Reworked how the logs-to-elasticsearch scripts works to stop abusing the logging framework.

- New variable in logging framework Log::active_streams to indicate Log:ID enums which are currently active.
2025-10-09 18:18:19 +00:00 · 2012-07-27 15:31:10 -04:00 · 2012-07-27 15:31:10 -04:00 · 596f07e505
commit 596f07e505
parent 76520645bb
2 changed files with 17 additions and 20 deletions
--- a/scripts/base/frameworks/logging/main.bro
+++ b/scripts/base/frameworks/logging/main.bro
@ -327,6 +327,11 @@ export {
 	##    Log::default_rotation_postprocessor_cmd
 	##    Log::default_rotation_postprocessors
 	global run_rotation_postprocessor_cmd: function(info: RotationInfo, npath: string) : bool;
+
+	## The streams which are currently active and not disabled.
+	## This set is not meant to be modified by users!  Only use it for
+	## examining which streams are active.
+	global active_streams: set[ID] = set();
 }

 # We keep a script-level copy of all filters so that we can manipulate them.
@ -412,11 +417,15 @@ function create_stream(id: ID, stream: Stream) : bool
 	if ( ! __create_stream(id, stream) )
 		return F;

+	add active_streams[id];
+
 	return add_default_filter(id);
 	}

 function disable_stream(id: ID) : bool
 	{
+	delete active_streams[id];
+	
 	return __disable_stream(id);
 	}