mirror of
https://github.com/zeek/zeek.git
synced 2025-10-09 10:08:20 +00:00
FileAnalysis: checkpoint in middle of big reorganization.
- FileAnalysis::Info is now just a record used for logging, the fa_file record type is defined in init-bare.bro as the analogue to a connection record. - Starting to transfer policy hook triggers and analyzer results to events.
This commit is contained in:
Jon Siwek
parent
e73a261262
commit
641154f8e8
68 changed files with 855 additions and 871 deletions
|
|
@ -10,7 +10,7 @@
|
|||
|
||||
namespace file_analysis {
|
||||
|
||||
class Info;
|
||||
class File;
|
||||
declare(PDict,Action);
|
||||
|
||||
/**
|
||||
|
|
@ -21,7 +21,7 @@ declare(PDict,Action);
|
|||
class ActionSet {
|
||||
public:
|
||||
|
||||
ActionSet(Info* arg_info);
|
||||
ActionSet(File* arg_file);
|
||||
|
||||
~ActionSet();
|
||||
|
||||
|
|
@ -63,7 +63,7 @@ protected:
|
|||
void InsertAction(Action* act, HashKey* key);
|
||||
bool RemoveAction(ActionTag tag, HashKey* key);
|
||||
|
||||
Info* info;
|
||||
File* file;
|
||||
CompositeHash* action_hash; /**< ActionArgs hashes Action map lookup. */
|
||||
PDict(Action) action_map; /**< Actions indexed by ActionArgs. */
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue