[Bro] [EXTERNAL] Log::add_filter with mime_type or filename predicate
seth at icir.org
Thu Oct 3 22:33:06 PDT 2013
On Oct 3, 2013, at 3:53 PM, "Thomas, Eric D" <edthoma at sandia.gov> wrote:
> ...: not an index type (application/x-dosexec in rec$resp_mime_types)
> Does the 'in' operator work with a string and a vector type?
Arg! I forgot that was a vector, I was thinking it was a set. It's little things like this that are pretty annoying to eventually find out (that I didn't consider some situation).
I don't really like this solution but it should work if you put it in your predicate...
if ( rec?$resp_mime_types )
for ( i in rec$resp_mime_types )
if ( "application/x-dosexec" == rec$resp_mime_types[i] )
International Computer Science Institute
(Bro) because everyone has a network
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20131004/d51537b1/attachment.bin
More information about the Bro