Outstanding 2.5 tickets recap

We're very close. :slight_smile: I wanted to summarize the remaining tickets with
some notes/questions to the people who I believe have the token there
right now:

- SMB file not used?, [BIT-1721] - Bro Tracker
  Seth/Vlad: I noticed yesterday that an SMB .bif doesn't seem to be
  used?

- Log file list is out of date, [BIT-1720] - Bro Tracker
  Could somebody take this one on: what are the new log files in 2.5,
  we need to add them to the overview in the docs.

- ssh_auth_failed raised multiple times in single connection, [BIT-1641] - Bro Tracker
  Vlad, how far are you implementing these changes?

- missing uid field in SMB1 script, https://bro-tracker.atlassian.net/browse/BIT-1688?filter=10001
  Seth?

- missing certain logs if logger node is enabled, [BIT-1700] - Bro Tracker
  Seth, does adding that 3rd option for now looks like a viable
  compromise?

- Very long "pipe_name" in dce_rpc.log, [BIT-1702] - Bro Tracker
  Seth/Vlad, sounds like the current suspicion is that this is trouble with fragmentation?

- Python 3.5 compatibility in broccoli-python, https://bro-tracker.atlassian.net/browse/BIT-1711?filter=10001
  Seth, this is just waiting on more feedback on the problem I think

- Py3 compatibility, [BIT-1719] - Bro Tracker
  Daniel, any idea yet what's going on here? Could it be btest-related
  (given that core tests seem to be failing, which shouldn't have a
  Python dependency otherwise?)

Robin

- SMB file not used?, https://bro-tracker.atlassian.net/browse/BIT-1721
Seth/Vlad: I noticed yesterday that an SMB .bif doesn't seem to be
used?

Vlad said he tested compiling that in and no tests were affected. I'll test it with my private test suite as well.

- missing uid field in SMB1 script, https://bro-tracker.atlassian.net/browse/BIT-1688?filter=10001
Seth?

Sorry, I think know the fix, I just need to get to it.

- missing certain logs if logger node is enabled, https://bro-tracker.atlassian.net/browse/BIT-1700
Seth, does adding that 3rd option for now looks like a viable
compromise?

Yep, that's fine, but I left a note on the ticket with some more thoughts.

- Very long "pipe_name" in dce_rpc.log, https://bro-tracker.atlassian.net/browse/BIT-1702
Seth/Vlad, sounds like the current suspicion is that this is trouble with fragmentation?

Yeah, it's that plus an actual parser error. I have a sample and I'm working on it now.

- Python 3.5 compatibility in broccoli-python, https://bro-tracker.atlassian.net/browse/BIT-1711?filter=10001
Seth, this is just waiting on more feedback on the problem I think

Left a note.

I'll be working on stuff this weekend... again. :slight_smile:

  .Seth