mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 22:58:20 +00:00
d34f23c8d4
- Enable manager to associate analyzers with a MIME type. With that,
one can now say enable all analyzers for, e.g., "image/gif". This is
exposed to script-land as
Files::add_analyzers_for_mime_type(f: fa_file, mtype: string)
For MIME types identified via libmagic, this happens automatically
(via the file_new() handler in files/main.bro).
- Extend the analyzer API to better match that of protocol analyzers:
- Adding unique analyzer IDs so that we can refer to instances
from script-land.
- Adding subtypes to Components so that a single analyzer
implementation can support different types of analyzers
internally.
- Add an analyzer method SetTag() that allows to set the tag after
construction.
- Adding Init() and Done() methods for consistency with what other
classes offer.
- Add debug logging to the file_analysis stream.
TODO: test cases missing for the new script-land functionality.
|
||
|---|---|---|
| .. | ||
| analyzer | ||
| cluster | ||
| communication | ||
| control | ||
| dpd | ||
| files | ||
| input | ||
| intel | ||
| logging | ||
| notice | ||
| packet-filter | ||
| reporter | ||
| signatures | ||
| software | ||
| sumstats | ||
| tunnels | ||