WARN_ONCE(SC_ERR_SPRINTF,
"Failed to write file info record. Output filename truncated.");
} else {
- JsonBuilder *js_fileinfo = JsonBuildFileInfoRecord(p, ff, true, dir,
- ctx->xff_cfg);
+ JsonBuilder *js_fileinfo =
+ JsonBuildFileInfoRecord(p, ff, true, dir, ctx->xff_cfg, NULL);
if (likely(js_fileinfo != NULL)) {
jb_close(js_fileinfo);
FILE *out = fopen(js_metadata_filename, "w");
if (unlikely(jb == NULL)) {
return TM_ECODE_FAILED;
}
+ EveAddCommonOptions(&thread->ctx->cfg, p, f, jb);
jb_open_object(jb, "dcerpc");
if (p->proto == IPPROTO_TCP) {
uint32_t file_cnt;
HttpXFFCfg *xff_cfg;
HttpXFFCfg *parent_xff_cfg;
+ OutputJsonCommonSettings cfg;
} OutputFileCtx;
typedef struct JsonFileLogThread_ {
MemBuffer *buffer;
} JsonFileLogThread;
-JsonBuilder *JsonBuildFileInfoRecord(const Packet *p, const File *ff,
- const bool stored, uint8_t dir, HttpXFFCfg *xff_cfg)
+JsonBuilder *JsonBuildFileInfoRecord(const Packet *p, const File *ff, const bool stored,
+ uint8_t dir, HttpXFFCfg *xff_cfg, OutputJsonCommonSettings *cfg)
{
enum OutputJsonLogDirection fdir = LOG_DIR_FLOW;
JsonBuilder *js = CreateEveHeader(p, fdir, "fileinfo", &addr);
if (unlikely(js == NULL))
return NULL;
+ if (cfg != NULL) {
+ EveAddCommonOptions(cfg, p, p->flow, js);
+ }
JsonBuilderMark mark = { 0, 0, 0 };
switch (p->flow->alproto) {
{
HttpXFFCfg *xff_cfg = aft->filelog_ctx->xff_cfg != NULL ?
aft->filelog_ctx->xff_cfg : aft->filelog_ctx->parent_xff_cfg;;
- JsonBuilder *js = JsonBuildFileInfoRecord(p, ff,
- ff->flags & FILE_STORED ? true : false, dir, xff_cfg);
+ JsonBuilder *js = JsonBuildFileInfoRecord(
+ p, ff, ff->flags & FILE_STORED ? true : false, dir, xff_cfg, &aft->filelog_ctx->cfg);
if (unlikely(js == NULL)) {
return;
}
}
output_file_ctx->file_ctx = ojc->file_ctx;
+ output_file_ctx->cfg = ojc->cfg;
if (conf) {
const char *force_filestore = ConfNodeLookupChildValue(conf, "force-filestore");
#define __OUTPUT_JSON_FILE_H__
#include "app-layer-htp-xff.h"
+#include "output-json.h"
void JsonFileLogRegister(void);
-JsonBuilder *JsonBuildFileInfoRecord(const Packet *p, const File *ff,
- const bool stored, uint8_t dir, HttpXFFCfg *xff_cfg);
+JsonBuilder *JsonBuildFileInfoRecord(const Packet *p, const File *ff, const bool stored,
+ uint8_t dir, HttpXFFCfg *xff_cfg, OutputJsonCommonSettings *cfg);
#endif /* __OUTPUT_JSON_FILE_H__ */
typedef struct LogMQTTFileCtx_ {
LogFileCtx *file_ctx;
uint32_t flags;
+ OutputJsonCommonSettings cfg;
} LogMQTTFileCtx;
typedef struct LogMQTTLogThread_ {
if (unlikely(js == NULL)) {
return TM_ECODE_FAILED;
}
+ EveAddCommonOptions(&thread->mqttlog_ctx->cfg, p, f, js);
if (!rs_mqtt_logger_log(state, tx, thread->mqttlog_ctx->flags, js))
goto error;
return result;
}
mqttlog_ctx->file_ctx = ajt->file_ctx;
+ mqttlog_ctx->cfg = ajt->cfg;
OutputCtx *output_ctx = SCCalloc(1, sizeof(*output_ctx));
if (unlikely(output_ctx == NULL)) {
typedef struct LogRFBFileCtx_ {
LogFileCtx *file_ctx;
uint32_t flags;
+ OutputJsonCommonSettings cfg;
} LogRFBFileCtx;
typedef struct LogRFBLogThread_ {
return TM_ECODE_FAILED;
}
+ EveAddCommonOptions(&thread->rfblog_ctx->cfg, p, f, js);
+
if (!rs_rfb_logger_log(NULL, tx, js)) {
goto error;
}
return result;
}
rfblog_ctx->file_ctx = ajt->file_ctx;
+ rfblog_ctx->cfg = ajt->cfg;
OutputCtx *output_ctx = SCCalloc(1, sizeof(*output_ctx));
if (unlikely(output_ctx == NULL)) {
projects / thirdparty / suricata.git / commitdiff
