Before the parent (PAS-24
) can be implemented, need to put some documentation together detailing which reports are dependant on which tshark runs.
For example, as of PAS-22
if you were to disable the tshark run that generates the TCP Transaction log, you'd also not get dest-ip-ports.csv
So before any logic is implemented to allow disabling tshark runs, need to document what the effects are. In some cases, it may be necessary to have two config options - one to prevent the run (potentially affecting multiple reports), the other to disable just specific reports.
The documentation will also be needed when introducing new features where they rely on an existing dataset