#include "output.h"
#include "output-json.h"
+#include "output-json-http.h"
#include "log-file.h"
#include "util-logopenfile.h"
MemBuffer *buffer;
} JsonFileLogThread;
-static json_t *LogFileMetaGetUri(const Packet *p, const File *ff)
-{
- HtpState *htp_state = (HtpState *)p->flow->alstate;
- json_t *js = NULL;
- if (htp_state != NULL) {
- htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP, htp_state, ff->txid);
- if (tx != NULL) {
- HtpTxUserData *tx_ud = htp_tx_get_user_data(tx);
- if (tx_ud != NULL && tx_ud->request_uri_normalized != NULL) {
- char *s = bstr_util_strdup_to_c(tx_ud->request_uri_normalized);
- if (s != NULL) {
- js = json_string(s);
- SCFree(s);
- if (js != NULL)
- return js;
- }
- }
- }
- }
-
- return NULL;
-}
-
-static json_t *LogFileMetaGetHost(const Packet *p, const File *ff)
-{
- HtpState *htp_state = (HtpState *)p->flow->alstate;
- json_t *js = NULL;
- if (htp_state != NULL) {
- htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP, htp_state, ff->txid);
- if (tx != NULL && tx->request_hostname != NULL) {
- char *s = bstr_util_strdup_to_c(tx->request_hostname);
- if (s != NULL) {
- js = json_string(s);
- SCFree(s);
- if (js != NULL)
- return js;
- }
- }
- }
-
- return NULL;
-}
-
-static json_t *LogFileMetaGetReferer(const Packet *p, const File *ff)
-{
- HtpState *htp_state = (HtpState *)p->flow->alstate;
- json_t *js = NULL;
- if (htp_state != NULL) {
- htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP, htp_state, ff->txid);
- if (tx != NULL) {
- htp_header_t *h = NULL;
- h = (htp_header_t *)htp_table_get_c(tx->request_headers,
- "Referer");
- if (h != NULL) {
- char *s = bstr_util_strdup_to_c(h->value);
- if (s != NULL) {
- js = json_string(s);
- SCFree(s);
- if (js != NULL)
- return js;
- }
- }
- }
- }
-
- return NULL;
-}
-
-static json_t *LogFileMetaGetUserAgent(const Packet *p, const File *ff)
-{
- HtpState *htp_state = (HtpState *)p->flow->alstate;
- json_t *js = NULL;
- if (htp_state != NULL) {
- htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP, htp_state, ff->txid);
- if (tx != NULL) {
- htp_header_t *h = NULL;
- h = (htp_header_t *)htp_table_get_c(tx->request_headers,
- "User-Agent");
- if (h != NULL) {
- char *s = bstr_util_strdup_to_c(h->value);
- if (s != NULL) {
- js = json_string(s);
- SCFree(s);
- if (js != NULL)
- return js;
- }
- }
- }
- }
-
- return NULL;
-}
-
/**
* \internal
* \brief Write meta data on a single line json record
{
MemBuffer *buffer = (MemBuffer *)aft->buffer;
json_t *js = CreateJSONHeader((Packet *)p, 0, "fileinfo"); //TODO const
+ json_t *hjs = NULL;
if (unlikely(js == NULL))
return;
/* reset */
MemBufferReset(buffer);
- json_t *hjs = json_object();
- if (unlikely(hjs == NULL)) {
- json_decref(js);
- return;
- }
-
- json_object_set_new(hjs, "app_proto", json_string(AppProtoToString(p->flow->alproto)));
switch (p->flow->alproto) {
case ALPROTO_HTTP:
- json_object_set_new(hjs, "url", LogFileMetaGetUri(p, ff));
- json_object_set_new(hjs, "hostname", LogFileMetaGetHost(p, ff));
- json_object_set_new(hjs, "http_refer", LogFileMetaGetReferer(p, ff));
- json_object_set_new(hjs, "http_user_agent", LogFileMetaGetUserAgent(p, ff));
- json_object_set_new(js, "http", hjs);
+ hjs = JsonHttpAddMetadata(p->flow);
+ if (hjs)
+ json_object_set_new(js, "http", hjs);
break;
}
json_t *fjs = json_object();
if (unlikely(fjs == NULL)) {
- json_decref(hjs);
json_decref(js);
return;
}
projects / thirdparty / suricata.git / commitdiff
