output/tftp: have tftp properties in alerts

Ticket: 6501

diff --git a/rust/src/tftp/log.rs b/rust/src/tftp/log.rs
index b4837036a156f17e6dab45407f5be8104900be06..f6e63531a07e0d7c2713c0f05fb3d236db8850c3 100644 (file)
--- a/rust/src/tftp/log.rs
+++ b/rust/src/tftp/log.rs
@@ -24,6 +24,7 @@ fn tftp_log_request(tx: &mut TFTPTransaction,
                     jb: &mut JsonBuilder)
                     -> Result<(), JsonError>
 {
+    jb.open_object("tftp")?;
     match tx.opcode {
         1 => jb.set_string("packet", "read")?,
         2 => jb.set_string("packet", "write")?,
@@ -31,6 +32,7 @@ fn tftp_log_request(tx: &mut TFTPTransaction,
     };
     jb.set_string("file", tx.filename.as_str())?;
     jb.set_string("mode", tx.mode.as_str())?;
+    jb.close()?;
     Ok(())
 }
 

diff --git a/src/output-json-tftp.c b/src/output-json-tftp.c
index 4fff67a8b6960d5a54f76d45e07bfdc5bb0917fd..a0bc9ee1809ed84fa7b0dc6952addad8af0a71f2 100644 (file)
--- a/src/output-json-tftp.c
+++ b/src/output-json-tftp.c
@@ -58,11 +58,9 @@ static int JsonTFTPLogger(ThreadVars *tv, void *thread_data,
         return TM_ECODE_FAILED;
     }
 
-    jb_open_object(jb, "tftp");
     if (unlikely(!rs_tftp_log_json_request(tx, jb))) {
         goto error;
     }
-    jb_close(jb);
 
     OutputJsonBuilderBuffer(jb, thread);
 

diff --git a/src/output.c b/src/output.c
index d57622ff39c9712c05a679296ff19d80452c2609..5aa341d2cbd473478b6d8efdd39965a79f55762e 100644 (file)
--- a/src/output.c
+++ b/src/output.c
@@ -1148,7 +1148,7 @@ static EveJsonSimpleAppLayerLogger simple_json_applayer_loggers[ALPROTO_MAX] = {
     { ALPROTO_NFS, NULL }, // special: uses state
     { ALPROTO_NTP, NULL }, // no logging
     { ALPROTO_FTPDATA, EveFTPDataAddMetadata },
-    { ALPROTO_TFTP, NULL }, // TODO missing
+    { ALPROTO_TFTP, (EveJsonSimpleTxLogFunc)rs_tftp_log_json_request },
     { ALPROTO_IKE, NULL },  // special: uses state
     { ALPROTO_KRB5, NULL }, // TODO missing
     { ALPROTO_QUIC, rs_quic_to_json },