Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 17:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

EventRegistry/zeek.bif/init-bare: Add event metadata infrastructure

Browse source 
Introduce a new EventMetadata module and members on EventMgr to register
event metadata types.
This commit is contained in:
Arne Welzel 2025-04-07 10:03:26 +02:00
parent fc96c81c70
commit cc7dc60c1e
8 changed files with 218 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

16
src/Event.cc
View file

@ -3,6 +3,7 @@
#include "zeek/Event.h"
#include "zeek/Desc.h"
#include "zeek/EventRegistry.h"
#include "zeek/Trigger.h"
#include "zeek/Val.h"
#include "zeek/iosource/Manager.h"
@ -182,6 +183,19 @@ void EventMgr::Process() {
// and had the opportunity to spawn new events.
}
void EventMgr::InitPostScript() { iosource_mgr->Register(this, true, false); }
void EventMgr::InitPostScript() {
// Check if expected types and identifiers are available.
const auto& et = zeek::id::find_type<zeek::EnumType>("EventMetadata::ID");
if ( ! et )
zeek::reporter->FatalError("Failed to find EventMetadata::ID");
const auto& net_ts_val = et->GetEnumVal(et->Lookup("EventMetadata::NETWORK_TIMESTAMP"));
if ( ! net_ts_val )
zeek::reporter->FatalError("Failed to lookup EventMetadata::NETWORK_TIMESTAMP");
if ( ! zeek::event_registry->RegisterMetadata(net_ts_val, zeek::base_type(zeek::TYPE_TIME)) )
zeek::reporter->FatalError("Failed to register NETWORK_TIMESTAMP metadata");
iosource_mgr->Register(this, true, false);
}
} // namespace zeek