#include "app-layer-ftp.h"
#include "output-json-ftp.h"
-static void EveFTPLogCommand(FTPTransaction *tx, JsonBuilder *jb)
+bool EveFTPLogCommand(void *vtx, JsonBuilder *jb)
{
+ FTPTransaction *tx = vtx;
/* Preallocate array objects to simplify failure case */
JsonBuilder *js_resplist = NULL;
if (!TAILQ_EMPTY(&tx->response_list)) {
js_resplist = jb_new_array();
if (unlikely(js_resplist == NULL)) {
- return;
+ return false;
}
}
jb_open_object(jb, "ftp");
JB_SET_FALSE(jb, "reply_truncated");
}
jb_close(jb);
+ return true;
}
} else {
event_type = "ftp";
}
- FTPTransaction *tx = vtx;
JsonBuilder *jb =
CreateEveHeaderWithTxId(p, LOG_DIR_FLOW, event_type, NULL, tx_id, thread->ctx);
goto fail;
}
} else {
- EveFTPLogCommand(tx, jb);
+ EveFTPLogCommand(vtx, jb);
}
OutputJsonBuilderBuffer(jb, thread);
#define __OUTPUT_JSON_FTP_H__
void JsonFTPLogRegister(void);
+bool EveFTPLogCommand(void *vtx, JsonBuilder *js);
#endif /* __OUTPUT_JSON_FTP_H__ */
static EveJsonSimpleAppLayerLogger simple_json_applayer_loggers[ALPROTO_MAX] = {
{ ALPROTO_UNKNOWN, NULL },
{ ALPROTO_HTTP1, NULL }, // special: uses some options flags
- { ALPROTO_FTP, NULL }, // TODO missing
- { ALPROTO_SMTP, NULL }, // special: uses state
+ { ALPROTO_FTP, EveFTPLogCommand },
+ { ALPROTO_SMTP, NULL }, // special: uses state
{ ALPROTO_TLS, JsonTlsLogJSONExtended },
{ ALPROTO_SSH, rs_ssh_log_json },
{ ALPROTO_IMAP, NULL }, // protocol detection only
projects / thirdparty / suricata.git / commitdiff
