[Bro] files.log
ps sunu
pssunu6 at gmail.com
Sun Apr 30 10:36:58 PDT 2017
Hi ,
This method can we add id into files.log
global myevent: event(f: fa_file, c: connection, is_orig: bool);
redef record Files::Info += {
# tx_cc: string &log &optional;
#rx_cc: string &log &optional;
#tx_asn: count &log &optional;
#rx_asn: count &log &optional;
id: conn_id &log &optional;
};
event myevent(f: fa_file, c: connection, is_orig: bool) &priority = -10
{
if ( ! f?$info )
return;
f$info$id = c$id;
}
Regards,
Sunub
event bro_init()
{
event myevent( f: fa_file, c: connection, is_orig: bool);
}
event bro_done()
{
print "bro_done()";
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170430/671d8b6b/attachment.html
More information about the Bro
mailing list