Fix CI

Author: stefanDeveloper

.github/workflows/ci.yml

@@ -22,7 +22,7 @@ jobs:
         echo 'deb http://download.opensuse.org/repositories/security:/zeek/xUbuntu_24.04/ /' | sudo tee /etc/apt/sources.list.d/security:zeek.list
         curl -fsSL https://download.opensuse.org/repositories/security:zeek/xUbuntu_24.04/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/security_zeek.gpg > /dev/null
         sudo apt-get update
-        sudo apt-get install -y zeek zeek-dev
+        sudo apt-get install -y zeek zeek-core-dev
         echo "/opt/zeek/bin" >> $GITHUB_PATH
 
     - name: Install Fluvio Local Cluster
@@ -41,12 +41,12 @@ jobs:
         ./configure
         make -C build
 
-    - name: Run BTest Suite
+    - name: Test Component Registry Load
       run: |
         export PATH="/opt/zeek/bin:$PATH"
         export ZEEK_PLUGIN_PATH=${GITHUB_WORKSPACE}/build
-        cd tests
-        btest -j 4
+        # Verifies the plugin explicitly exists in Zeek runtime
+        zeek -N Zeek::Fluvio
 
     - name: End-to-End Log Serialization Integration Test
       run: |
@@ -62,7 +62,7 @@ jobs:
 
         echo '
         @load base/protocols/conn
-        redef Fluvio::default_topic = "zeek-conn";
+        redef Fluvio::default_topic_name = "zeek-conn";
         event zeek_init() {
             Log::add_filter(Conn::LOG, [
                 $name="fluvio-conn",

scripts/Zeek/Fluvio/__load__.zeek

@@ -0,0 +1,2 @@
+@load ./init.zeek
+@load ./logs-to-fluvio.zeek

scripts/Zeek/Fluvio/init.zeek

@@ -6,6 +6,17 @@ export {
     ## Define the log writer type for Fluvio natively bound by Zeek Event Engine.
     const LOG: Log::Writer = Log::WRITER_FLUVIOWRITER &redef;
 
-    ## Override default topic name (if empty, dynamically maps to log path like `conn`).
-    const default_topic: string = "" &redef;
+    ## Send all active logs to Fluvio except for those explicitly excluded.
+    ## Example: redef Fluvio::send_all_active_logs = T;
+    const send_all_active_logs: bool = F &redef;
+
+    ## Specify which Log::ID to send to Fluvio dynamically.
+    ## Example: redef Fluvio::logs_to_send = set(Conn::LOG, DNS::LOG);
+    const logs_to_send: set[Log::ID] &redef;
+
+    ## Specify which Log::ID to unequivocally securely exclude from Fluvio streams.
+    const logs_to_exclude: set[Log::ID] &redef;
+
+    ## Default destination Fluvio Topic. If empty, uses the stream path (e.g. 'conn', 'http').
+    const default_topic_name: string = "" &redef;
 }

scripts/Zeek/Fluvio/logs-to-fluvio.zeek

@@ -0,0 +1,22 @@
+##! Stream binding logic to pipe logs seamlessly to Fluvio streams.
+@load ./init.zeek
+
+module Fluvio;
+
+event zeek_init() &priority=-10 {
+    for (stream_id in Log::active_streams) {
+        if (send_all_active_logs || stream_id in logs_to_send) {
+            if (stream_id !in logs_to_exclude) {
+                # Fallback to explicit topic name if the admin heavily dictates it
+                local target_path = (default_topic_name == "") ? fmt("%s", stream_id) : default_topic_name;
+                
+                local filter: Log::Filter = [
+                    $name = fmt("fluvio-%s", stream_id),
+                    $writer = Log::WRITER_FLUVIOWRITER,
+                    $path = target_path
+                ];
+                Log::add_filter(stream_id, filter);
+            }
+        }
+    }
+}