output: add new tx logger to log at certain condition

Some loggers needs certain conditions to be met before logging.
This enables us to use conditions on the tx logger.

diff --git a/src/output-tx.c b/src/output-tx.c
index 79b896325917797302fbf65ebc7cbd95fd2427d5..e94e418897f4597d05e1e674e39b39dbd9aa6ca2 100644 (file)
--- a/src/output-tx.c
+++ b/src/output-tx.c
@@ -47,6 +47,7 @@ typedef struct OutputLoggerThreadData_ {
 typedef struct OutputTxLogger_ {
     AppProto alproto;
     TxLogger LogFunc;
+    TxLoggerCondition LogCondition;
     OutputCtx *output_ctx;
     struct OutputTxLogger_ *next;
     const char *name;
@@ -60,7 +61,7 @@ static OutputTxLogger *list = NULL;
 
 int OutputRegisterTxLogger(const char *name, AppProto alproto, TxLogger LogFunc,
                            OutputCtx *output_ctx, int tc_log_progress,
-                           int ts_log_progress)
+                           int ts_log_progress, TxLoggerCondition LogCondition)
 {
     int module_id = TmModuleGetIdByName(name);
     if (module_id < 0)
@@ -73,6 +74,7 @@ int OutputRegisterTxLogger(const char *name, AppProto alproto, TxLogger LogFunc,
 
     op->alproto = alproto;
     op->LogFunc = LogFunc;
+    op->LogCondition = LogCondition;
     op->output_ctx = output_ctx;
     op->name = name;
     op->module_id = (TmmId) module_id;
@@ -182,16 +184,25 @@ static TmEcode OutputTxLog(ThreadVars *tv, Packet *p, void *thread_data, PacketQ
 
                 if (!(AppLayerParserStateIssetFlag(f->alparser,
                                                    APP_LAYER_PARSER_EOF))) {
-                    if (tx_progress_tc < logger->tc_log_progress) {
-                        SCLogDebug("progress not far enough, not logging");
-                        logger_not_logged = 1;
-                        goto next;
-                    }
-
-                    if (tx_progress_ts < logger->ts_log_progress) {
-                        SCLogDebug("progress not far enough, not logging");
-                        logger_not_logged = 1;
-                        goto next;
+                    if (logger->LogCondition) {
+                        int r = logger->LogCondition(tv, p, alstate, tx, tx_id);
+                        if (r == FALSE) {
+                            SCLogDebug("conditions not met, not logging");
+                            logger_not_logged = 1;
+                            goto next;
+                        }
+                    } else {
+                        if (tx_progress_tc < logger->tc_log_progress) {
+                            SCLogDebug("progress not far enough, not logging");
+                            logger_not_logged = 1;
+                            goto next;
+                        }
+
+                        if (tx_progress_ts < logger->ts_log_progress) {
+                            SCLogDebug("progress not far enough, not logging");
+                            logger_not_logged = 1;
+                            goto next;
+                        }
                     }
                 }
 

diff --git a/src/output-tx.h b/src/output-tx.h
index e8e8163d8907783a231639cfc5818b93da8ba6c0..e73c305ce64b3c02addd973b3bea772d1ee11dc9 100644 (file)
--- a/src/output-tx.h
+++ b/src/output-tx.h
@@ -34,10 +34,11 @@ typedef int (*TxLogger)(ThreadVars *, void *thread_data, const Packet *, Flow *f
 /** packet logger condition function pointer type,
  *  must return true for packets that should be logged
  */
-//typedef int (*TxLogCondition)(ThreadVars *, const Packet *);
+typedef int (*TxLoggerCondition)(ThreadVars *, const Packet *, void *state, void *tx, uint64_t tx_id);
 
 int OutputRegisterTxLogger(const char *name, AppProto alproto, TxLogger LogFunc,
-        OutputCtx *, int tc_log_progress, int ts_log_progress);
+        OutputCtx *, int tc_log_progress, int ts_log_progress,
+        TxLoggerCondition LogCondition);
 
 void TmModuleTxLoggerRegister (void);
 

diff --git a/src/output.c b/src/output.c
index 6a9ab3a6a3c19498674369b3a960a79dbfeb4817..e0f86ae0fda5437856ee15e240c563a30cc29abb 100644 (file)
--- a/src/output.c
+++ b/src/output.c
@@ -150,16 +150,17 @@ error:
 }
 
 /**
- * \brief Register a tx output module with progress.
+ * \brief Wrapper function for tx output modules.
  *
  * This function will register an output module so it can be
  * configured with the configuration file.
  *
  * \retval Returns 0 on success, -1 on failure.
  */
-void OutputRegisterTxModuleWithProgress(const char *name, const char *conf_name,
+void OutputRegisterTxModuleWrapper(const char *name, const char *conf_name,
         OutputCtx *(*InitFunc)(ConfNode *), AppProto alproto,
-        TxLogger TxLogFunc, int tc_log_progress, int ts_log_progress)
+        TxLogger TxLogFunc, int tc_log_progress, int ts_log_progress,
+        TxLoggerCondition TxLogCondition)
 {
     if (unlikely(TxLogFunc == NULL)) {
         goto error;
@@ -174,6 +175,7 @@ void OutputRegisterTxModuleWithProgress(const char *name, const char *conf_name,
     module->conf_name = conf_name;
     module->InitFunc = InitFunc;
     module->TxLogFunc = TxLogFunc;
+    module->TxLogCondition = TxLogCondition;
     module->alproto = alproto;
     module->tc_log_progress = tc_log_progress;
     module->ts_log_progress = ts_log_progress;
@@ -186,10 +188,11 @@ error:
     exit(EXIT_FAILURE);
 }
 
-void OutputRegisterTxSubModuleWithProgress(const char *parent_name,
+void OutputRegisterTxSubModuleWrapper(const char *parent_name,
         const char *name, const char *conf_name, OutputCtx *(*InitFunc)(ConfNode *,
         OutputCtx *parent_ctx), AppProto alproto, TxLogger TxLogFunc,
-        int tc_log_progress, int ts_log_progress)
+        int tc_log_progress, int ts_log_progress,
+        TxLoggerCondition TxLogCondition)
 {
     if (unlikely(TxLogFunc == NULL)) {
         goto error;
@@ -205,6 +208,7 @@ void OutputRegisterTxSubModuleWithProgress(const char *parent_name,
     module->parent_name = parent_name;
     module->InitSubFunc = InitFunc;
     module->TxLogFunc = TxLogFunc;
+    module->TxLogCondition = TxLogCondition;
     module->alproto = alproto;
     module->tc_log_progress = tc_log_progress;
     module->ts_log_progress = ts_log_progress;
@@ -217,6 +221,59 @@ error:
     exit(EXIT_FAILURE);
 }
 
+/**
+ * \brief Register a tx output module with condition.
+ *
+ * This function will register an output module so it can be
+ * configured with the configuration file.
+ *
+ * \retval Returns 0 on success, -1 on failure.
+ */
+void OutputRegisterTxModuleWithCondition(const char *name, const char *conf_name,
+        OutputCtx *(*InitFunc)(ConfNode *), AppProto alproto,
+        TxLogger TxLogFunc, TxLoggerCondition TxLogCondition)
+{
+    OutputRegisterTxModuleWrapper(name, conf_name, InitFunc, alproto,
+                                  TxLogFunc, 0, 0, TxLogCondition);
+}
+
+void OutputRegisterTxSubModuleWithCondition(const char *parent_name,
+        const char *name, const char *conf_name, OutputCtx *(*InitFunc)(ConfNode *,
+        OutputCtx *parent_ctx), AppProto alproto, TxLogger TxLogFunc,
+        TxLoggerCondition TxLogCondition)
+{
+    OutputRegisterTxSubModuleWrapper(parent_name, name, conf_name, InitFunc,
+                                     alproto, TxLogFunc, 0, 0,
+                                     TxLogCondition);
+}
+
+/**
+ * \brief Register a tx output module with progress.
+ *
+ * This function will register an output module so it can be
+ * configured with the configuration file.
+ *
+ * \retval Returns 0 on success, -1 on failure.
+ */
+void OutputRegisterTxModuleWithProgress(const char *name, const char *conf_name,
+        OutputCtx *(*InitFunc)(ConfNode *), AppProto alproto,
+        TxLogger TxLogFunc, int tc_log_progress, int ts_log_progress)
+{
+    OutputRegisterTxModuleWrapper(name, conf_name, InitFunc, alproto,
+                                  TxLogFunc, tc_log_progress, ts_log_progress,
+                                  NULL);
+}
+
+void OutputRegisterTxSubModuleWithProgress(const char *parent_name,
+        const char *name, const char *conf_name, OutputCtx *(*InitFunc)(ConfNode *,
+        OutputCtx *parent_ctx), AppProto alproto, TxLogger TxLogFunc,
+        int tc_log_progress, int ts_log_progress)
+{
+    OutputRegisterTxSubModuleWrapper(parent_name, name, conf_name, InitFunc,
+                                     alproto, TxLogFunc, tc_log_progress,
+                                     ts_log_progress, NULL);
+}
+
 /**
  * \brief Register a tx output module.
  *
@@ -230,9 +287,8 @@ OutputRegisterTxModule(const char *name, const char *conf_name,
     OutputCtx *(*InitFunc)(ConfNode *), AppProto alproto,
     TxLogger TxLogFunc)
 {
-    /* wrapper function */
-    OutputRegisterTxModuleWithProgress(name, conf_name, InitFunc, alproto,
-                                       TxLogFunc, 0, 0);
+    OutputRegisterTxModuleWrapper(name, conf_name, InitFunc, alproto,
+                                  TxLogFunc, 0, 0, NULL);
 }
 
 void
@@ -240,9 +296,8 @@ OutputRegisterTxSubModule(const char *parent_name, const char *name,
     const char *conf_name, OutputCtx *(*InitFunc)(ConfNode *, OutputCtx *parent_ctx),
     AppProto alproto, TxLogger TxLogFunc)
 {
-    /* wrapper function */
-    OutputRegisterTxSubModuleWithProgress(parent_name, name, conf_name,
-                                          InitFunc, alproto, TxLogFunc, 0, 0);
+    OutputRegisterTxSubModuleWrapper(parent_name, name, conf_name,
+                                     InitFunc, alproto, TxLogFunc, 0, 0, NULL);
 }
 
 /**

diff --git a/src/output.h b/src/output.h
index 85ae932527555eddb69cf93cc715b3b78b5a5c02..91d8bd2708c122ab5d20be30e29bfc8ac99ae969 100644 (file)
--- a/src/output.h
+++ b/src/output.h
@@ -48,6 +48,7 @@ typedef struct OutputModule_ {
     PacketLogger PacketLogFunc;
     PacketLogCondition PacketConditionFunc;
     TxLogger TxLogFunc;
+    TxLoggerCondition TxLogCondition;
     FileLogger FileLogFunc;
     FiledataLogger FiledataLogFunc;
     FlowLogger FlowLogFunc;
@@ -77,6 +78,14 @@ void OutputRegisterTxSubModule(const char *parent_name, const char *name,
     const char *conf_name, OutputCtx *(*InitFunc)(ConfNode *, OutputCtx *parent_ctx),
     AppProto alproto, TxLogger TxLogFunc);
 
+void OutputRegisterTxModuleWithCondition(const char *name, const char *conf_name,
+        OutputCtx *(*InitFunc)(ConfNode *), AppProto alproto,
+        TxLogger TxLogFunc, TxLoggerCondition TxLogCondition);
+void OutputRegisterTxSubModuleWithCondition(const char *parent_name,
+        const char *name, const char *conf_name, OutputCtx *(*InitFunc)(ConfNode *,
+        OutputCtx *parent_ctx), AppProto alproto, TxLogger TxLogFunc,
+        TxLoggerCondition TxLogCondition);
+
 void OutputRegisterTxModuleWithProgress(const char *name, const char *conf_name,
     OutputCtx *(*InitFunc)(ConfNode *), AppProto alproto,
     TxLogger TxLogFunc, int tc_log_progress, int ts_log_progress);

diff --git a/src/runmodes.c b/src/runmodes.c
index e0154a1f55a5d0135164cbe11cb93a00aa5f949e..fa920cec1ca58376c12a7394ef050734e61759fd 100644 (file)
--- a/src/runmodes.c
+++ b/src/runmodes.c
@@ -618,7 +618,7 @@ static void SetupOutput(const char *name, OutputModule *module, OutputCtx *outpu
         SCLogDebug("%s is a tx logger", module->name);
         OutputRegisterTxLogger(module->name, module->alproto,
                 module->TxLogFunc, output_ctx, module->tc_log_progress,
-                module->ts_log_progress);
+                module->ts_log_progress, module->TxLogCondition);
 
         /* need one instance of the tx logger module */
         if (tx_logger_module == NULL) {