View on
MetaCPAN is shutting down
For details read Perl NOC. After June 25th this page will redirect to
Adam Kennedy > ThreatNet-0.20 > ThreatNet::Filter



Annotate this POD


New  1
Open  0
View/Report Bugs
Module Version: 0.20   Source  


ThreatNet::Filter - Interface for ThreatNet event filters


ThreatNet data sources can potentially generate a hell of a lot of events, and it's important to be able to filter these down to just the events that matter.

Many of the filters are stateful. For example, the standard ThreatNet::Filter::ThreatCache module provides cache objects that filter out any threats that have already been seen in the previous hour. (or whatever the state period is).


The filter API is quite simple, with only a few methods.

new ...

Since some categories of filter do not strictly need to be in the form of an object, a default new constructor is provided which just creates an empty object.

Returns a new ThreatNet::Filter object, or some sub-classes may return undef on error.

keep $Message

The keep method takes a ThreatNet::Message object and examines it to determine if the message should be kept, or filtered out.

In the default implementation of the filter, all messages are kept.

Returns true if the message should be kept, or false if the message should be discarded.


All bugs should be filed via the bug tracker at

For other issues, or commercial enhancement and support, contact the author


Adam Kennedy <>

SEE ALSO ^, ThreatNet::Message


Copyright (c) 2004 - 2005 Adam Kennedy. All rights reserved. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

The full text of the license can be found in the LICENSE file included with this module.

syntax highlighting: