output/json: check 5-tuple values prior to logging
This commit enhances the JSON output by introducing a feature for conditional port logging.
Now, port logging is dependent on the underlying protocol
(such as TCP, UDP, or SCTP), where port information is pertinent, while it
avoids unnecessary logging for protocols where a port is not utilized (e.g. ARP).
Furthermore, this update ensures that IP addresses and the protocol have
meaningful values set, rather than being logged as empty strings.
These changes will make each log entry more precise, eliminating cases where
5-tuple fields are empty or set to zero, indicating the absence of a field.
Backported to address ticket: https://redmine.openinfosecfoundation.org/issues/7460
Ticket: #7460
(cherry picked from commit
a1c6328156ffa1e3d690fa180b0395f9dcd9f52e)
projects / thirdparty / suricata.git / commit
