aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRobin Krahl <me@robin-krahl.de>2018-04-06 12:21:27 +0200
committerRobin Krahl <me@robin-krahl.de>2018-04-06 12:21:42 +0200
commit76c9c6b0d280eb7e82449d3fa6b81f784b1980c7 (patch)
tree4ef123a9c4b11b2c1ea90c304e08594f30861842
parenteed313273c5c02039ce4e7233e41b4b1841f452d (diff)
downloadmidbro-76c9c6b0d280eb7e82449d3fa6b81f784b1980c7.tar.gz
midbro-76c9c6b0d280eb7e82449d3fa6b81f784b1980c7.tar.bz2
Add output for the filtered register's predecessor
-rw-r--r--script/mid.bro10
1 files changed, 8 insertions, 2 deletions
diff --git a/script/mid.bro b/script/mid.bro
index 8f82a50..04060d6 100644
--- a/script/mid.bro
+++ b/script/mid.bro
@@ -61,8 +61,8 @@ export {
};
const enable_filtering : bool = T;
- const filter_ip_addr : addr = 192.168.215.66;
- const filter_mem_addr : count = 64;
+ const filter_ip_addr : addr = 192.168.10.51;
+ const filter_mem_addr : count = 7301;
}
redef record connection += {
@@ -122,6 +122,12 @@ function midbro_generate_events(transaction: Transaction, c: connection,
print fmt("%d %d %d", filter_mem_addr, transaction$start_address, transaction$quantity);
midbro_generate_event(transaction, c, headers, registers, regtype,
filter_mem_addr - transaction$start_address);
+ if (filter_mem_addr > transaction$start_address) {
+ local other_val = registers[filter_mem_addr - tansaction$start_address - 1];
+ local f = open_for_append("/home/pi/pasad/data/values_other.txt");
+ print f, other_val;
+ close(f);
+ }
} else {
local i = 0;
while (i < transaction$quantity) {