From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Wed, 16 Sep 2020 12:11:10 +0000 (-0400)
Subject: log/eve: Rename fileinfo alert object to files
X-Git-Tag: suricata-6.0.0~57
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c5ace81a273a96c06aefd6c215ec3d49be965959;p=thirdparty%2Fsuricata.git

log/eve: Rename fileinfo alert object to files

This commit changes the name of the "fileinfo" array in the alert object
to "files" to better support legacy use of "fileinfo" in reporting and
elsewhere.

The "fileinfo" event type is not an array while the alert "fileinfo"
member was.
---

diff --git a/src/output-json-alert.c b/src/output-json-alert.c
index 11454b80fe..426a441140 100644
--- a/src/output-json-alert.c
+++ b/src/output-json-alert.c
@@ -556,7 +556,7 @@ static void AlertAddFiles(const Packet *p, JsonBuilder *jb, const uint64_t tx_id
             if (tx_id == file->txid) {
                 if (!isopen) {
                     isopen = true;
-                    jb_open_array(jb, "fileinfo");
+                    jb_open_array(jb, "files");
                 }
                 jb_start_object(jb);
                 EveFileInfo(jb, file, file->flags & FILE_STORED);