log/eve: Rename fileinfo alert object to files

This commit changes the name of the "fileinfo" array in the alert object
to "files" to better support legacy use of "fileinfo" in reporting and
elsewhere.

The "fileinfo" event type is not an array while the alert "fileinfo"
member was.

diff --git a/src/output-json-alert.c b/src/output-json-alert.c
index 11454b80fec1eaeac1a98cd106378207b3772fe3..426a44114058ff8883f4f4ecbf248d03fc1bbe95 100644 (file)
--- a/src/output-json-alert.c
+++ b/src/output-json-alert.c
@@ -556,7 +556,7 @@ static void AlertAddFiles(const Packet *p, JsonBuilder *jb, const uint64_t tx_id
             if (tx_id == file->txid) {
                 if (!isopen) {
                     isopen = true;
-                    jb_open_array(jb, "fileinfo");
+                    jb_open_array(jb, "files");
                 }
                 jb_start_object(jb);
                 EveFileInfo(jb, file, file->flags & FILE_STORED);