files_rule_checker Class Reference
files rule: More...
#include <sec_analyzer.h>
Inheritance diagram for files_rule_checker:
Collaboration diagram for files_rule_checker:
Public Member Functions | |
| virtual | ~files_rule_checker ()=default |
| files_rule_checker (std::shared_ptr< sec_analyzer > analyzer_ptr) | |
| int | check_rule (const tracker_event< files_event > &e, rule_message &msg) |
 Public Member Functions inherited from rule_base< files_event > | |
| rule_base (std::shared_ptr< sec_analyzer > analyzer_ptr) | |
| virtual | ~rule_base ()=default |
| void | handle (tracker_event< files_event > &e) |
| implement this function to handle the event More... | |
| Public Member Functions inherited from event_handler< files_event > | |
| virtual | ~event_handler ()=default |
| std::shared_ptr< event_handler< files_event > > | add_handler (std::shared_ptr< event_handler< files_event >> handler) |
| add a next handler after this handler More... | |
| void | do_handle_event (tracker_event< files_event > &e) |
| Public Member Functions inherited from event_handler_base< files_event > | |
| virtual | ~event_handler_base ()=default |
Additional Inherited Members | |
| Public Attributes inherited from rule_base< files_event > | |
| std::shared_ptr< sec_analyzer > | analyzer |
| Public Attributes inherited from event_handler< files_event > | |
| std::shared_ptr< event_handler_base< files_event > > | next_handler |
Detailed Description
files rule:
for example, a read or write to specific file
Constructor & Destructor Documentation
◆ ~files_rule_checker()
|
virtualdefault |
◆ files_rule_checker()
|
inline |
Member Function Documentation
◆ check_rule()
|
virtual |
Implements rule_base< files_event >.
The documentation for this class was generated from the following file:
- include/eunomia/sec_analyzer.h
