From: Eric Leblond Date: Thu, 17 Sep 2015 08:28:08 +0000 (+0200) Subject: util-logopenfile: move sensor_name to filectx X-Git-Tag: suricata-3.0RC1~42 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2ea4bbc4921cd6a34824e8ee54d56370577a5160;p=thirdparty%2Fsuricata.git util-logopenfile: move sensor_name to filectx We will now output the sensor name independantly of the output method if it is set in the YAML file. In the case of redis we are using the hostname value if unset. --- diff --git a/src/output-json.c b/src/output-json.c index a4364d2d9d..f80120d47e 100644 --- a/src/output-json.c +++ b/src/output-json.c @@ -339,12 +339,10 @@ int OutputJSONBuffer(json_t *js, LogFileCtx *file_ctx, MemBuffer *buffer) { char *js_s = NULL; -#ifdef HAVE_LIBHIREDIS - if (file_ctx->type == LOGFILE_TYPE_REDIS) { + if (file_ctx->sensor_name) { json_object_set_new(js, "host", - json_string(file_ctx->redis_setup.sensor_name)); + json_string(file_ctx->sensor_name)); } -#endif js_s = json_dumps(js, JSON_PRESERVE_ORDER|JSON_COMPACT|JSON_ENSURE_ASCII| @@ -416,6 +414,9 @@ void OutputJsonExitPrintStats(ThreadVars *tv, void *data) OutputCtx *OutputJsonInitCtx(ConfNode *conf) { OutputJsonCtx *json_ctx = SCCalloc(1, sizeof(OutputJsonCtx));; + + const char *sensor_name = ConfNodeLookupChildValue(conf, "sensor-name"); + if (unlikely(json_ctx == NULL)) { SCLogDebug("AlertJsonInitCtx: Could not create new LogFileCtx"); return NULL; @@ -428,6 +429,17 @@ OutputCtx *OutputJsonInitCtx(ConfNode *conf) return NULL; } + if (sensor_name) { + json_ctx->file_ctx->sensor_name = SCStrdup(sensor_name); + if (json_ctx->file_ctx->sensor_name == NULL) { + LogFileFreeCtx(json_ctx->file_ctx); + SCFree(json_ctx); + return NULL; + } + } else { + json_ctx->file_ctx->sensor_name = NULL; + } + OutputCtx *output_ctx = SCCalloc(1, sizeof(OutputCtx)); if (unlikely(output_ctx == NULL)) { LogFileFreeCtx(json_ctx->file_ctx); @@ -539,14 +551,12 @@ OutputCtx *OutputJsonInitCtx(ConfNode *conf) #ifdef HAVE_LIBHIREDIS else if (json_ctx->json_out == LOGFILE_TYPE_REDIS) { ConfNode *redis_node = ConfNodeLookupChild(conf, "redis"); - const char *sensor_name = ConfNodeLookupChildValue(conf, "sensor-name"); - if (!sensor_name) { + if (!json_ctx->file_ctx->sensor_name) { char hostname[1024]; gethostname(hostname, 1023); - sensor_name = hostname; + json_ctx->file_ctx->sensor_name = SCStrdup(hostname); } - json_ctx->file_ctx->redis_setup.sensor_name = SCStrdup(sensor_name); - if (json_ctx->file_ctx->redis_setup.sensor_name == NULL) { + if (json_ctx->file_ctx->sensor_name == NULL) { LogFileFreeCtx(json_ctx->file_ctx); SCFree(json_ctx); SCFree(output_ctx); diff --git a/src/util-logopenfile.c b/src/util-logopenfile.c index 159c57eb52..cce748e84a 100644 --- a/src/util-logopenfile.c +++ b/src/util-logopenfile.c @@ -513,8 +513,6 @@ int LogFileFreeCtx(LogFileCtx *lf_ctx) SCFree(lf_ctx->redis_setup.command); if (lf_ctx->redis_setup.key) SCFree(lf_ctx->redis_setup.key); - if (lf_ctx->redis_setup.sensor_name) - SCFree(lf_ctx->redis_setup.sensor_name); } #endif @@ -526,6 +524,9 @@ int LogFileFreeCtx(LogFileCtx *lf_ctx) if(lf_ctx->filename != NULL) SCFree(lf_ctx->filename); + if (lf_ctx->sensor_name) + SCFree(lf_ctx->sensor_name); + OutputUnregisterFileRotationFlag(&lf_ctx->rotation_flag); SCFree(lf_ctx); diff --git a/src/util-logopenfile.h b/src/util-logopenfile.h index 167286d4bf..06175b2b09 100644 --- a/src/util-logopenfile.h +++ b/src/util-logopenfile.h @@ -53,7 +53,6 @@ typedef struct RedisSetup_ { enum RedisMode mode; char *command; char *key; - char *sensor_name; int batch_size; int batch_count; char *server; @@ -92,6 +91,9 @@ typedef struct LogFileCtx_ { /** The name of the file */ char *filename; + /** Suricata sensor name */ + char *sensor_name; + /** Handle auto-connecting / reconnecting sockets */ int is_sock; int sock_type;