Feature: 7011
dns_log_json_answer: log additional section records.
update schema.json with new "additionals" section.
"authorities": {
"$ref": "#/$defs/dns.authorities"
},
+ "additionals": {
+ "$ref": "#/$defs/dns.additionals"
+ },
"query": {
"type": "array",
"minItems": 1,
},
"authorities": {
"$ref": "#/$defs/dns.authorities"
+ },
+ "additionals": {
+ "$ref": "#/$defs/dns.additionals"
}
},
"additionalProperties": false
"additionalProperties": false
}
},
+ "dns.additionals": {
+ "type": "array",
+ "minItems": 1,
+ "items": {
+ "type": "object",
+ "properties": {
+ "rdata": {
+ "type": "string"
+ },
+ "rrname": {
+ "type": "string"
+ },
+ "rrtype": {
+ "type": "string"
+ },
+ "ttl": {
+ "type": "integer"
+ }
+ },
+ "additionalProperties": false
+ }
+ },
"stats_applayer_error": {
"type": "object",
"properties": {
js.close()?;
}
+ if !response.additionals.is_empty() {
+ let mut is_js_open = false;
+ for add in &response.additionals {
+ if let DNSRData::Unknown(rdata) = &add.data {
+ if rdata.is_empty() {
+ continue;
+ }
+ }
+ if !is_js_open {
+ js.open_array("additionals")?;
+ is_js_open = true;
+ }
+ let add_detail = dns_log_json_answer_detail(add)?;
+ js.append_object(&add_detail)?;
+ }
+ if is_js_open {
+ js.close()?;
+ }
+ }
+
Ok(())
}
projects / thirdparty / suricata.git / commitdiff
