flow: log action applied to all packets

Log if action applied to whole flow is drop or pass.

diff --git a/src/output-json-flow.c b/src/output-json-flow.c
index 4025480fffff3c4d7d278500b652554d17f24e32..1a999da4df0d32ffcda853e018a75537730e9e50 100644 (file)
--- a/src/output-json-flow.c
+++ b/src/output-json-flow.c
@@ -273,6 +273,12 @@ static void EveFlowLogJSON(OutputJsonThreadCtx *aft, JsonBuilder *jb, Flow *f)
     if (f->flags & FLOW_WRONG_THREAD)
         JB_SET_TRUE(jb, "wrong_thread");
 
+    if (f->flags & FLOW_ACTION_DROP) {
+        JB_SET_STRING(jb, "action", "drop");
+    } else if (f->flags & FLOW_ACTION_PASS) {
+        JB_SET_STRING(jb, "action", "pass");
+    }
+
     /* Close flow. */
     jb_close(jb);