37 static void DumpFp(
const SigMatch *sm,
char *pat_orig, uint32_t pat_orig_sz,
char *pat_chop, uint32_t pat_chop_sz)
39 int fast_pattern_chop_set = 0;
44 fast_pattern_chop_set = 1;
51 if (fast_pattern_chop_set) {
65 json_t *ir = json_object();
69 json_object_set_new(ir,
"rule_group_id", json_integer(sgh->
id));
70 json_object_set_new(ir,
"rule_cnt", json_integer(det_ctx->
match_array_cnt));
72 json_t *js_array = json_array();
80 json_t *js_sig = json_object();
83 json_object_set_new(js_sig,
"sig_id", json_integer(s->
id));
85 json_object_set_new(js_sig,
"mpm", (s->mpm_sm != NULL) ? json_true() : json_false());
87 if (s->mpm_sm != NULL) {
91 DumpFp(s->mpm_sm, orig,
sizeof(orig), chop,
sizeof(chop));
94 json_object_set_new(js_sig,
"mpm_pattern", json_string(orig));
96 if (strlen(chop) > 0) {
97 json_object_set_new(js_sig,
"mpm_pattern_chop", json_string(chop));
101 json_array_append_new(js_array, js_sig);
104 json_object_set_new(ir,
"rules", js_array);
105 json_object_set_new(js,
"inspectedrules", ir);
107 const char *filename =
"packet_inspected_rules.json";
109 char log_path[PATH_MAX] =
"";
110 snprintf(log_path,
sizeof(log_path),
"%s/%s", log_dir, filename);
122 JSON_PRESERVE_ORDER|JSON_COMPACT|JSON_ENSURE_ASCII|
129 FILE *fp = fopen(log_path,
"a");
138 json_object_clear(js);
MemBuffer * MemBufferCreateNew(uint32_t size)
json_t * CreateJSONHeader(const Packet *p, enum OutputJsonLogDirection dir, const char *event_type)
#define MemBufferWriteString(dst,...)
Write a string buffer to the Membuffer dst.
void RulesDumpMatchArray(const DetectEngineThreadCtx *det_ctx, const SigGroupHead *sgh, const Packet *p)
#define DETECT_CONTENT_FAST_PATTERN
Container for matching data for a signature group.
#define SCMutexUnlock(mut)
#define SCMUTEX_INITIALIZER
#define MemBufferPrintToFPAsString(mem_buffer, fp)
Write a buffer to the file pointer as a printable char string.
#define SCLogWarning(err_code,...)
Macro used to log WARNING messages.
int OutputJSONMemBufferCallback(const char *str, size_t size, void *data)
void PrintRawUriBuf(char *retbuf, uint32_t *offset, uint32_t retbuflen, uint8_t *buf, uint32_t buflen)
const char * ConfigGetLogDirectory()
#define JSON_ESCAPE_SLASH
const char * DetectListToHumanString(int list)
#define DETECT_CONTENT_FAST_PATTERN_CHOP
SCMutex g_rule_dump_write_m
int SigMatchListSMBelongsTo(const Signature *s, const SigMatch *key_sm)
a single match condition for a signature
void MemBufferFree(MemBuffer *buffer)