Add guide on reassembling multi-segment messages#407
Draft
Zedoraps wants to merge 1 commit into
Draft
Conversation
Contributor
|
📦 Preview · View → · 🟢 Live Verified for |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 7ce795c8a1
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
Zedoraps
force-pushed
the
feat/cisco-ise-ocsf-package
branch
5 times, most recently
from
0f1ac73 to
8ae0c10
Compare
Zedoraps
force-pushed
the
feat/cisco-ise-ocsf-package
branch
3 times, most recently
from
be19fae to
e7208e4
Compare
Document the generic pattern for reassembling a logical message that a source split across several transport messages: frame each segment, gather the segments of one message with an outer window and an inner group keyed on the id, then concatenate the payloads in order. Cast the segment counter before sorting, and include a delay-based example that shows messages streaming in over more than the window, plus what happens when one message's segments outrun it. Add reciprocal See Also links on window and group, the operators the technique is built on. Assisted-by: Claude Opus 4.8 (1M context) (Claude Code)
Zedoraps
force-pushed
the
feat/cisco-ise-ocsf-package
branch
from
e7208e4 to
4778b83
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🔍 Problem
🛠️ Solution
guides/parsing/reassemble-multi-segment-messages(sidebar: Guides → Parsing).parse_grok, gather them with an outerwindowand an innergroupkeyed on the id, thensort+collect+firstto concatenate payloads in order.windowoutermost (notgroup) so state is bounded to the open windows rather than one subpipeline per near-unique id; the note explains why and when to invert.cisco::ise::*operators as a real-world implementation.💬 Review
- Example pipelines verified to run;
⚙️ Code PR: tenzir/library#161window-outer vsgroup-outer equivalence verified by running both on interleaved sample data; output is identical.markdownlintpasses on the changed file.