mpurzynski/meh.bro

## meh.bro
@load frameworks/intel/seen

module Intel;

#fields indicator indicator_type meta.source meta.desc meta.url meta.uuid meta.do_notice meta.expire

export {
    redef record MetaData += {
        uuid: string &optional;
    };

    redef record Info += {
        url: string &log &optional;
        uuid: string &log &optional;
    };
};

hook extend_match(info: Info, s: Seen, items: set[Item]) &priority=10
{
    for ( item in items ) {
        add info$url = item$meta$url;
        add info$uuid = item$meta$uuid;
    }
};
	@load frameworks/intel/seen

	module Intel;

	#fields indicator indicator_type meta.source meta.desc meta.url meta.uuid meta.do_notice meta.expire

	export {
	redef record MetaData += {
	uuid: string &optional;
	};

	redef record Info += {
	url: string &log &optional;
	uuid: string &log &optional;
	};
	};

	hook extend_match(info: Info, s: Seen, items: set[Item]) &priority=10
	{
	for ( item in items ) {
	add info$url = item$meta$url;
	add info$uuid = item$meta$uuid;
	}
	};