zeek version 7.1.1
Hey all, when going through the examples on 2. Communication — Broker User Manual
it seems that the documentation references outdated versions of c++ needed to use std::variant as well as an incorrect order of library links during compilation.
When taking the examples at face value:
# g++ -std=c++11 -lbroker -lcaf_core -lcaf_io -lcaf_openssl -o ping ping.cc
# zeek ping.zeek &
# ./ping
It is assumed to work if CAF has been included in the system.
Yet, after some reading and reconfiguring, the cascade of errors was resolved using:
g++ -std=c++17 -L/usr/local/lib -o ping ping.cc -lbroker -lcaf_core -lcaf_io -lcaf_openssl
Heres output of the ping/pong example for verification:
root@host:/opt/zeek/share/zeek/site# g++ -std=c++17 -L/usr/local/lib -o ping ping.cc -lbroker -lcaf_core -lcaf_io -lcaf_openssl
root@host:/opt/zeek/share/zeek/site# ./ping
[broker/INFO] 2025-03-29T20:47:05.950 creating endpoint d14d29a5-d8f3-55ef-8192-53b64db4c69a
[broker/INFO] 2025-03-29T20:47:05.950 enable forwarding on this peer (default)
[broker/INFO] 2025-03-29T20:47:05.950 creating subscriber for topic(s) [/topic/test]
[broker/INFO] 2025-03-29T20:47:05.950 creating subscriber for topic(s) [<$>/local/data/errors, <$>/local/data/statuses]
[broker/INFO] 2025-03-29T20:47:05.950 starting to peer with 127.0.0.1:9999 retry: 10000000000ns [synchronous]
[broker/INFO] 2025-03-29T20:47:05.984 publishing <unprintable> at [47, 116, 111, 112, 105, 99, 47, 116, 101, 115, 116]
[broker/INFO] 2025-03-29T20:47:05.987 publishing (1, 2, (Broker::LOG, Log::WRITER_ASCII, (broker, 0.000000, 0.000000, 1743281225.986272, {}, ), ((ts, nil, 5, 0, F), (ty, nil, 9, 0, F), (ev, nil, 7, 0, F), (peer.address, nil, 7, 0, F), (peer.bound_port, nil, 10, 0, F), (message, nil, 7, 0, T)))) at zeek/logs/Broker::LOG
[broker/INFO] 2025-03-29T20:47:05.988 publishing (1, 1, (pong, (0), ((1, 1743281225988340992ns)))) at /topic/test
Received pong(0)
[broker/INFO] 2025-03-29T20:47:05.989 publishing <unprintable> at [47, 116, 111, 112, 105, 99, 47, 116, 101, 115, 116]
[broker/INFO] 2025-03-29T20:47:05.990 publishing (1, 1, (pong, (1), ((1, 1743281225990145024ns)))) at /topic/test
Received pong(1)
[broker/INFO] 2025-03-29T20:47:05.990 publishing <unprintable> at [47, 116, 111, 112, 105, 99, 47, 116
, 101, 115, 116]
[broker/INFO] 2025-03-29T20:47:05.991 publishing (1, 1, (pong, (2), ((1, 1743281225991514880ns)))) at /topic/test
Received pong(2)
[broker/INFO] 2025-03-29T20:47:05.992 publishing <unprintable> at [47, 116, 111, 112, 105, 99, 47, 116, 101, 115, 116]
[broker/INFO] 2025-03-29T20:47:05.992 publishing (1, 1, (pong, (3), ((1, 1743281225992865024ns)))) at /topic/test
Received pong(3)
[broker/INFO] 2025-03-29T20:47:05.993 publishing <unprintable> at [47, 116, 111, 112, 105, 99, 47, 116, 101, 115, 116]
[broker/INFO] 2025-03-29T20:47:05.994 publishing (1, 1, (pong, (4), ((1, 1743281225994223104ns)))) at /topic/test
Received pong(4)
[broker/INFO] 2025-03-29T20:47:05.994 shutting down endpoint
root@host:/opt/zeek/share/zeek/site# [broker/INFO] 2025-03-29T20:47:06.544 publishing <unprintable> at [122, 101, 101, 107, 47, 108, 111, 103, 115, 47, 66, 114, 111, 107, 101, 114, 58, 58, 76, 79, 71]
Is this something I could help update or is there something I could have done differently to make the ping/pong example compile using the instructions on the https://docs.zeek.org/projects/broker/en/current/comm.html#exchanging-zeek-events page ?