mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
41dd0b98e9
Conflicts: scripts/base/frameworks/cluster/setup-connections.bro scripts/base/frameworks/metrics/main.bro scripts/base/frameworks/notice/actions/email_admin.bro scripts/base/frameworks/notice/weird.bro scripts/base/protocols/mime/file-hash.bro scripts/base/protocols/mime/file-ident.bro scripts/policy/frameworks/communication/listen-clear.bro scripts/policy/frameworks/communication/listen-ssl.bro scripts/policy/frameworks/control/controller.bro scripts/policy/frameworks/metrics/http-example.bro scripts/policy/frameworks/metrics/ssl-example.bro scripts/policy/protocols/conn/scan.bro src/CMakeLists.txt
34 lines
1.2 KiB
Text
34 lines
1.2 KiB
Text
@load base/frameworks/metrics/main
|
|
@load base/protocols/http/main
|
|
@load base/utils/site
|
|
|
|
redef enum Metrics::ID += {
|
|
HTTP_REQUESTS_BY_STATUS_CODE,
|
|
HTTP_REQUESTS_BY_HOST_HEADER,
|
|
};
|
|
|
|
event bro_init()
|
|
{
|
|
# TODO: these are waiting on a fix with table vals + records before they will work.
|
|
#Metrics::add_filter(HTTP_REQUESTS_BY_HOST_HEADER,
|
|
# [$pred(index: Index) = { return Site:is_local_addr(index$host) },
|
|
# $aggregation_mask=24,
|
|
# $break_interval=5mins]);
|
|
#
|
|
## Site::local_nets must be defined in order for this to actually do anything.
|
|
#Metrics::add_filter(HTTP_REQUESTS_BY_STATUS_CODE, [$aggregation_table=Site::local_nets_table,
|
|
# $break_interval=5mins]);
|
|
}
|
|
|
|
event HTTP::log_http(rec: HTTP::Info)
|
|
{
|
|
if ( rec?$host )
|
|
Metrics::add_data(HTTP_REQUESTS_BY_HOST_HEADER, [$str=rec$host]);
|
|
if ( rec?$status_code )
|
|
<<<<<<< HEAD
|
|
Metrics::add_data(HTTP_REQUESTS_BY_STATUS_CODE, [$host=rec$id$orig_h, $index=fmt("%d", rec$status_code)]);
|
|
}
|
|
=======
|
|
Metrics::add_data(HTTP_REQUESTS_BY_STATUS_CODE, [$host=rec$id$orig_h, $str=fmt("%d", rec$status_code)]);
|
|
}
|
|
>>>>>>> master
|