From: Victor Julien <vjulien@oisf.net>
Date: Sat, 7 Jan 2023 09:48:19 +0000 (+0100)
Subject: eve: log max regions
X-Git-Tag: suricata-7.0.0-rc1~149
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=96dfd65b96d0e433abb243ee5d3c96359445eb52;p=thirdparty%2Fsuricata.git

eve: log max regions
---

diff --git a/etc/schema.json b/etc/schema.json
index 962161d301..445f891da9 100644
--- a/etc/schema.json
+++ b/etc/schema.json
@@ -5285,6 +5285,9 @@
                 "tc_gap": {
                     "type": "boolean"
                 },
+                "tc_max_regions": {
+                    "type": "integer"
+                },
                 "tcp_flags": {
                     "type": "string"
                 },
@@ -5297,6 +5300,9 @@
                 "ts_gap": {
                     "type": "boolean"
                 },
+                "ts_max_regions": {
+                    "type": "integer"
+                },
                 "urg": {
                     "type": "boolean"
                 }
diff --git a/src/output-json-flow.c b/src/output-json-flow.c
index 464f66ee57..d8e4f20962 100644
--- a/src/output-json-flow.c
+++ b/src/output-json-flow.c
@@ -313,6 +313,9 @@ static void EveFlowLogJSON(OutputJsonThreadCtx *aft, JsonBuilder *jb, Flow *f)
             if (FlowHasGaps(f, STREAM_TOSERVER)) {
                 JB_SET_TRUE(jb, "ts_gap");
             }
+
+            jb_set_uint(jb, "ts_max_regions", ssn->client.sb.max_regions);
+            jb_set_uint(jb, "tc_max_regions", ssn->server.sb.max_regions);
         }
 
         /* Close tcp. */