zeek update fails when updating from a v4 docker-zeek container or less to v6 due to an incompatibility in the ja3.zeek script

`zeek update` fails when updating from a v4 docker-zeek container to v6/latest due to incompatibility code logic in the `ja3.zeek` script here: `/var/lib/docker/volumes/zeek-zkg-script/_data/ja3`. The docker container uses to the volume `zeek-zkg-script` to mount the location of added scripts, to include `ja3.zeek`. PR was submitted which includes a command in the `zeek` script to remove the volume prior to starting an updated container. This ensures that the updated container gets the fixed `ja3.zeek` script which is compatible with Zeek v5.2 and above. 
 

ja3.zeek issue: https://github.com/salesforce/ja3/issues/87
PR: https://github.com/activecm/docker-zeek/pull/44

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

zeek update fails when updating from a v4 docker-zeek container or less to v6 due to an incompatibility in the ja3.zeek script #45

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

zeek update fails when updating from a v4 docker-zeek container or less to v6 due to an incompatibility in the ja3.zeek script #45

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions