<< Click to Display Table of Contents >> Navigation:  Event and Object Analysis > Capture Results Filtering > Filtration Basics > Rules > Criteria and Conditions > DETECTOR condition

Sets the name of the detector which identified the message.

Description

When a detector is triggered, the system stores its name in the metadata of the message. The DETECTOR condition can be used during message processing to determine the detector triggered by the message (there can be only one).

Format

<c name="detector" value="[detector-name(s)]" />

The "name" attribute:

The name attribute contains the action name: name="detector".

The "value" attribute:

The value="..." attribute specifies the name to compare to the name of the detector triggered by the message. There may be several names separated with a comma ','. You can place spaces after commas for readability purposes.

Example:

Messages from mail.ru, yandex.ru detectors.

<?xml version="1.0" encoding="utf-8"?>
<filter name="Message filter" version="1.0">
 <comment>Messages filter.</comment>
 <table name="main">
 
   <rule enabled="1">
     <comment>
       Messages from detectors mail.ru,
       yandex.ru.
     </comment>
     <match>
       <c name="detector" value="mail.ru, yandex.ru" />
     </match>
     <action name="drop" />
   </rule>
 
 </table>
</filter>