SumStats test checkpoint.

2025-10-17 14:08:20 +00:00 · 2013-04-16 00:54:41 -04:00 · 2013-04-16 00:54:41 -04:00 · 1cac89e4f8
commit 1cac89e4f8
parent 437815454d
16 changed files with 55 additions and 116 deletions
--- a/scripts/policy/protocols/conn/metrics.bro
+++ b/scripts/policy/protocols/conn/metrics.bro
@ -1,24 +0,0 @@
-@load base/frameworks/measurement
-@load base/utils/site
-
-event bro_init() &priority=3
-	{
-	Metrics::add_filter("conns.country", [$every=1hr, $measure=set(Metrics::SUM),
-	                                      $period_finished=Metrics::write_log]);
-	Metrics::add_filter("hosts.active", [$every=1hr, $measure=set(Metrics::SUM),
-	                                     $period_finished=Metrics::write_log]);
-	}
-
-event connection_established(c: connection) &priority=3
-	{
-	if ( Site::is_local_addr(c$id$orig_h) )
-		{
-		local loc = lookup_location(c$id$resp_h);
-		if ( loc?$country_code )
-			Metrics::add_data("conns.country", [$str=loc$country_code], [$num=1]);
-		}
-		
-	local the_host = Site::is_local_addr(c$id$orig_h) ? c$id$orig_h : c$id$resp_h;
-	# There is no index for this.
-	Metrics::add_data("hosts.active", [], [$str=cat(the_host)]);
-	}
--- a/scripts/policy/protocols/smtp/metrics.bro
+++ b/scripts/policy/protocols/smtp/metrics.bro
@ -1,37 +0,0 @@
-##! This script is meant to answer the following questions...
-##!   "How many unique 'MAIL FROM' addresses are being used by local mail servers per hour?"
-##!   "How much mail is being sent from each local mail server per hour?"
-
-@load base/protocols/smtp
-@load base/frameworks/measurement
-@load base/utils/site
-@load base/utils/directions-and-hosts
-
-module SMTPMetrics;
-
-export {
-	## Define the break intervals for all of the metrics collected and logged by this script.
-	const breaks=1hr &redef;
-}
-
-event bro_init() &priority=5
-	{
-	Metrics::add_filter("smtp.mailfrom", [$every=breaks,
-	                                      $measure=set(Metrics::SUM),
-	                                      $pred(index: Metrics::Index, data: Metrics::Observation) = { 
-	                                      	return addr_matches_host(index$host, LOCAL_HOSTS); 
-	                                      }]);
-	Metrics::add_filter("smtp.messages", [$every=breaks,
-	                                      $measure=set(Metrics::SUM),
-	                                      $pred(index: Metrics::Index, data: Metrics::Observation) = { 
-	                                      	return addr_matches_host(index$host, LOCAL_HOSTS); 
-	                                      }]);
-	}
-
-event SMTP::log_smtp(rec: SMTP::Info)
-	{
-	Metrics::add_data("smtp.messages", [$host=rec$id$orig_h], [$num=1]);
-	
-	if ( rec?$mailfrom )
-		Metrics::add_data("smtp.mailfrom", [$host=rec$id$orig_h], [$str=rec$mailfrom]);
-	}