Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 09:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Use macros to create file analyzer plugin classes.

Browse source
This commit is contained in:
Jon Siwek 2013-08-22 17:03:50 -05:00
parent 89ae4ffd05
commit 814d827c44
5 changed files with 37 additions and 107 deletions
Download patch file Download diff file Expand all files Collapse all files

35
src/file_analysis/analyzer/unified2/Plugin.cc
View file

@ -2,34 +2,11 @@
#include "plugin/Plugin.h"
#include "file_analysis/Component.h"
#include "Unified2.h"
namespace plugin { namespace Bro_Unified2 {
class Plugin : public plugin::Plugin {
protected:
void InitPreScript()
{
SetName("Bro::Unified2");
SetVersion(-1);
SetAPIVersion(BRO_PLUGIN_API_VERSION);
SetDynamicPlugin(false);
SetDescription("Analyze Unified2 alert files.");
AddComponent(new ::file_analysis::Component("UNIFIED2",
::file_analysis::Unified2::Instantiate));
extern std::list<std::pair<const char*, int> > __bif_events_init();
AddBifInitFunction(&__bif_events_init);
extern std::list<std::pair<const char*, int> > __bif_types_init();
AddBifInitFunction(&__bif_types_init);
}
};
Plugin __plugin;
} }
BRO_PLUGIN_BEGIN(Bro, Unified2)
BRO_PLUGIN_DESCRIPTION("Analyze Unified2 alert files.");
BRO_PLUGIN_FILE_ANALYZER("UNIFIED2", Unified2);
BRO_PLUGIN_BIF_FILE(events);
BRO_PLUGIN_BIF_FILE(types);
BRO_PLUGIN_END