]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5f39728)
json: use top-level sensor-name if provided. 1860/head
authorJason Ish <ish@unx.ca>
Thu, 11 Feb 2016 20:45:23 +0000 (14:45 -0600)
committerJason Ish <ish@unx.ca>
Thu, 18 Feb 2016 04:56:17 +0000 (22:56 -0600)
Currently the default configuration file contains a "sensor-name"
at the root of the configuration file, however, eve-log will only
use it if its specified under eve-log.

Now we will look for it at the eve-log, if present we'll use it
but log a deprecation warning, if its not present we'll look
for sensor-name at the root of the configuration.

src/output-json.c patch | blob | blame | history
src/util-error.c patch | blob | blame | history
src/util-error.h patch | blob | blame | history

diff --git a/src/output-json.c b/src/output-json.c
index 7661725d523216fb1a9580832e72891a01c7f82a..3a24fcecfb187889c6b5947acd80cd38d621cb5c 100644 (file)
--- a/src/output-json.c
+++ b/src/output-json.c
@@ -435,7 +435,17 @@ OutputCtx *OutputJsonInitCtx(ConfNode *conf)
 {
     OutputJsonCtx *json_ctx = SCCalloc(1, sizeof(OutputJsonCtx));;
 
+    /* First lookup a sensor-name value in this outputs configuration
+     * node (deprecated). If that fails, lookup the global one. */
     const char *sensor_name = ConfNodeLookupChildValue(conf, "sensor-name");
+    if (sensor_name != NULL) {
+        SCLogWarning(SC_ERR_DEPRECATED_CONF,
+            "Found deprecated eve-log setting \"sensor-name\". "
+            "Please set sensor-name globally.");
+    }
+    else {
+        ConfGet("sensor-name", (char **)&sensor_name);
+    }
 
     if (unlikely(json_ctx == NULL)) {
         SCLogDebug("AlertJsonInitCtx: Could not create new LogFileCtx");
diff --git a/src/util-error.c b/src/util-error.c
index 8ea229b5988d0ad693d70a98dd16f73f5b2f9ee0..5b03c5ad15f869445fedf9db3e7840211bcf9434 100644 (file)
--- a/src/util-error.c
+++ b/src/util-error.c
@@ -314,6 +314,7 @@ const char * SCErrorToString(SCError err)
         CASE_CODE (SC_ERR_INVALID_RULE_ARGUMENT);
         CASE_CODE (SC_ERR_STATS_LOG_NEGATED);
         CASE_CODE (SC_ERR_JSON_STATS_LOG_NEGATED);
+        CASE_CODE (SC_ERR_DEPRECATED_CONF);
     }
 
     return "UNKNOWN_ERROR";
diff --git a/src/util-error.h b/src/util-error.h
index fec09d04a7bf76a654aac4c3fb05aeebe934aba6..0dcfb674d1fa95cdb00ce3123be54426a70c856e 100644 (file)
--- a/src/util-error.h
+++ b/src/util-error.h
@@ -304,6 +304,7 @@ typedef enum {
     SC_ERR_MT_NO_MAPPING,
     SC_ERR_STATS_LOG_NEGATED, /** When totals and threads are both NO in yaml **/
     SC_ERR_JSON_STATS_LOG_NEGATED, /** When totals and threads are both NO in yaml **/
+    SC_ERR_DEPRECATED_CONF, /**< Deprecated configuration parameter. */
 } SCError;
 
 const char *SCErrorToString(SCError);
Mirror of https://github.com/OISF/suricata.git