Namespace: | GLOBAL |
---|---|
Source File: | /scripts/base/bif/plugins/Bro_FileExtract.events.bif.bro |
file_extraction_limit: event | This event is generated when a file extraction analyzer is about to exceed the maximum permitted file size allowed by the extract_limit field of Files::AnalyzerArgs. |
Type: | event (f: fa_file, args: any, limit: count, offset: count, len: count) |
---|
This event is generated when a file extraction analyzer is about to exceed the maximum permitted file size allowed by the extract_limit field of Files::AnalyzerArgs. The analyzer is automatically removed from file f.
F: | The file. |
---|---|
Args: | Arguments that identify a particular file extraction analyzer. This is only provided to be able to pass along to FileExtract::set_limit. |
Limit: | The limit, in bytes, the extracted file is about to breach. |
Offset: | The offset at which a file chunk is about to be written. |
Len: | The length of the file chunk about to be written. |
See also: Files::add_analyzer, Files::ANALYZER_EXTRACT