#include <detect-tag.h>
Data Fields | |
| uint8_t | flags:3 |
| uint8_t | metric:5 |
| uint8_t | pad0 |
| uint16_t | cnt_match |
| uint32_t | count |
| uint32_t | sid |
| uint32_t | gid |
| union { | |
| uint32_t packets | |
| uint32_t bytes | |
| }; | |
| uint32_t | first_ts |
| uint32_t | last_ts |
| struct DetectTagDataEntry_ * | next |
Detailed Description
This is the installed data at the session/global or host table
Definition at line 69 of file detect-tag.h.
Field Documentation
◆ @79
| union { ... } |
◆ bytes
| uint32_t DetectTagDataEntry_::bytes |
number of bytes (metric bytes)
Definition at line 80 of file detect-tag.h.
◆ cnt_match
| uint16_t DetectTagDataEntry_::cnt_match |
number of times this tag was reset/updated
Definition at line 73 of file detect-tag.h.
◆ count
| uint32_t DetectTagDataEntry_::count |
count setting from rule
Definition at line 75 of file detect-tag.h.
◆ first_ts
| uint32_t DetectTagDataEntry_::first_ts |
First time seen (for metric = seconds)
Definition at line 82 of file detect-tag.h.
◆ flags
| uint8_t DetectTagDataEntry_::flags |
Definition at line 70 of file detect-tag.h.
Referenced by TagHashAddTag().
◆ gid
| uint32_t DetectTagDataEntry_::gid |
gid originating the tag
Definition at line 77 of file detect-tag.h.
◆ last_ts
| uint32_t DetectTagDataEntry_::last_ts |
Last time seen (to prune old sessions)
Definition at line 83 of file detect-tag.h.
◆ metric
| uint8_t DetectTagDataEntry_::metric |
Definition at line 71 of file detect-tag.h.
◆ next
| struct DetectTagDataEntry_* DetectTagDataEntry_::next |
Pointer to the next tag of this session/src_host/dst_host (if any from other rule)
Definition at line 87 of file detect-tag.h.
Referenced by DetectTagDataListFree().
◆ packets
| uint32_t DetectTagDataEntry_::packets |
number of packets (metric packets)
Definition at line 79 of file detect-tag.h.
◆ pad0
| uint8_t DetectTagDataEntry_::pad0 |
Definition at line 72 of file detect-tag.h.
◆ sid
| uint32_t DetectTagDataEntry_::sid |
sid originating the tag
Definition at line 76 of file detect-tag.h.
The documentation for this struct was generated from the following file:
- src/detect-tag.h
