Extraction Process¶

File location

Bundled implementation: source/client/python/process.py
Cluster implementation: cluster/core/source/python/process.py

process.process(file: str)¶

Process PCAP file with Bro IDS and put the root folder to Bro logs into const.QUEUE_LOGS.

Parameters: file (str) – Path to PCAP file.

communicate(log_root: str)¶

Check if extracted files exist based on extracted field from the files.log.

In bundled implementation, then put the files into const.QUEUE_DUMP.

Parameters: log_root (str) – Root folder to Bro logs.
Raises: ExtractWarning – When supposedly extracted file not found.

process.SALT_LOCK: multiprocessing.Lock¶: Lock for updating config.bro with compsoe.file_salt().

process.STDOUT_LOCK: multiprocessing.Lock¶: Lock for writing to the stdout replica const.STDOUT.

process.STDERR_LOCK: multiprocessing.Lock¶: Lock for writing to the stderr replica const.STDERR.

exception process.ExtractWarning¶

Bases: Warning

Extraction warning.

Fork me on GitHub