From 2c508d024c8653363a50610fb38713ce0e9d5b88 Mon Sep 17 00:00:00 2001
From: David Santos <44490090+dsecuma@users.noreply.github.com>
Date: Thu, 8 Aug 2024 12:18:21 +0000
Subject: [PATCH] skip download dumps and other files from analysis dir as
 dropfiles

---
 analyzer/linux/modules/auxiliary/filecollector.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/analyzer/linux/modules/auxiliary/filecollector.py b/analyzer/linux/modules/auxiliary/filecollector.py
index a315a81c1f6..ea6945f37a7 100755
--- a/analyzer/linux/modules/auxiliary/filecollector.py
+++ b/analyzer/linux/modules/auxiliary/filecollector.py
@@ -5,6 +5,7 @@
 from threading import Thread
 
 from lib.common.abstracts import Auxiliary
+from lib.common.constants import ROOT
 from lib.common.hashing import hash_file
 from lib.common.results import upload_to_host
 
@@ -125,6 +126,10 @@ def _method_name(self, event):
                     # log.info("Not currently set to collect %s", event.pathname)
                     return
 
+                if event.pathname.startswith(ROOT):
+                    # log.info("Skipping random base directory for file %s", event.pathname)
+                    return
+                
                 if event.pathname.startswith("/tmp/#"):
                     # log.info("Skipping wierd file %s", event.pathname)
                     return