mirror of https://github.com/OISF/suricata
cybersecurityidsintrusion-detection-systemintrusion-prevention-systemipsnetwork-monitornetwork-monitoringnsmsecuritysuricatathreat-hunting
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9ff6608668
A new logger API for registering file storage handlers. Where the
FileLog handler is called once per file, this handler will be called
for each data chunk so that storing the entire file is possible.
The logger call in the API is as follows:
typedef int (*FiledataLogger)(ThreadVars *, void *thread_data,
const Packet *, const File *, const FileData *, uint8_t flags);
All data is const, thus should be read only. The final flags field
is used to indicate to the caller that the file is new, or if it's
being closed.
Files use an internal unique id 'file_id' which can be used by the
loggers to create unique file names. This id can use the 'waldo'
feature of the log-filestore module. This patch moves that waldo
loading and storing logic to this API's implementation. A new
configuration directive 'file-store-waldo: <filename>' is added,
but the existing waldo settings will also continue to work.
|
12 years ago | |
|---|---|---|
| benches | 16 years ago | |
| contrib | 12 years ago | |
| doc | 13 years ago | |
| m4 | 16 years ago | |
| qa | 12 years ago | |
| rules | 12 years ago | |
| scripts | 13 years ago | |
| src | 12 years ago | |
| .gitignore | 12 years ago | |
| COPYING | 16 years ago | |
| ChangeLog | 12 years ago | |
| LICENSE | 16 years ago | |
| Makefile.am | 12 years ago | |
| Makefile.cvs | 16 years ago | |
| acsite.m4 | 16 years ago | |
| autogen.sh | 13 years ago | |
| classification.config | 16 years ago | |
| config.rpath | 12 years ago | |
| configure.ac | 12 years ago | |
| doxygen.cfg | 12 years ago | |
| reference.config | 14 years ago | |
| suricata.yaml.in | 12 years ago | |
| threshold.config | 13 years ago | |