FileAnalysis: change terminology s/action/analyzer

scripts/base/frameworks/file-analysis/main.bro

@@ -12,13 +12,13 @@ export {
 		LOG
 	};
 
-	## A structure which represents a desired file analysis action to take.
-	type ActionArgs: record {
-		## The type of action.
-		act: Action;
+	## A structure which represents a desired type of file analysis.
+	type AnalyzerArgs: record {
+		## The type of analysis.
+		tag: Analyzer;
 
 		## The local filename to which to write an extracted file.  Must be
-		## set when *act* is :bro:see:`FileAnalysis::ACTION_EXTRACT`.
+		## set when *tag* is :bro:see:`FileAnalysis::ANALYZER_EXTRACT`.
 		extract_filename: string &optional;
 
 		## An event which will be generated for all new file contents,
@@ -60,8 +60,7 @@ export {
 		missing_bytes: count &log &default=0;
 
 		## The number of not all-in-sequence bytes in the file stream that
-		## were delivered to file actions/analyzers due to reassembly buffer
-		## overflow.
+		## were delivered to file analyzers due to reassembly buffer overflow.
 		overflow_bytes: count &log &default=0;
 
 		## The amount of time between receiving new data for this file that
@@ -83,10 +82,10 @@ export {
 		## Connection UIDS over which the file was transferred.
 		conn_uids: set[string] &log;
 
-		## A set of action types taken during the file analysis.
-		actions_taken: set[Action] &log;
+		## A set of analysis types done during the file analysis.
+		analyzers: set[Analyzer] &log;
 
-		## Local filenames of file extraction actions.
+		## Local filenames of extracted files.
 		extracted_files: set[string] &log;
 
 		## An MD5 digest of the file contents.
@@ -139,26 +138,26 @@ export {
 	##          for the *id* isn't currently active.
 	global postpone_timeout: function(f: fa_file): bool;
 
-	## Adds an action to the analysis of a given file.
+	## Adds an analyzer to the analysis of a given file.
 	##
 	## f: the file.
 	##
-	## args: the action type to add along with any arguments it takes.
+	## args: the analyzer type to add along with any arguments it takes.
 	##
-	## Returns: true if the action will be added, or false if analysis
+	## Returns: true if the analyzer will be added, or false if analysis
 	##          for the *id* isn't currently active or the *args*
-	##          were invalid for the action type.
-	global add_action: function(f: fa_file, args: ActionArgs): bool;
+	##          were invalid for the analyzer type.
+	global add_analyzer: function(f: fa_file, args: AnalyzerArgs): bool;
 
-	## Removes an action from the analysis of a given file.
+	## Removes an analyzer from the analysis of a given file.
 	##
 	## f: the file.
 	##
-	## args: the action (type and args) to remove.
+	## args: the analyzer (type and args) to remove.
 	##
-	## Returns: true if the action will be removed, or false if analysis
+	## Returns: true if the analyzer will be removed, or false if analysis
 	##          for the *id* isn't currently active.
-	global remove_action: function(f: fa_file, args: ActionArgs): bool;
+	global remove_analyzer: function(f: fa_file, args: AnalyzerArgs): bool;
 
 	## Stops/ignores any further analysis of a given file.
 	##
@@ -260,22 +259,22 @@ function postpone_timeout(f: fa_file): bool
 	return __postpone_timeout(f$id);
 	}
 
-function add_action(f: fa_file, args: ActionArgs): bool
+function add_analyzer(f: fa_file, args: AnalyzerArgs): bool
 	{
-	if ( ! __add_action(f$id, args) ) return F;
+	if ( ! __add_analyzer(f$id, args) ) return F;
 
 	set_info(f);
-	add f$info$actions_taken[args$act];
+	add f$info$analyzers[args$tag];
 
-	if ( args$act == FileAnalysis::ACTION_EXTRACT )
+	if ( args$tag == FileAnalysis::ANALYZER_EXTRACT )
 		add f$info$extracted_files[args$extract_filename];
 
 	return T;
 	}
 
-function remove_action(f: fa_file, args: ActionArgs): bool
+function remove_analyzer(f: fa_file, args: AnalyzerArgs): bool
 	{
-	return __remove_action(f$id, args);
+	return __remove_analyzer(f$id, args);
 	}
 
 function stop(f: fa_file): bool

scripts/base/init-bare.bro

@@ -358,8 +358,7 @@ type fa_file: record {
 	missing_bytes: count &default=0;
 
 	## The number of not all-in-sequence bytes in the file stream that
-	## were delivered to file actions/analyzers due to reassembly buffer
-	## overflow.
+	## were delivered to file analyzers due to reassembly buffer overflow.
 	overflow_bytes: count &default=0;
 
 	## The amount of time between receiving new data for this file that

scripts/base/protocols/ftp/file-extract.bro

@@ -38,8 +38,8 @@ event file_new(f: fa_file) &priority=5
 
 	if ( f?$mime_type && extract_file_types in f$mime_type )
 		{
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=get_extraction_name(f)]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                           $extract_filename=get_extraction_name(f)]);
 		return;
 		}
 
@@ -55,8 +55,8 @@ event file_new(f: fa_file) &priority=5
 
 		if ( ! s$extract_file ) next;
 
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=get_extraction_name(f)]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                           $extract_filename=get_extraction_name(f)]);
 		return;
 		}
 	}

scripts/base/protocols/http/file-extract.bro

@@ -44,8 +44,8 @@ event file_new(f: fa_file) &priority=5
 	if ( f?$mime_type && extract_file_types in f$mime_type )
 		{
 		fname = get_extraction_name(f);
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=fname]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                               $extract_filename=fname]);
 
 		for ( cid in f$conns )
 			{
@@ -68,8 +68,8 @@ event file_new(f: fa_file) &priority=5
 		if ( ! c$http$extract_file ) next;
 
 		fname = get_extraction_name(f);
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=fname]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                               $extract_filename=fname]);
 		extracting = T;
 		break;
 		}

scripts/base/protocols/http/file-hash.bro

@@ -30,7 +30,7 @@ event file_new(f: fa_file) &priority=5
 
 	if ( f?$mime_type && generate_md5 in f$mime_type )
 		{
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_MD5]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_MD5]);
 		return;
 		}
 
@@ -44,7 +44,7 @@ event file_new(f: fa_file) &priority=5
 
 		if ( ! c$http$calc_md5 ) next;
 
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_MD5]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_MD5]);
 		return;
 		}
 	}

scripts/base/protocols/irc/dcc-send.bro

@@ -101,8 +101,8 @@ event file_new(f: fa_file) &priority=5
 	if ( f?$mime_type && extract_file_types in f$mime_type )
 		{
 		fname = get_extraction_name(f);
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=fname]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                               $extract_filename=fname]);
 		set_dcc_extraction_file(f, fname);
 		return;
 		}
@@ -120,8 +120,8 @@ event file_new(f: fa_file) &priority=5
 		if ( ! s$extract_file ) next;
 
 		fname = get_extraction_name(f);
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=fname]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                               $extract_filename=fname]);
 		s$extraction_file = fname;
 		return;
 		}

scripts/base/protocols/smtp/entities.bro

@@ -123,8 +123,9 @@ event file_new(f: fa_file) &priority=5
 			if ( ! extracting )
 				{
 				fname = get_extraction_name(f);
-				FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-				                             $extract_filename=fname]);
+				FileAnalysis::add_analyzer(f,
+				                           [$tag=FileAnalysis::ANALYZER_EXTRACT,
+				                            $extract_filename=fname]);
 				extracting = T;
 				++extract_count;
 				}
@@ -133,7 +134,7 @@ event file_new(f: fa_file) &priority=5
 			}
 
 		if ( c$smtp$current_entity$calc_md5 )
-			FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_MD5]);
+			FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_MD5]);
 		}
 	}
 
@@ -141,12 +142,12 @@ function check_extract_by_type(f: fa_file)
 	{
 	if ( extract_file_types !in f$mime_type ) return;
 
-	if ( f?$info && FileAnalysis::ACTION_EXTRACT in f$info$actions_taken )
+	if ( f?$info && FileAnalysis::ANALYZER_EXTRACT in f$info$analyzers )
 		return;
 
 	local fname: string = get_extraction_name(f);
-	FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-	                             $extract_filename=fname]);
+	FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+	                               $extract_filename=fname]);
 
 	if ( ! f?$conns ) return;
 
@@ -163,7 +164,7 @@ function check_md5_by_type(f: fa_file)
 	if ( never_calc_md5 ) return;
 	if ( generate_md5 !in f$mime_type ) return;
 
-	FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_MD5]);
+	FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_MD5]);
 	}
 
 event file_new(f: fa_file) &priority=5