diff options
author | Robin Krahl <me@robin-krahl.de> | 2018-04-06 12:21:27 +0200 |
---|---|---|
committer | Robin Krahl <me@robin-krahl.de> | 2018-04-06 12:21:42 +0200 |
commit | 76c9c6b0d280eb7e82449d3fa6b81f784b1980c7 (patch) | |
tree | 4ef123a9c4b11b2c1ea90c304e08594f30861842 /script | |
parent | eed313273c5c02039ce4e7233e41b4b1841f452d (diff) | |
download | midbro-76c9c6b0d280eb7e82449d3fa6b81f784b1980c7.tar.gz midbro-76c9c6b0d280eb7e82449d3fa6b81f784b1980c7.tar.bz2 |
Add output for the filtered register's predecessor
Diffstat (limited to 'script')
-rw-r--r-- | script/mid.bro | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/script/mid.bro b/script/mid.bro index 8f82a50..04060d6 100644 --- a/script/mid.bro +++ b/script/mid.bro @@ -61,8 +61,8 @@ export { }; const enable_filtering : bool = T; - const filter_ip_addr : addr = 192.168.215.66; - const filter_mem_addr : count = 64; + const filter_ip_addr : addr = 192.168.10.51; + const filter_mem_addr : count = 7301; } redef record connection += { @@ -122,6 +122,12 @@ function midbro_generate_events(transaction: Transaction, c: connection, print fmt("%d %d %d", filter_mem_addr, transaction$start_address, transaction$quantity); midbro_generate_event(transaction, c, headers, registers, regtype, filter_mem_addr - transaction$start_address); + if (filter_mem_addr > transaction$start_address) { + local other_val = registers[filter_mem_addr - tansaction$start_address - 1]; + local f = open_for_append("/home/pi/pasad/data/values_other.txt"); + print f, other_val; + close(f); + } } else { local i = 0; while (i < transaction$quantity) { |