:language: c
:start-at: /** \brief Register a transaction logger
:end-at: );
+
+Stream Logging
+~~~~~~~~~~~~~~
+
+Stream logging allows for the logging of streaming data such as TCP
+reassembled data and HTTP body data. The provided log function will be
+called each time a new chunk of data is available.
+
+Stream loggers can be registered with the
+``SCOutputRegisterStreamingLogger`` function:
+
+.. literalinclude:: ../../../../../src/output-streaming.h
+ :language: c
+ :start-at: /** \brief Register a streaming logger
+ :end-at: );
typedef struct LogTcpDataFileCtx_ {
LogFileCtx *file_ctx;
- enum OutputStreamingType type;
+ enum SCOutputStreamingType type;
const char *log_dir;
int file;
int dir;
* it's perfectly valid that have multiple instances of the same
* log module (e.g. http.log) with different output ctx'. */
typedef struct OutputStreamingLogger_ {
- StreamingLogger LogFunc;
+ SCStreamingLogger LogFunc;
void *initdata;
struct OutputStreamingLogger_ *next;
const char *name;
LoggerId logger_id;
- enum OutputStreamingType type;
+ enum SCOutputStreamingType type;
ThreadInitFunc ThreadInit;
ThreadDeinitFunc ThreadDeinit;
} OutputStreamingLogger;
static OutputStreamingLogger *list = NULL;
-int OutputRegisterStreamingLogger(LoggerId id, const char *name, StreamingLogger LogFunc,
- void *initdata, enum OutputStreamingType type, ThreadInitFunc ThreadInit,
+int SCOutputRegisterStreamingLogger(LoggerId id, const char *name, SCStreamingLogger LogFunc,
+ void *initdata, enum SCOutputStreamingType type, ThreadInitFunc ThreadInit,
ThreadDeinitFunc ThreadDeinit)
{
OutputStreamingLogger *op = SCCalloc(1, sizeof(*op));
OutputLoggerThreadStore *store;
ThreadVars *tv;
Packet *p;
- enum OutputStreamingType type;
+ enum SCOutputStreamingType type;
} StreamerCallbackData;
static int Streamer(void *cbdata, Flow *f, const uint8_t *data, uint32_t data_len, uint64_t tx_id, uint8_t flags)
-/* Copyright (C) 2007-2022 Open Information Security Foundation
+/* Copyright (C) 2007-2024 Open Information Security Foundation
*
* You can copy, redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
#define OUTPUT_STREAMING_FLAG_TOCLIENT 0x08
#define OUTPUT_STREAMING_FLAG_TRANSACTION 0x10
-enum OutputStreamingType {
+enum SCOutputStreamingType {
STREAMING_TCP_DATA,
STREAMING_HTTP_BODIES,
};
/** streaming logger function pointer type */
-typedef int (*StreamingLogger)(ThreadVars *, void *thread_data,
- const Flow *f, const uint8_t *data, uint32_t data_len,
- uint64_t tx_id, uint8_t flags);
+typedef int (*SCStreamingLogger)(ThreadVars *, void *thread_data, const Flow *f,
+ const uint8_t *data, uint32_t data_len, uint64_t tx_id, uint8_t flags);
-int OutputRegisterStreamingLogger(LoggerId id, const char *name, StreamingLogger LogFunc,
- void *initdata, enum OutputStreamingType, ThreadInitFunc ThreadInit,
+/** \brief Register a streaming logger.
+ *
+ * \param logger_id An ID to uniquely identify this logger.
+ *
+ * \param name An informational name for this logger.
+ *
+ * \param LogFunc Pointer to logging function.
+ *
+ * \param initdata Initialization data that will be passed the
+ * ThreadInit.
+ *
+ * \param stream_type Type of stream to log, see
+ * SCOutputStreamingType.
+ *
+ * \param ThreadInit Pointer to thread initialization function.
+ *
+ * \param ThreadDeinit Pointer to thread de-initialization function.
+ */
+int SCOutputRegisterStreamingLogger(LoggerId logger_id, const char *name, SCStreamingLogger LogFunc,
+ void *initdata, enum SCOutputStreamingType stream_type, ThreadInitFunc ThreadInit,
ThreadDeinitFunc ThreadDeinit);
+/** Internal function: private API. */
void OutputStreamingLoggerRegister (void);
+/** Internal function: private API. */
void OutputStreamingShutdown(void);
#endif /* SURICATA_OUTPUT_STREAMING_H */
* \retval Returns 0 on success, -1 on failure.
*/
void OutputRegisterStreamingModule(LoggerId id, const char *name, const char *conf_name,
- OutputInitFunc InitFunc, StreamingLogger StreamingLogFunc,
- enum OutputStreamingType stream_type, ThreadInitFunc ThreadInit,
+ OutputInitFunc InitFunc, SCStreamingLogger StreamingLogFunc,
+ enum SCOutputStreamingType stream_type, ThreadInitFunc ThreadInit,
ThreadDeinitFunc ThreadDeinit)
{
if (unlikely(StreamingLogFunc == NULL)) {
FileLogger FileLogFunc;
FiledataLogger FiledataLogFunc;
FlowLogger FlowLogFunc;
- StreamingLogger StreamingLogFunc;
+ SCStreamingLogger StreamingLogFunc;
StatsLogger StatsLogFunc;
AppProto alproto;
- enum OutputStreamingType stream_type;
+ enum SCOutputStreamingType stream_type;
int tc_log_progress;
int ts_log_progress;
ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit);
void OutputRegisterStreamingModule(LoggerId id, const char *name, const char *conf_name,
- OutputInitFunc InitFunc, StreamingLogger StreamingLogFunc,
- enum OutputStreamingType stream_type, ThreadInitFunc ThreadInit,
+ OutputInitFunc InitFunc, SCStreamingLogger StreamingLogFunc,
+ enum SCOutputStreamingType stream_type, ThreadInitFunc ThreadInit,
ThreadDeinitFunc ThreadDeinit);
void OutputRegisterStatsModule(LoggerId id, const char *name, const char *conf_name,
file_logger_count++;
} else if (module->StreamingLogFunc) {
SCLogDebug("%s is a streaming logger", module->name);
- OutputRegisterStreamingLogger(module->logger_id, module->name, module->StreamingLogFunc,
+ SCOutputRegisterStreamingLogger(module->logger_id, module->name, module->StreamingLogFunc,
output_ctx, module->stream_type, module->ThreadInit, module->ThreadDeinit);
} else {
SCLogError("Unknown logger type: name=%s", module->name);
projects / thirdparty / suricata.git / commitdiff
