From: Juliana Fajardini <jufajardini@gmail.com>
Date: Mon, 17 Feb 2025 19:50:38 +0000 (-0300)
Subject: pgsql/logger: don't log empty transactions
X-Git-Tag: suricata-8.0.0-beta1~405
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a4ce9cfe1526b8d6f4efed5de7e2320dbbb9dd32;p=thirdparty%2Fsuricata.git

pgsql/logger: don't log empty transactions

This may happen in some situations if the app-layer parser only sees
unknown messages and sets an event: there will be an empty transaction,
but nothing to log.

Related to
Task #5566
---

diff --git a/rust/src/pgsql/logger.rs b/rust/src/pgsql/logger.rs
index 9d78ffdc31..edf87e4ec4 100644
--- a/rust/src/pgsql/logger.rs
+++ b/rust/src/pgsql/logger.rs
@@ -33,9 +33,8 @@ fn log_pgsql(tx: &PgsqlTransaction, flags: u32, js: &mut JsonBuilder) -> Result<
         js.set_object("request", &log_request(request, flags)?)?;
     } else if tx.responses.is_empty() {
         SCLogDebug!("Suricata created an empty PGSQL transaction");
-        // TODO Log anomaly event instead?
-        js.set_bool("request", false)?;
-        js.set_bool("response", false)?;
+        // TODO Log anomaly event?
+        // if there are no transactions, there's nothing more to be logged
         js.close()?;
         return Ok(());
     }