Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-06 08:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Include timestamp in default extracted file names.

Browse source 
And add a policy script to extract all files.

BIT-1335 #close
This commit is contained in:
Jon Siwek 2015-03-13 14:16:04 -05:00
parent 6fbceb6a98
commit 0b957cbe75
8 changed files with 40 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

3
scripts/base/files/extract/main.bro
View file

@ -53,7 +53,8 @@ function set_limit(f: fa_file, args: Files::AnalyzerArgs, n: count): bool
function on_add(f: fa_file, args: Files::AnalyzerArgs)
{
if ( ! args?$extract_filename )
args$extract_filename = cat("extract-", f$source, "-", f$id);
args$extract_filename = cat("extract-", f$last_active, "-", f$source,
"-", f$id);
f$info$extracted = args$extract_filename;
args$extract_filename = build_path_compressed(prefix, args$extract_filename);