diff options
author | Dmitriy Alekseev <1865999+dragoangel@users.noreply.github.com> | 2024-10-14 17:32:16 +0200 |
---|---|---|
committer | Dmitriy Alekseev <1865999+dragoangel@users.noreply.github.com> | 2024-10-14 17:32:16 +0200 |
commit | 5196d84d421e3e17d7ef4d3a690bb1ba6988a838 (patch) | |
tree | 0050aee916eaa48e6717be03a3a7905fbf789665 | |
parent | 0a73f356e6af18d1f78534667a4bd298bb08ce19 (diff) | |
download | rspamd-5196d84d421e3e17d7ef4d3a690bb1ba6988a838.tar.gz rspamd-5196d84d421e3e17d7ef4d3a690bb1ba6988a838.zip |
Use received for all logs, fix direction
-rw-r--r-- | src/plugins/lua/elastic.lua | 37 |
1 files changed, 22 insertions, 15 deletions
diff --git a/src/plugins/lua/elastic.lua b/src/plugins/lua/elastic.lua index 18c29711f..c5e24d773 100644 --- a/src/plugins/lua/elastic.lua +++ b/src/plugins/lua/elastic.lua @@ -306,6 +306,25 @@ local function handle_error(action,component,limit) return true end +local function get_received_delay(received_headers) + local now = math.floor(rspamd_util.get_time()) + local timestamp = 0 + local delay = 0 + for _, received_header in ipairs(received_headers) do + if received_header['timestamp'] and received_header['timestamp'] > 0 then + timestamp = received_header['timestamp'] + break + end + end + if timestamp > 0 then + delay = now - timestamp + if delay < 0 then + delay = 0 + end + end + return delay +end + local function create_bulk_json(es_index, logs_to_send) local tbl = {} for _, row in pairs(logs_to_send) do @@ -456,9 +475,9 @@ local function get_general_metadata(task) end r.user = user or empty if user then - r.direction = "Inbound" - else r.direction = "Outbound" + else + r.direction = "Inbound" end r.qid = task:get_queue_id() or empty r.helo = task:get_helo() or empty @@ -605,19 +624,7 @@ local function get_general_metadata(task) local fuzzy_hashes = task:get_mempool():get_variable('fuzzy_hashes', 'fstrings') r.fuzzy_hashes = fuzzy_hashes or empty - r.received_delay = 0 - if user then -- calculate received_delay only for incoming traffic - local recieved_hop = 2 - local received_headers = task:get_received_headers() - if received_headers[recieved_hop] then - if received_headers[recieved_hop]['timestamp'] then - r.received_delay = math.floor(rspamd_util.get_time()) - received_headers[recieved_hop]['timestamp'] - if r.received_delay < 0 then - r.received_delay = 0 - end - end - end - end + r.received_delay = get_received_delay(task:get_received_headers()) return r end |