Add a new field to the notice, which defines where to send the e-mail

scripts/base/frameworks/notice/actions/email_admin.zeek

@@ -30,11 +30,6 @@ hook notice(n: Notice::Info) &priority=-5
 			email = fmt("%s, %s", email, Site::get_emails(n$dst));
 		
 		if ( email != "" )
-			email_notice_to(n, email, T);
+			n$email_dest = email;
 		}
 	}
-
-# If hostnames.zeek was loaded first, add ourselves
-@ifdef ( email_with_hostnames_types )
-redef email_with_hostnames_types += { ACTION_EMAIL_ADMIN };
-@endif

scripts/base/frameworks/notice/actions/page.zeek

@@ -17,13 +17,8 @@ export {
 	option mail_page_dest = "";
 }
 
-hook notice(n: Notice::Info) &priority=-5
+hook notice(n: Notice::Info) &priority=-6
 	{
 	if ( ACTION_PAGE in n$actions )
-		email_notice_to(n, mail_page_dest, F);
+		n$email_dest = mail_page_dest;
 	}
-
-# If hostnames.zeek was loaded first, add ourselves
-@ifdef ( email_with_hostnames_types )
-redef email_with_hostnames_types += { ACTION_PAGE };
-@endif

scripts/base/frameworks/notice/main.zeek

@@ -136,6 +136,9 @@ export {
 		## The actions which have been applied to this notice.
 		actions:        ActionSet      &log &default=ActionSet();
 
+		## The email address where to send this notice
+		email_dest:     string         &log &optional;
+
 		## By adding chunks of text into this element, other scripts
 		## can expand on notices that are being emailed.  The normal
 		## way to add text is to extend the vector by handling the
@@ -512,8 +515,13 @@ hook Notice::policy(n: Notice::Info) &priority=10
 
 hook Notice::notice(n: Notice::Info) &priority=-5
 	{
-	if ( ACTION_EMAIL in n$actions )
+	# Send to requested address if set
+	if ( n?$email_dest )
+		email_notice_to(n, n$email_dest, T);
+	# Otherwise Send to default address
+	else if ( ACTION_EMAIL in n$actions )
 		email_notice_to(n, mail_dest, T);
+
 	if ( ACTION_LOG in n$actions )
 		Log::write(Notice::LOG, n);
 	if ( ACTION_ALARM in n$actions )