I’m new to Bro and made it through some example problems I found but am stumped with a current problem. I’m trying to do either an HTTP request using ActiveHTTP::Request or an external command using Exec::Command. I found some example code using both and am first trying to run those to see if I can get expected output.
Example code I’m following: https://gist.github.com/hillar/825c36269c2f684a45b3
To summarize where I’m having difficulty:
function do_mhr_lookup(hash: string, fi: Notice::FileInfo)
local data = fmt(“resource=%s”, hash);
local key = fmt("-d apikey=%s", vt_apikey);
local req: ActiveHTTP::Request = ActiveHTTP::Request($url…);
when (local res = ActiveHTTP::request(req))
From what I’ve read, the ActiveHTTP::request can only be run in a when statement. The same is true for the Exec::run command. In the above sample code, the req variable is exactly what I want it to be (confirmed with a print), but nothing is happening after that. I’ve come across similar questions to mine that recommended using “redef exit_only_after_terminate = T;” or “@load frameworks/communication/listen”. Both of these are not affecting the behavior of the script.
How can I ensure that the ActiveHTTP::request is run?