Lessen cluster node of notice suppression.

With this commit, the data structure that is transfered for notice
suppression is much smaller than before, not including potentially
complex data structures like the fa_file record.

scripts/base/frameworks/notice/cluster.bro

@@ -21,10 +21,10 @@ redef Cluster::manager2worker_events += /Notice::begin_suppression/;
 redef Cluster::worker2manager_events += /Notice::cluster_notice/;
 
 @if ( Cluster::local_node_type() != Cluster::MANAGER )
-event Notice::begin_suppression(n: Notice::Info)
+event Notice::begin_suppression(ts: time, suppress_for: interval, note: Type, identifier: string)
 	{
-	local suppress_until = n$ts + n$suppress_for;
-	suppressing[n$note, n$identifier] = suppress_until;
+	local suppress_until = ts + suppress_for;
+	suppressing[note, identifier] = suppress_until;
 	}
 @endif
 

scripts/base/frameworks/notice/main.bro

@@ -261,9 +261,14 @@ export {
 
 	## This event is generated when a notice begins to be suppressed.
 	##
-	## n: The record containing notice data regarding the notice type
-	##    about to be suppressed.
-	global begin_suppression: event(n: Notice::Info);
+	## ts: time indicating then when the notice to be suppressed occured.
+	##
+	## suppress_for: length of time that this notice should be suppressed.
+	##
+	## note: The :bro:type:`Notice::Type` of the notice.
+	##
+	## identifier: The identifier string of the notice that should be suppressed.
+	global begin_suppression: event(ts: time, suppress_for: interval, note: Type, identifier: string);
 
 	## A function to determine if an event is supposed to be suppressed.
 	##
@@ -504,7 +509,7 @@ hook Notice::notice(n: Notice::Info) &priority=-5
 		{
 		local suppress_until = n$ts + n$suppress_for;
 		suppressing[n$note, n$identifier] = suppress_until;
-		event Notice::begin_suppression(n);
+		event Notice::begin_suppression(n$ts, n$suppress_for, n$note, n$identifier);
 		}
 	}