policy/misc/trim-trace-file.zeek

TrimTraceFile

Deletes the -w tracefile at regular intervals and starts a new file from scratch.

Namespace

TrimTraceFile

Summary

Redefinable Options

TrimTraceFile::trim_interval: interval &redef

The interval between times that the output tracefile is rotated.

Events

TrimTraceFile::go: event

This event can be generated externally to this script if on-demand tracefile rotation is required with the caveat that the script doesn’t currently attempt to get back on schedule automatically and the next trim likely won’t happen on the TrimTraceFile::trim_interval.

Detailed Interface

Redefinable Options

TrimTraceFile::trim_interval
Type

interval

Attributes

&redef

Default

10.0 mins

The interval between times that the output tracefile is rotated.

Events

TrimTraceFile::go
Type

event (first_trim: bool)

This event can be generated externally to this script if on-demand tracefile rotation is required with the caveat that the script doesn’t currently attempt to get back on schedule automatically and the next trim likely won’t happen on the TrimTraceFile::trim_interval.