Add Setting for folder to store extracted pcap slices (#3053)

Add Setting for folder to store extracted pcap flows
brimdata · Apr 23, 2024 · ef047c6 · ef047c6
1 parent 54183c6
commit ef047c6
Show file tree

Hide file tree

Showing 5 changed files with 16 additions and 2 deletions.
diff --git a/apps/zui/src/domain/configurations/plugin-api.ts b/apps/zui/src/domain/configurations/plugin-api.ts
@@ -15,6 +15,7 @@ export type ConfigItem = {
   command?: string
   defaultValue?: string | boolean
   enum?: string[] | [string, string][]
+  placeholder?: string
 }
 
 export type Config = {

diff --git a/apps/zui/src/plugins/brimcap/config.ts b/apps/zui/src/plugins/brimcap/config.ts
@@ -1,3 +1,4 @@
 export const pluginNamespace = "brimcap"
 export const yamlConfigPropName = "yamlConfigPath"
 export const suricataLocalRulesPropName = "suricataLocalRulesPath"
+export const pcapFolderPropName = "pcapExtractionFolderPath"
diff --git a/apps/zui/src/plugins/brimcap/configurations.ts b/apps/zui/src/plugins/brimcap/configurations.ts
@@ -2,6 +2,7 @@ import {
   pluginNamespace,
   yamlConfigPropName,
   suricataLocalRulesPropName,
+  pcapFolderPropName,
 } from "./config"
 import {configurations} from "src/zui"
 
@@ -26,6 +27,13 @@ export function activateBrimcapConfigurations() {
         label: "Local Suricata Rules Folder",
         defaultValue: "",
       },
+      [pcapFolderPropName]: {
+        name: pcapFolderPropName,
+        type: "folder",
+        label: "Folder For Extracted pcaps",
+        defaultValue: "",
+        placeholder: "Default OS tmpdir",
+      },
     },
   })
 }
diff --git a/apps/zui/src/plugins/brimcap/packets/download.ts b/apps/zui/src/plugins/brimcap/packets/download.ts
@@ -6,6 +6,8 @@ import {window, commands} from "src/zui"
 import {queryForConnLog} from "./query-conn-log"
 import {DOWNLOAD} from "./types"
 import {shell} from "electron"
+import {configurations} from "src/zui"
+import {pluginNamespace, pcapFolderPropName} from "../config"
 
 function getSearchArgsFromConn(conn: zed.Record) {
   const dur = conn.try("duration") as zed.Duration
@@ -22,7 +24,9 @@ function getSearchArgsFromConn(conn: zed.Record) {
 
 function getPacketDest(conn: zed.Record) {
   const tsString = conn.get("ts").toString()
-  return join(os.tmpdir(), `packets-${tsString}.pcap`.replace(/:/g, "_"))
+  const pcapExtractionDir =
+    configurations.get(pluginNamespace, pcapFolderPropName) || os.tmpdir()
+  return join(pcapExtractionDir, `packets-${tsString}.pcap`.replace(/:/g, "_"))
 }
 
 export async function downloadPackets(root: string, pool: string, uid: string) {

diff --git a/apps/zui/src/views/settings-modal/input.tsx b/apps/zui/src/views/settings-modal/input.tsx
@@ -66,7 +66,7 @@ export function Input(props: SettingProps) {
             type="text"
             defaultValue={value}
             onBlur={onChange}
-            placeholder="None"
+            placeholder={field.placeholder || "None"}
           />
           <button
             onClick={async () => {