c-analysed: improved feature extraction from "analyse" events

* c-captured: update detected risks on "detection-update" events * c-collectd: added missing flow breed * c-collectd: PUTVAL macros are more flexible now Signed-off-by: Toni Uhlig <matzeton@googlemail.com>
author: Toni Uhlig <matzeton@googlemail.com> 2022-10-01 17:26:02 +0200
committer: Toni Uhlig <matzeton@googlemail.com> 2022-10-01 18:01:56 +0200
commit: b6060b897e629d3bf16a50842cd9da89ea172621 (patch)
tree: 1b3799bf6d8b1a2ec3c9914a2b17a731030b55b5 /examples/c-captured
parent: 14f6b87551c1d03837f25755abbc8eb71d958e3e (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/examples/c-captured/c-captured.c b/examples/c-captured/c-captured.c
index 645524bd6..229a678eb 100644
--- a/examples/c-captured/c-captured.c
+++ b/examples/c-captured/c-captured.c
@@ -444,7 +444,8 @@ static enum nDPIsrvd_callback_return captured_json_callback(struct nDPIsrvd_sock
             flow_user->detected = 0;
             flow_user->detection_finished = 1;
         }
-        else if (TOKEN_VALUE_EQUALS_SZ(sock, flow_event_name, "detected") != 0)
+        else if (TOKEN_VALUE_EQUALS_SZ(sock, flow_event_name, "detected") != 0 ||
+                 TOKEN_VALUE_EQUALS_SZ(sock, flow_event_name, "detection-update") != 0)
         {
             struct nDPIsrvd_json_token const * const flow_risk = TOKEN_GET_SZ(sock, "ndpi", "flow_risk");
             struct nDPIsrvd_json_token const * current = NULL;
author	Toni Uhlig <matzeton@googlemail.com>	2022-10-01 17:26:02 +0200
committer	Toni Uhlig <matzeton@googlemail.com>	2022-10-01 18:01:56 +0200
commit	b6060b897e629d3bf16a50842cd9da89ea172621 (patch)
tree	1b3799bf6d8b1a2ec3c9914a2b17a731030b55b5 /examples/c-captured
parent	14f6b87551c1d03837f25755abbc8eb71d958e3e (diff)