FileAnalysis: change terminology s/action/analyzer

2025-10-04 15:48:19 +00:00 · 2013-04-11 14:53:54 -05:00 · 2013-04-11 14:53:54 -05:00 · b8c98b8bf7
commit b8c98b8bf7
parent e81f2ae7b0
30 changed files with 575 additions and 570 deletions
--- a/scripts/base/protocols/ftp/file-extract.bro
+++ b/scripts/base/protocols/ftp/file-extract.bro
@ -38,8 +38,8 @@ event file_new(f: fa_file) &priority=5

 	if ( f?$mime_type && extract_file_types in f$mime_type )
 		{
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=get_extraction_name(f)]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                           $extract_filename=get_extraction_name(f)]);
 		return;
 		}

@ -55,8 +55,8 @@ event file_new(f: fa_file) &priority=5

 		if ( ! s$extract_file ) next;

-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=get_extraction_name(f)]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                           $extract_filename=get_extraction_name(f)]);
 		return;
 		}
 	}
--- a/scripts/base/protocols/http/file-extract.bro
+++ b/scripts/base/protocols/http/file-extract.bro
@ -44,8 +44,8 @@ event file_new(f: fa_file) &priority=5
 	if ( f?$mime_type && extract_file_types in f$mime_type )
 		{
 		fname = get_extraction_name(f);
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=fname]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                               $extract_filename=fname]);

 		for ( cid in f$conns )
 			{
@ -68,8 +68,8 @@ event file_new(f: fa_file) &priority=5
 		if ( ! c$http$extract_file ) next;

 		fname = get_extraction_name(f);
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=fname]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                               $extract_filename=fname]);
 		extracting = T;
 		break;
 		}
--- a/scripts/base/protocols/http/file-hash.bro
+++ b/scripts/base/protocols/http/file-hash.bro
@ -30,7 +30,7 @@ event file_new(f: fa_file) &priority=5

 	if ( f?$mime_type && generate_md5 in f$mime_type )
 		{
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_MD5]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_MD5]);
 		return;
 		}

@ -44,7 +44,7 @@ event file_new(f: fa_file) &priority=5

 		if ( ! c$http$calc_md5 ) next;

-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_MD5]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_MD5]);
 		return;
 		}
 	}
--- a/scripts/base/protocols/irc/dcc-send.bro
+++ b/scripts/base/protocols/irc/dcc-send.bro
@ -101,8 +101,8 @@ event file_new(f: fa_file) &priority=5
 	if ( f?$mime_type && extract_file_types in f$mime_type )
 		{
 		fname = get_extraction_name(f);
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=fname]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                               $extract_filename=fname]);
 		set_dcc_extraction_file(f, fname);
 		return;
 		}
@ -120,8 +120,8 @@ event file_new(f: fa_file) &priority=5
 		if ( ! s$extract_file ) next;

 		fname = get_extraction_name(f);
-		FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-		                             $extract_filename=fname]);
+		FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+		                               $extract_filename=fname]);
 		s$extraction_file = fname;
 		return;
 		}
--- a/scripts/base/protocols/smtp/entities.bro
+++ b/scripts/base/protocols/smtp/entities.bro
@ -123,8 +123,9 @@ event file_new(f: fa_file) &priority=5
 			if ( ! extracting )
 				{
 				fname = get_extraction_name(f);
-				FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-				                             $extract_filename=fname]);
+				FileAnalysis::add_analyzer(f,
+				                           [$tag=FileAnalysis::ANALYZER_EXTRACT,
+				                            $extract_filename=fname]);
 				extracting = T;
 				++extract_count;
 				}
@ -133,7 +134,7 @@ event file_new(f: fa_file) &priority=5
 			}

 		if ( c$smtp$current_entity$calc_md5 )
-			FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_MD5]);
+			FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_MD5]);
 		}
 	}

@ -141,12 +142,12 @@ function check_extract_by_type(f: fa_file)
 	{
 	if ( extract_file_types !in f$mime_type ) return;

-	if ( f?$info && FileAnalysis::ACTION_EXTRACT in f$info$actions_taken )
+	if ( f?$info && FileAnalysis::ANALYZER_EXTRACT in f$info$analyzers )
 		return;

 	local fname: string = get_extraction_name(f);
-	FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_EXTRACT,
-	                             $extract_filename=fname]);
+	FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_EXTRACT,
+	                               $extract_filename=fname]);

 	if ( ! f?$conns ) return;

@ -163,7 +164,7 @@ function check_md5_by_type(f: fa_file)
 	if ( never_calc_md5 ) return;
 	if ( generate_md5 !in f$mime_type ) return;

-	FileAnalysis::add_action(f, [$act=FileAnalysis::ACTION_MD5]);
+	FileAnalysis::add_analyzer(f, [$tag=FileAnalysis::ANALYZER_MD5]);
 	}

 event file_new(f: fa_file) &priority=5