Namespace: | GLOBAL |
---|---|
Source File: | /scripts/base/bif/plugins/Bro_FileExtract.events.bif.bro |
file_extraction_limit: event | This event is generated when a file extraction analyzer is about to exceed the maximum permitted file size allowed by the extract_limit field of Files::AnalyzerArgs. |
Type : | event (f: fa_file, args: Files::AnalyzerArgs, limit: count, len: count) |
---|
This event is generated when a file extraction analyzer is about to exceed the maximum permitted file size allowed by the extract_limit field of Files::AnalyzerArgs. The analyzer is automatically removed from file f.
F : | The file. |
---|---|
Args : | Arguments that identify a particular file extraction analyzer. This is only provided to be able to pass along to FileExtract::set_limit. |
Limit : | The limit, in bytes, the extracted file is about to breach. |
Len : | The length of the file chunk about to be written. |
See also: Files::add_analyzer, Files::ANALYZER_EXTRACT