eve/drop: use highest priority drop

When adding the alert to a drop record make sure the add the highest
priority.

It would until now add all drops from high to low prio, effectively
overwriting the record each time.

Ticket #4397

(cherry picked from commit 398ebf934509a8d27a1c8b858eae061b89d5c44a)

diff --git a/src/output-json-drop.c b/src/output-json-drop.c
index 51e8ad41a4b248c2797200e236f56d67f7950c0a..b7438d81cafd3dfed2d045662dfe372bf625881b 100644 (file)
--- a/src/output-json-drop.c
+++ b/src/output-json-drop.c
@@ -162,6 +162,7 @@ static int DropLogJSON (JsonDropLogThread *aft, const Packet *p)
             {
                 AlertJsonHeader(NULL, p, pa, js, 0);
                 logged = 1;
+                break;
             }
         }
         if (logged == 0) {