diff --git a/contrib/file_processor/README b/contrib/file_processor/README index 740b946d8f..2dca715bac 100644 --- a/contrib/file_processor/README +++ b/contrib/file_processor/README @@ -4,5 +4,5 @@ To create new plugins, use the existing modules as a guide. Drop a new file wit INSTALLATION You will need a few Perl modules to get going. I recommend using the excellent cpanm utility which can be installed by typing "cpan App::cpanminus." After cpanm is installed, you can install everything in one command like this: -cpanm Moose Module::Pluggable Log::Log4perl Config::JSON File::Tail LWP::UserAgent +cpanm Moose Module::Pluggable Log::Log4perl Config::JSON File::Tail LWP::UserAgent Sys::Syslog Alternatively, you may wish to install using your operating system's package manager, though that may not use the latest code for these modules. diff --git a/contrib/file_processor/file_processor.conf b/contrib/file_processor/file_processor.conf index a1170ab437..839c0c3505 100644 --- a/contrib/file_processor/file_processor.conf +++ b/contrib/file_processor/file_processor.conf @@ -3,7 +3,8 @@ "debug_level": "INFO", #"virustotal_apikey": "xxx" "actions": { - "Action::Log": 1 + "Action::Log": 1, + "Action::Syslog": 1 }, "processors": { "Processor::Anubis": 1, diff --git a/contrib/file_processor/file_processor.pl b/contrib/file_processor/file_processor.pl index 49f97f8dcf..f9cce02223 100644 --- a/contrib/file_processor/file_processor.pl +++ b/contrib/file_processor/file_processor.pl @@ -50,13 +50,14 @@ sub process { #$self->log->debug('got line ' . $line); eval { my $data = $self->json->decode($line); - return unless $data->{md5}; $data->{processors} = {}; - foreach my $processor_plugin ($self->processors){ - next unless exists $self->conf->{processors}->{$processor_plugin}; - my $processor = $processor_plugin->new(conf => $self->conf, log => $self->log, md5 => $data->{md5}); - $self->log->debug('processing with plugin ' . $processor->description); - $data->{processors}->{ $processor->name } = $processor->process(); + if($data->{md5}){ + foreach my $processor_plugin ($self->processors){ + next unless exists $self->conf->{processors}->{$processor_plugin}; + my $processor = $processor_plugin->new(conf => $self->conf, log => $self->log, md5 => $data->{md5}); + $self->log->debug('processing with plugin ' . $processor->description); + $data->{processors}->{ $processor->name } = $processor->process(); + } } #$self->log->debug('data: ' . Dumper($data)); foreach my $action_plugin ($self->actions){ @@ -89,7 +90,8 @@ my $Conf = { logdir => '/tmp', debug_level => 'TRACE', actions => { - 'Action::Log' => 1 + 'Action::Log' => 1, + 'Action::Syslog' => 1, }, processors => { 'Processor::Anubis' => 1,