Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 02:28:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Add file analysis action to send data to script-land in chosen events.

Browse source
This commit is contained in:
Jon Siwek 2013-02-22 16:49:53 -06:00
parent 85410a7657
commit 4b30cc2e24
10 changed files with 134 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/file_analysis/Info.cc
View file

@ -9,6 +9,7 @@
#include "Action.h"
#include "Extract.h"
#include "Hash.h"
#include "DataEvent.h"
using namespace file_analysis;
@ -18,6 +19,7 @@ static ActionInstantiator action_factory[] = {
MD5::Instantiate,
SHA1::Instantiate,
SHA256::Instantiate,
DataEvent::Instantiate,
};
static TableVal* empty_conn_id_set()
@ -150,12 +152,12 @@ int Info::Idx(const string& field)
return rval;
}
double Info::TimeoutInterval() const
double Info::GetTimeoutInterval() const
{
return LookupFieldDefaultInterval(timeout_interval_idx);
}
RecordVal* Info::Results() const
RecordVal* Info::GetResults() const
{
return val->Lookup(action_results_idx)->AsRecordVal();
}
@ -182,7 +184,7 @@ bool Info::IsComplete() const
void Info::ScheduleInactivityTimer() const
{
timer_mgr->Add(new InfoTimer(network_time, file_id, TimeoutInterval()));
timer_mgr->Add(new InfoTimer(network_time, file_id, GetTimeoutInterval()));
}
bool Info::AddAction(ActionTag act, RecordVal* args)