From: Victor Julien <victor@inliniac.net>
Date: Tue, 26 May 2015 11:51:38 +0000 (+0200)
Subject: log-stats: make global/threads logging configurable
X-Git-Tag: suricata-3.0RC1~368
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3fab736539be109d5b6426061e1f75daebe52265;p=thirdparty%2Fsuricata.git

log-stats: make global/threads logging configurable
---

diff --git a/src/log-stats.c b/src/log-stats.c
index cd35d57800..d7c050b2c5 100644
--- a/src/log-stats.c
+++ b/src/log-stats.c
@@ -49,6 +49,9 @@
 #define MODULE_NAME "LogStatsLog"
 #define OUTPUT_BUFFER_SIZE 16384
 
+#define LOG_STATS_TOTALS  (1<<0)
+#define LOG_STATS_THREADS (1<<1)
+
 TmEcode LogStatsLogThreadInit(ThreadVars *, void *, void **);
 TmEcode LogStatsLogThreadDeinit(ThreadVars *, void *);
 void LogStatsLogExitPrintStats(ThreadVars *, void *);
@@ -100,25 +103,27 @@ int LogStatsLogger(ThreadVars *tv, void *thread_data, const StatsTable *st)
 
     /* global stats */
     uint32_t u = 0;
-    for (u = 0; u < st->nstats; u++) {
-        if (st->stats[u].name == NULL)
-            continue;
-
-        char line[1024];
-        size_t len = snprintf(line, sizeof(line), "%-25s | %-25s | %-" PRIu64 "\n",
-                  st->stats[u].name, st->stats[u].tm_name, st->stats[u].value);
-
-        /* since we can have many threads, the buffer might not be big enough.
-         * Expand if necessary. */
-        if (MEMBUFFER_OFFSET(aft->buffer) + len > MEMBUFFER_SIZE(aft->buffer)) {
-            MemBufferExpand(&aft->buffer, OUTPUT_BUFFER_SIZE);
-        }
+    if (aft->statslog_ctx->flags & LOG_STATS_TOTALS) {
+        for (u = 0; u < st->nstats; u++) {
+            if (st->stats[u].name == NULL)
+                continue;
+
+            char line[1024];
+            size_t len = snprintf(line, sizeof(line), "%-25s | %-25s | %-" PRIu64 "\n",
+                    st->stats[u].name, st->stats[u].tm_name, st->stats[u].value);
+
+            /* since we can have many threads, the buffer might not be big enough.
+             * Expand if necessary. */
+            if (MEMBUFFER_OFFSET(aft->buffer) + len > MEMBUFFER_SIZE(aft->buffer)) {
+                MemBufferExpand(&aft->buffer, OUTPUT_BUFFER_SIZE);
+            }
 
-        MemBufferWriteString(aft->buffer, "%s", line);
+            MemBufferWriteString(aft->buffer, "%s", line);
+        }
     }
 
     /* per thread stats */
-    if (st->tstats != NULL) {
+    if (st->tstats != NULL && aft->statslog_ctx->flags & LOG_STATS_THREADS) {
         /* for each thread (store) */
         uint32_t x;
         for (x = 0; x < st->ntstats; x++) {
@@ -228,6 +233,22 @@ OutputCtx *LogStatsLogInitCtx(ConfNode *conf)
     }
     memset(statslog_ctx, 0x00, sizeof(LogStatsFileCtx));
 
+    statslog_ctx->flags = LOG_STATS_TOTALS;
+
+    if (conf != NULL) {
+        const char *totals = ConfNodeLookupChildValue(conf, "totals");
+        const char *threads = ConfNodeLookupChildValue(conf, "threads");
+        SCLogDebug("totals %s threads %s", totals, threads);
+
+        if (totals != NULL && ConfValIsFalse(totals)) {
+            statslog_ctx->flags &= ~LOG_STATS_TOTALS;
+        }
+        if (threads != NULL && ConfValIsTrue(threads)) {
+            statslog_ctx->flags |= LOG_STATS_THREADS;
+        }
+        SCLogDebug("statslog_ctx->flags %08x", statslog_ctx->flags);
+    }
+
     statslog_ctx->file_ctx = file_ctx;
 
     OutputCtx *output_ctx = SCCalloc(1, sizeof(OutputCtx));
diff --git a/suricata.yaml.in b/suricata.yaml.in
index f2e9a18533..5942494b7e 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -274,6 +274,8 @@ outputs:
   - stats:
       enabled: yes
       filename: stats.log
+      totals: yes       # stats for all threads merged together
+      threads: no       # per thread stats
 
   # a line based alerts log similar to fast.log into syslog
   - syslog: