}
/** Use the Ouptut Context (file pointer and mutex) */
- aft->file_ctx = ((OutputCtx *)initdata)->data;
+ OutputJsonCtx *json_ctx = ((OutputCtx *)initdata)->data;
+ if (json_ctx != NULL) {
+ aft->file_ctx = json_ctx->file_ctx;
+ aft->http_ctx = json_ctx->http_ctx;
+ }
*data = (void *)aft;
return TM_ECODE_OK;
*/
OutputCtx *AlertJsonInitCtx(ConfNode *conf)
{
- LogFileCtx *logfile_ctx = LogFileNewCtx();
- if (logfile_ctx == NULL) {
+ OutputJsonCtx *json_ctx = SCCalloc(1, sizeof(OutputJsonCtx));;
+ if (unlikely(json_ctx == NULL)) {
SCLogDebug("AlertJsonInitCtx: Could not create new LogFileCtx");
return NULL;
}
+ json_ctx->file_ctx = LogFileNewCtx();
+ if (unlikely(json_ctx->file_ctx == NULL)) {
+ SCLogDebug("AlertJsonInitCtx: Could not create new LogFileCtx");
+ SCFree(json_ctx);
+ return NULL;
+ }
OutputCtx *output_ctx = SCCalloc(1, sizeof(OutputCtx));
if (unlikely(output_ctx == NULL))
return NULL;
- output_ctx->data = logfile_ctx;
+
+ output_ctx->data = json_ctx;
output_ctx->DeInit = AlertJsonDeInitCtx;
if (conf) {
if (json_out == ALERT_FILE) {
- if (SCConfLogOpenGeneric(conf, logfile_ctx, DEFAULT_LOG_FILENAME) < 0) {
- LogFileFreeCtx(logfile_ctx);
+ if (SCConfLogOpenGeneric(conf, json_ctx->file_ctx, DEFAULT_LOG_FILENAME) < 0) {
+ LogFileFreeCtx(json_ctx->file_ctx);
return NULL;
}
}
if (strcmp(output->val, "http") == 0) {
SCLogDebug("Enabling HTTP output");
- outputFlags |= OUTPUT_HTTP;
+ /* Yuck. there has to be a better way */
+ ConfNode *child = ConfNodeLookupChild(output, "http");
+ if (child) {
+ json_ctx->http_ctx = OutputHttpLogInit(child);
+ if (json_ctx->http_ctx != NULL)
+ outputFlags |= OUTPUT_HTTP;
+ } else {
+ outputFlags |= OUTPUT_HTTP;
+ }
continue;
}
}
static void AlertJsonDeInitCtx(OutputCtx *output_ctx)
{
- LogFileCtx *logfile_ctx = (LogFileCtx *)output_ctx->data;
+ OutputJsonCtx *json_ctx = (OutputJsonCtx *)output_ctx->data;
+ LogFileCtx *logfile_ctx = json_ctx->file_ctx;
LogFileFreeCtx(logfile_ctx);
SCFree(output_ctx);
}
char data[LOG_HTTP_NODE_STRLEN]; /** optional data. ie: http header name */
} LogHttpCustomFormatNode;
+#if 1
+typedef struct OutputHttpCtx_ {
+ uint32_t flags; /** Store mode */
+} OutputHttpCtx;
+#else
typedef struct LogHttpFileCtx_ {
LogFileCtx *file_ctx;
uint32_t flags; /** Store mode */
uint32_t cf_n; /** Total number of custom string format nodes */
LogHttpCustomFormatNode *cf_nodes[LOG_HTTP_MAXN_NODES]; /** Custom format string nodes */
} LogHttpFileCtx;
+#endif
#define LOG_HTTP_DEFAULT 0
#define LOG_HTTP_EXTENDED 1
#define LOG_HTTP_CUSTOM 2
-#define LOG_HTTP_JSON_SYSLOG 8 /* JSON output via syslog */
+#if 0
typedef struct LogHttpLogThread_ {
LogHttpFileCtx *httplog_ctx;
/** LogFileCtx has the pointer to the file and a mutex to allow multithreading */
MemBuffer *buffer;
} LogHttpLogThread;
+#endif
/* Retrieves the selected cookie value */
static uint32_t GetCookieValue(uint8_t *rawcookies, uint32_t rawcookies_len, char *cookiename,
#endif
}
-#ifdef HAVE_LIBJANSSON
/* JSON format logging */
static void LogHttpLogJSON(AlertJsonThread *aft, json_t *js, htp_tx_t *tx /*, char * timebuf,
char *srcip, Port sp, char *dstip, Port dp,
char *proto*/)
{
+ //OutputHttpCtx *http_ctx = aft->http_ctx;
+ OutputHttpCtx *http_ctx = aft->http_ctx->data;
json_t *hjs = json_object();
if (hjs == NULL) {
free(js);
if (c) free(c);
}
- if (aft->http_flags & LOG_HTTP_EXTENDED) {
+ if (http_ctx->flags & LOG_HTTP_EXTENDED) {
/* referer */
htp_header_t *h_referer = NULL;
if (tx->request_headers != NULL) {
json_object_set_new(js, "http", hjs);
}
-#endif
+#if 0
static void LogHttpLogExtended(LogHttpLogThread *aft, htp_tx_t *tx)
{
MemBufferWriteString(aft->buffer, " [**] ");
/* length */
MemBufferWriteString(aft->buffer, " [**] %"PRIuMAX" bytes", (uintmax_t)tx->response_message_len);
}
+#endif
static TmEcode HttpJsonIPWrapper(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq,
PacketQueue *postpq/*, int ipproto*/)
int tx_progress_done_value_tc = 0;
AlertJsonThread *aft = (AlertJsonThread *)data;
MemBuffer *buffer = (MemBuffer *)aft->buffer;
+ OutputHttpCtx *http_ctx = aft->http_ctx->data;
/* no flow, no htp state */
if (p->flow == NULL) {
/* reset */
MemBufferReset(buffer);
- if (aft->http_flags & LOG_HTTP_CUSTOM) {
+ //if (aft->http_flags & LOG_HTTP_CUSTOM) {
+ if (http_ctx->flags & LOG_HTTP_CUSTOM) {
LogHttpLogJSONCustom(aft, js, tx, &p->ts/*, srcip, sp, dstip, dp*/);
} else {
LogHttpLogJSON(aft, js, tx /*, timebuf, srcip, sp, dstip, dp, proto_s*/);
HttpJsonIPWrapper(tv, p, data, pq, postpq);
SCReturnInt(TM_ECODE_OK);
}
+
+OutputCtx *OutputHttpLogInit(ConfNode *conf)
+{
+ OutputHttpCtx *http_ctx = SCMalloc(sizeof(OutputHttpCtx));
+ if (unlikely(http_ctx == NULL))
+ return NULL;
+
+ OutputCtx *output_ctx = SCCalloc(1, sizeof(OutputCtx));
+ if (unlikely(output_ctx == NULL))
+ return NULL;
+
+ const char *extended = ConfNodeLookupChildValue(conf, "extended");
+
+ http_ctx->flags = LOG_HTTP_DEFAULT;
+
+ if (extended != NULL) {
+ if (ConfValIsTrue(extended)) {
+ http_ctx->flags = LOG_HTTP_EXTENDED;
+ }
+ }
+ output_ctx->data = http_ctx;
+ output_ctx->DeInit = NULL;
+
+ return output_ctx;
+}
+
#endif
/**
* \file
*
- * \author Victor Julien <victor@inliniac.net>
+ * \author Tom DeCanio <td@npulsetech.com>
*/
#ifndef __OUTPUT_HTTPLOG_H__
#define __OUTPUT_HTTPLOG_H__
+
TmEcode OutputHttpLog (ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, PacketQueue *postpq);
-void TmModuleHttpJsonRegister (void);
-void TmModuleHttpJsonIPv4Register (void);
-void TmModuleHttpJsonIPv6Register (void);
-OutputCtx *HttpJsonInitCtx(ConfNode *);
+//void TmModuleHttpJsonRegister (void);
+//void TmModuleHttpJsonIPv4Register (void);
+//void TmModuleHttpJsonIPv6Register (void);
+//OutputCtx *HttpJsonInitCtx(ConfNode *);
+OutputCtx *OutputHttpLogInit(ConfNode *);
#endif /* __OUTPUT_HTTPLOG_H__ */
+
projects / thirdparty / suricata.git / commitdiff
