Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Search boundaries #16

Open
jadominguez opened this issue Dec 11, 2020 · 2 comments
Open

Search boundaries #16

jadominguez opened this issue Dec 11, 2020 · 2 comments

Comments

@jadominguez
Copy link

Is there a way to limit the search or dump to a specific date/time range. This can be useful when working on specific incidents where we understand the timeline of the event. I did not see anything specific in the examples that would allow me to do that.

I tried to follow the source code by I am not a Go programmer.

Thank you,

José.
@JustinAzoff
Copy link
Owner

yeah.. I think that should be doable. The databases index ip address to filename, and the filename_to_time_regex option lets it turn a filename back into a time. I think I could add 'earliest' and 'latest' options to the search and dump endpoints.. would that work?

@jadominguez
Copy link
Author

jadominguez commented Dec 12, 2020
edited
Loading

Hello Justin. I think that should do the trick. Could I use both options at the same time? If so, that effectively accomplishes what I was thinking. If only one of the options is used, then we could assume that it should start at the beginning or end of the database set. Thank you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@JustinAzoff @jadominguez