From 36fde7df428aeaab7f089c744753778fd7685a91 Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Sun, 8 Nov 2015 09:55:00 +0100
Subject: [PATCH] stats log: suppress 0 counters by default

---
 src/log-stats.c  | 8 ++++++++
 suricata.yaml.in | 1 +
 2 files changed, 9 insertions(+)

diff --git a/src/log-stats.c b/src/log-stats.c
index 5fcb1c9f62..385dec2bb4 100644
--- a/src/log-stats.c
+++ b/src/log-stats.c
@@ -51,6 +51,7 @@
 
 #define LOG_STATS_TOTALS  (1<<0)
 #define LOG_STATS_THREADS (1<<1)
+#define LOG_STATS_NULLS   (1<<2)
 
 TmEcode LogStatsLogThreadInit(ThreadVars *, void *, void **);
 TmEcode LogStatsLogThreadDeinit(ThreadVars *, void *);
@@ -108,6 +109,9 @@ int LogStatsLogger(ThreadVars *tv, void *thread_data, const StatsTable *st)
             if (st->stats[u].name == NULL)
                 continue;
 
+            if (!(aft->statslog_ctx->flags & LOG_STATS_NULLS) && st->stats[u].value == 0)
+                continue;
+
             char line[1024];
             size_t len = snprintf(line, sizeof(line), "%-25s | %-25s | %-" PRIu64 "\n",
                     st->stats[u].name, st->stats[u].tm_name, st->stats[u].value);
@@ -238,6 +242,7 @@ OutputCtx *LogStatsLogInitCtx(ConfNode *conf)
     if (conf != NULL) {
         const char *totals = ConfNodeLookupChildValue(conf, "totals");
         const char *threads = ConfNodeLookupChildValue(conf, "threads");
+        const char *nulls = ConfNodeLookupChildValue(conf, "null-values");
         SCLogDebug("totals %s threads %s", totals, threads);
 
         if (totals != NULL && ConfValIsFalse(totals)) {
@@ -246,6 +251,9 @@ OutputCtx *LogStatsLogInitCtx(ConfNode *conf)
         if (threads != NULL && ConfValIsTrue(threads)) {
             statslog_ctx->flags |= LOG_STATS_THREADS;
         }
+        if (nulls != NULL && ConfValIsTrue(nulls)) {
+            statslog_ctx->flags |= LOG_STATS_NULLS;
+        }
         SCLogDebug("statslog_ctx->flags %08x", statslog_ctx->flags);
     }
 
diff --git a/suricata.yaml.in b/suricata.yaml.in
index a612fb25de..67abc18a6a 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -315,6 +315,7 @@ outputs:
       filename: stats.log
       totals: yes       # stats for all threads merged together
       threads: no       # per thread stats
+      #null-values: yes  # print counters that have value 0
 
   # a line based alerts log similar to fast.log into syslog
   - syslog:
-- 
2.47.2