets pending that you'd like Bro 2.5
to address, now would be a good time to point them out.

Robin

Jan · May 7, 2016, 8:36am

Furthermore, if there are any tickets pending that you'd like Bro 2.5
to address, now would be a good time to point them out.

Coordinated with Seth I have done some refactoring of the
intel-framework
(GitHub - J-Gras/zeek at topic/jgras/intel-update). There are
only two changes left to do:
- adding Seth's extension mechanism
- adding expiration for items
I would be happy to finish that and open a pull request if you consider
this as relevant for 2.5. In case, what would be the deadline for the PR?

Best regards,
Jan

robin · May 9, 2016, 4:48pm

We don't have a concrete deadline yet, it'll most likely take a few
more weeks until we call a feature freeze. I'll let Seth comment on
content but generally merging your changes in for 2.5 certainly sounds
good to me.

Robin

Seth_Hall3 · May 10, 2016, 5:22pm

Agreed, looking forward to the changes Jan!

.Seth

robin · May 20, 2016, 7:32pm

Updates from today's meeting regarding 2.5 progress:

- Seth will send summary of the "flare situation" to bro-dev.

- NTP analyzer is in progress.

    - SMB analyzer almost ready for merge. We'll not load it by
      default. We will put it into policy instead and leave it
      commented out in local.bro, marked as experimental.

- Intel updates are in the queue.

- New Broker API is in progress.

Also, everybody, please look at tickets:

- Check any 2.5 tickets assigned to you; if you don't think you'll
make it, bump to 2.6.

- Assign further tickets to 2.5 that should go in but aren't
marked so yet.

Robin

Topic		Replies	Views
Bro 2.6-beta plans Development development	20	166	May 6, 2022
Some thoughts on the bro deep cluster, broker, and sumstats Development development	2	89	May 6, 2022
Broker has landed in master, please test Development development	7	96	May 6, 2022
Updating NEWS for 2.5 Development development	17	78	May 6, 2022
Broker has landed in master; on track for 2.6 Zeek	1	74	May 6, 2022

2.5 Roadmap

Related topics