From: Eric Leblond <el@stamus-networks.com>
Date: Wed, 19 Jan 2022 13:56:06 +0000 (+0100)
Subject: eve/smb: add tx_id to event
X-Git-Tag: suricata-8.0.0-rc1~459
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=db110783151ee253772fbcec1a07d88ee3a8ab8c;p=thirdparty%2Fsuricata.git

eve/smb: add tx_id to event

As SMB protocol is using heavily transactions, getting the transaction
ID in SMB events can be really useful for automated analysis.
---

diff --git a/src/output-json-smb.c b/src/output-json-smb.c
index 528df3d539..a2fe47a71b 100644
--- a/src/output-json-smb.c
+++ b/src/output-json-smb.c
@@ -64,7 +64,8 @@ static int JsonSMBLogger(ThreadVars *tv, void *thread_data,
 {
     LogSmbLogThread *thread = thread_data;
 
-    SCJsonBuilder *jb = CreateEveHeader(p, LOG_DIR_FLOW, "smb", NULL, thread->ctx->ctx);
+    SCJsonBuilder *jb =
+            CreateEveHeaderWithTxId(p, LOG_DIR_FLOW, "smb", NULL, tx_id, thread->ctx->ctx);
     if (unlikely(jb == NULL)) {
         return TM_ECODE_FAILED;
     }