mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 14:48:21 +00:00
22 lines
536 B
Text
22 lines
536 B
Text
@load ./main
|
|
@load ./utils
|
|
@load base/utils/conn-ids
|
|
@load base/frameworks/file-analysis/main
|
|
|
|
module HTTP;
|
|
|
|
function get_file_handle(c: connection, is_orig: bool): string
|
|
{
|
|
if ( ! c?$http ) return "";
|
|
|
|
if ( c$http$range_request )
|
|
return fmt("%s %s %s %s", ANALYZER_HTTP, is_orig, c$id$orig_h,
|
|
build_url(c$http));
|
|
|
|
return fmt("%s %s %s %s %s", ANALYZER_HTTP, c$start_time, is_orig,
|
|
c$http$trans_depth, id_string(c$id));
|
|
}
|
|
|
|
redef FileAnalysis::handle_callbacks += {
|
|
[ANALYZER_HTTP] = get_file_handle,
|
|
};
|