return output_ctx;
}
+/**
+ * \brief Create a new LogFileCtx for "fast" output style.
+ * \param conf The configuration node for this output.
+ * \return A LogFileCtx pointer on success, NULL on failure.
+ */
+static OutputCtx *JsonAlertLogInitCtxSub(ConfNode *conf, OutputCtx *parent_ctx)
+{
+ AlertJsonThread *ajt = parent_ctx->data;
+
+ OutputCtx *output_ctx = SCCalloc(1, sizeof(OutputCtx));
+ if (unlikely(output_ctx == NULL))
+ return NULL;
+
+ output_ctx->data = ajt->file_ctx;
+ output_ctx->DeInit = JsonAlertLogDeInitCtx;
+
+ return output_ctx;
+}
+
void TmModuleJsonAlertLogRegister (void) {
tmm_modules[TMM_JSONALERTLOG].name = MODULE_NAME;
tmm_modules[TMM_JSONALERTLOG].ThreadInit = JsonAlertLogThreadInit;
OutputRegisterPacketModule(MODULE_NAME, "alert-json-log",
JsonAlertLogInitCtx, JsonAlertLogger, JsonAlertLogCondition);
+ OutputRegisterPacketSubModule("eve-log", MODULE_NAME, "alert",
+ JsonAlertLogInitCtxSub, JsonAlertLogger, JsonAlertLogCondition);
}
#else
* registration capability
*/
TAILQ_FOREACH(output, &outputs->head, next) {
- if (strcmp(output->val, "alert") == 0) {
- SCLogDebug("Enabling alert output");
- output_flags |= OUTPUT_ALERTS;
- continue;
- }
if (strcmp(output->val, "drop") == 0) {
SCLogDebug("Enabling drop output");
output_flags |= OUTPUT_DROP;
projects / thirdparty / suricata.git / commitdiff
