eve: log max regions

diff --git a/etc/schema.json b/etc/schema.json
index 962161d301e8de2b3c45638991901e99c4c921b0..445f891da9907d06af2ffc24fd73fe9bf6d0137e 100644 (file)
--- a/etc/schema.json
+++ b/etc/schema.json
@@ -5285,6 +5285,9 @@
                 "tc_gap": {
                     "type": "boolean"
                 },
+                "tc_max_regions": {
+                    "type": "integer"
+                },
                 "tcp_flags": {
                     "type": "string"
                 },
@@ -5297,6 +5300,9 @@
                 "ts_gap": {
                     "type": "boolean"
                 },
+                "ts_max_regions": {
+                    "type": "integer"
+                },
                 "urg": {
                     "type": "boolean"
                 }

diff --git a/src/output-json-flow.c b/src/output-json-flow.c
index 464f66ee572983faba459f1ee70af6f746f66955..d8e4f209622dfdd5454c37b268a6a0e39ecb0c98 100644 (file)
--- a/src/output-json-flow.c
+++ b/src/output-json-flow.c
@@ -313,6 +313,9 @@ static void EveFlowLogJSON(OutputJsonThreadCtx *aft, JsonBuilder *jb, Flow *f)
             if (FlowHasGaps(f, STREAM_TOSERVER)) {
                 JB_SET_TRUE(jb, "ts_gap");
             }
+
+            jb_set_uint(jb, "ts_max_regions", ssn->client.sb.max_regions);
+            jb_set_uint(jb, "tc_max_regions", ssn->server.sb.max_regions);
         }
 
         /* Close tcp. */