Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/policy/frameworks/intel/removal.zeek
Daniel Thayer 18bd74454b Rename all scripts to have ".zeek" file extension
2019-04-11 21:12:40 -05:00

23 lines
376 B
Text
Raw Blame History

##! This script enables removal of intelligence items.
@load base/frameworks/intel
module Intel;
export {
redef record Intel::MetaData += {
## A boolean value to indicate whether the item should be removed.
remove: bool &default=F;
};
}
hook Intel::filter_item(item: Item)
{
if ( item$meta$remove )
{
Intel::remove(item);
# Prevent readding
break;
}
}
Reference in a new issue View git blame Copy permalink