suricata
Data Structures | Macros | Typedefs | Functions
output-json-anomaly.c File Reference
#include "suricata-common.h"
#include "detect.h"
#include "flow.h"
#include "conf.h"
#include "app-layer.h"
#include "app-layer-events.h"
#include "app-layer-parser.h"
#include "threads.h"
#include "tm-threads.h"
#include "threadvars.h"
#include "util-debug.h"
#include "util-misc.h"
#include "detect-parse.h"
#include "detect-engine.h"
#include "util-logopenfile.h"
#include "output.h"
#include "output-json.h"
#include "output-json-anomaly.h"
#include "util-byte.h"
#include "util-enum.h"
#include "util-privs.h"
#include "util-print.h"
#include "util-proto-name.h"
#include "util-optimize.h"
#include "util-buffer.h"
#include "util-validate.h"
Include dependency graph for output-json-anomaly.c:

Go to the source code of this file.

Data Structures

struct  AnomalyJsonOutputCtx_
 
struct  JsonAnomalyLogThread_
 

Macros

#define MODULE_NAME   "JsonAnomalyLog"
 
#define ANOMALY_EVENT_TYPE   "anomaly"
 
#define LOG_JSON_DECODE_TYPE   BIT_U16(0)
 
#define LOG_JSON_STREAM_TYPE   BIT_U16(1)
 
#define LOG_JSON_APPLAYER_TYPE   BIT_U16(2)
 
#define LOG_JSON_PACKETHDR   BIT_U16(3)
 
#define LOG_JSON_PACKET_TYPE   (LOG_JSON_DECODE_TYPE | LOG_JSON_STREAM_TYPE)
 
#define ANOMALY_DEFAULTS   LOG_JSON_APPLAYER_TYPE
 
#define TX_ID_UNUSED   UINT64_MAX
 
#define MAX_ANOMALY_LOGGERS   1
 

Typedefs

typedef struct AnomalyJsonOutputCtx_ AnomalyJsonOutputCtx
 
typedef struct JsonAnomalyLogThread_ JsonAnomalyLogThread
 

Functions

void JsonAnomalyLogRegister (void)
 

Detailed Description

Author
Jeff Lucovsky jeff@.nosp@m.luco.nosp@m.vsky..nosp@m.org

Logs anomalies in JSON format.

Definition in file output-json-anomaly.c.

Macro Definition Documentation

◆ ANOMALY_DEFAULTS

#define ANOMALY_DEFAULTS   LOG_JSON_APPLAYER_TYPE

Definition at line 69 of file output-json-anomaly.c.

◆ ANOMALY_EVENT_TYPE

#define ANOMALY_EVENT_TYPE   "anomaly"

Definition at line 62 of file output-json-anomaly.c.

◆ LOG_JSON_APPLAYER_TYPE

#define LOG_JSON_APPLAYER_TYPE   BIT_U16(2)

Definition at line 65 of file output-json-anomaly.c.

◆ LOG_JSON_DECODE_TYPE

#define LOG_JSON_DECODE_TYPE   BIT_U16(0)

Definition at line 63 of file output-json-anomaly.c.

◆ LOG_JSON_PACKET_TYPE

#define LOG_JSON_PACKET_TYPE   (LOG_JSON_DECODE_TYPE | LOG_JSON_STREAM_TYPE)

Definition at line 68 of file output-json-anomaly.c.

◆ LOG_JSON_PACKETHDR

#define LOG_JSON_PACKETHDR   BIT_U16(3)

Definition at line 66 of file output-json-anomaly.c.

◆ LOG_JSON_STREAM_TYPE

#define LOG_JSON_STREAM_TYPE   BIT_U16(1)

Definition at line 64 of file output-json-anomaly.c.

◆ MAX_ANOMALY_LOGGERS

#define MAX_ANOMALY_LOGGERS   1

Definition at line 87 of file output-json-anomaly.c.

◆ MODULE_NAME

#define MODULE_NAME   "JsonAnomalyLog"

Definition at line 60 of file output-json-anomaly.c.

◆ TX_ID_UNUSED

#define TX_ID_UNUSED   UINT64_MAX

Definition at line 71 of file output-json-anomaly.c.

Typedef Documentation

◆ AnomalyJsonOutputCtx

typedef struct AnomalyJsonOutputCtx_ AnomalyJsonOutputCtx

◆ JsonAnomalyLogThread

typedef struct JsonAnomalyLogThread_ JsonAnomalyLogThread

Function Documentation

◆ JsonAnomalyLogRegister()

void JsonAnomalyLogRegister ( void  )

Definition at line 456 of file output-json-anomaly.c.

References OutputPacketLoggerFunctions_::LogFunc.