Extraction Process

File location:
  • Bundled implementation: source/client/python/process.py

  • Cluster implementation: cluster/core/source/python/process.py

process.process(file: str)

Process PCAP file with Bro IDS and put the root folder to Bro logs into const.QUEUE_LOGS.

Parameters:

file (str) – Path to PCAP file.

communicate(log_root: str)

Check if extracted files exist based on extracted field from the files.log.

In bundled implementation, then put the files into const.QUEUE_DUMP.

Parameters:

log_root (str) – Root folder to Bro logs.

Raises:

ExtractWarning – When supposedly extracted file not found.

process.SALT_LOCK: multiprocessing.Lock

Lock for updating config.bro with compsoe.file_salt().

process.STDOUT_LOCK: multiprocessing.Lock

Lock for writing to the stdout replica const.STDOUT.

process.STDERR_LOCK: multiprocessing.Lock

Lock for writing to the stderr replica const.STDERR.

exception process.ExtractWarning
Bases:

Warning

Extraction warning.