Improved InfluxDB push daemon.

* added proper gauge handling that enables pushing data w/o missing out anything e.g. short flows with a lifetime in-between two InfluxDB intervals Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
2025-10-31 18:27:47 +00:00 · 2023-12-15 09:16:28 +01:00
parent 71d933b0cd
commit 8acf2d7273
2 changed files with 271 additions and 145 deletions
--- a/examples/py-semantic-validation/py-semantic-validation.py
+++ b/examples/py-semantic-validation/py-semantic-validation.py
@@ -256,9 +256,21 @@ def onJsonLineRecvd(json_dict, instance, current_flow, global_user_data):
        except AttributeError:
            pass

+        try:
+            if current_flow.flow_finished == True and \
+               json_dict['flow_event_name'] == 'detection-update':
+                raise SemanticValidationException(current_flow,
+                                                  'Flow state already finished, but another detection-update received.')
+        except AttributeError:
+            pass
+
        try:
            if json_dict['flow_state'] == 'finished':
                current_flow.flow_finished = True
+            elif json_dict['flow_state'] == 'info' and \
+                 current_flow.flow_finished is True:
+                raise SemanticValidationException(current_flow,
+                                                  'Flow state already finished, but switched back to info state.')

            if current_flow.flow_finished == True and \
               json_dict['flow_event_name'] != 'analyse' and \