prelude: fix duplicated analyzer in Prelude alert

diff --git a/src/alert-prelude.c b/src/alert-prelude.c
index 00d4e379afdec130172ee075f19587222712f892..dd56a906740f7f074ba661c6ae6709e437bde7e9 100644 (file)
--- a/src/alert-prelude.c
+++ b/src/alert-prelude.c
@@ -1005,6 +1005,7 @@ static int PreludePrintStreamSegmentCallback(const Packet *p, void *data, const
  */
 static TmEcode AlertPreludeThreadInit(ThreadVars *t, const void *initdata, void **data)
 {
+    int ret;
     AlertPreludeThread *aun;
 
     SCEnter();
@@ -1024,7 +1025,8 @@ static TmEcode AlertPreludeThreadInit(ThreadVars *t, const void *initdata, void
     aun->ctx = ((OutputCtx *)initdata)->data;
 
     /* Create a per-thread idmef analyzer */
-    if (unlikely(idmef_analyzer_new(&aun->analyzer) < 0)) {
+    ret = idmef_analyzer_clone(prelude_client_get_analyzer(aun->ctx->client), &aun->analyzer);
+    if (unlikely(ret < 0)) {
         SCLogError(SC_ERR_INITIALIZATION,
                    "Error creating idmef analyzer for Prelude.");
 
@@ -1032,16 +1034,6 @@ static TmEcode AlertPreludeThreadInit(ThreadVars *t, const void *initdata, void
         SCReturnInt(TM_ECODE_FAILED);
     }
 
-    /* Setup the per-thread idmef analyzer */
-    if (unlikely(SetupAnalyzer(aun->analyzer) < 0)) {
-        SCLogError(SC_ERR_INITIALIZATION,
-                   "Error configuring idmef analyzer for Prelude.");
-
-        idmef_analyzer_destroy(aun->analyzer);
-        SCFree(aun);
-        SCReturnInt(TM_ECODE_FAILED);
-    }
-
     *data = (void *)aun;
     SCReturnInt(TM_ECODE_OK);
 }