Merge pull request #6 from corelight/topic/Lagermann/zeek-6

Move ep declaration to outer-scope

scripts/known.zeek

@@ -55,13 +55,15 @@ function unknownEndpoint (kep: Known::Endpoint) {
 # note: priority of -5, the connection will already be removed from memory
 event connection_state_remove(c: connection) &priority=-5 {
     if (extra_logging_known) {
+        local ep: Known::Endpoint;
+
         if ( !c$conn?$local_orig && !c$conn?$local_resp ) {
             return;
         }
 
         # If the orig IP is local, check the list, update the following logs.
         if ( c$conn?$local_orig ) {
-            local ep = Common::get_endpoint(c, c$id$orig_h);
+            ep = Common::get_endpoint(c, c$id$orig_h);
             # If it's in the list, update the fields, else flag it as unknown
             if ( c$id$orig_h in hosts_data ) {
                 knownEndpoint(ep);

zkg.meta

@@ -1,7 +1,7 @@
 [package]
-description = v2.0.0 - This package enriches multiple logs by adding information from a vulnerability scanner or endpoint agent.
+description = v2.0.1 - This package enriches multiple logs by adding information from a vulnerability scanner or endpoint agent.
 script_dir = scripts
-version=2.0.0
+version=2.0.1
 
 [input hosts_data.tsv]
 summary=List of all known hosts address.