From 9a09fe454b846dd2cd42adaa4b569314ad083bdb Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Fri, 10 Sep 2021 14:07:49 +0200
Subject: [PATCH] flow: log action applied to all packets

Log if action applied to whole flow is drop or pass.
---
 src/output-json-flow.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/output-json-flow.c b/src/output-json-flow.c
index 4025480fff..1a999da4df 100644
--- a/src/output-json-flow.c
+++ b/src/output-json-flow.c
@@ -273,6 +273,12 @@ static void EveFlowLogJSON(OutputJsonThreadCtx *aft, JsonBuilder *jb, Flow *f)
     if (f->flags & FLOW_WRONG_THREAD)
         JB_SET_TRUE(jb, "wrong_thread");
 
+    if (f->flags & FLOW_ACTION_DROP) {
+        JB_SET_STRING(jb, "action", "drop");
+    } else if (f->flags & FLOW_ACTION_PASS) {
+        JB_SET_STRING(jb, "action", "pass");
+    }
+
     /* Close flow. */
     jb_close(jb);
 
-- 
2.47.2