suricata
Data Structures | Typedefs | Functions
output-json-file.c File Reference
#include "suricata-common.h"
#include "detect.h"
#include "pkt-var.h"
#include "conf.h"
#include "threadvars.h"
#include "tm-modules.h"
#include "threads.h"
#include "app-layer-parser.h"
#include "detect-filemagic.h"
#include "stream.h"
#include "util-print.h"
#include "util-unittest.h"
#include "util-privs.h"
#include "util-debug.h"
#include "util-atomic.h"
#include "util-file.h"
#include "util-time.h"
#include "util-buffer.h"
#include "util-byte.h"
#include "util-validate.h"
#include "util-logopenfile.h"
#include "output.h"
#include "output-json.h"
#include "output-json-file.h"
#include "output-json-http.h"
#include "output-json-smtp.h"
#include "output-json-email-common.h"
#include "output-json-nfs.h"
#include "output-json-smb.h"
#include "output-json-http2.h"
#include "app-layer-htp.h"
#include "app-layer-htp-xff.h"
#include "util-memcmp.h"
#include "stream-tcp-reassemble.h"
Include dependency graph for output-json-file.c:

Go to the source code of this file.

Data Structures

struct  OutputFileCtx_
 
struct  JsonFileLogThread_
 

Typedefs

typedef struct OutputFileCtx_ OutputFileCtx
 
typedef struct JsonFileLogThread_ JsonFileLogThread
 

Functions

JsonBuilder * JsonBuildFileInfoRecord (const Packet *p, const File *ff, void *tx, const uint64_t tx_id, const bool stored, uint8_t dir, HttpXFFCfg *xff_cfg, OutputJsonCtx *eve_ctx)
 
void JsonFileLogRegister (void)
 

Detailed Description

Author
Tom DeCanio td@np.nosp@m.ulse.nosp@m.tech..nosp@m.com

Log files we track.

Definition in file output-json-file.c.

Typedef Documentation

◆ JsonFileLogThread

typedef struct JsonFileLogThread_ JsonFileLogThread

◆ OutputFileCtx

typedef struct OutputFileCtx_ OutputFileCtx

Function Documentation

◆ JsonBuildFileInfoRecord()

JsonBuilder* JsonBuildFileInfoRecord ( const Packet p,
const File ff,
void *  tx,
const uint64_t  tx_id,
const bool  stored,
uint8_t  dir,
HttpXFFCfg xff_cfg,
OutputJsonCtx eve_ctx 
)

Definition at line 83 of file output-json-file.c.

References Flow_::alproto, ALPROTO_HTTP1, ALPROTO_HTTP2, ALPROTO_NFS, ALPROTO_SMB, ALPROTO_SMTP, AppProtoToString(), CreateEveHeader(), DEBUG_VALIDATE_BUG_ON, JsonAddrInfo_::dst_ip, EveEmailAddMetadata(), EveFileInfo(), EveHTTP2AddMetadata(), EveHttpAddMetadata(), EveNFSAddMetadata(), EveNFSAddMetadataRPC(), EveSMBAddMetadata(), EveSMTPAddMetadata(), HttpXFFCfg_::flags, Packet_::flow, FLOW_PKT_TOCLIENT, Packet_::flowflags, FlowGetAppProtocol(), HttpXFFGetIPFromTx(), json_addr_info_zero, JSON_ADDR_LEN, JsonAddrInfoInit(), LOG_DIR_FLOW, LOG_DIR_FLOW_TOCLIENT, LOG_DIR_FLOW_TOSERVER, JsonAddrInfo_::src_ip, strlcpy(), unlikely, XFF_DISABLED, XFF_EXTRADATA, XFF_MAXLEN, and XFF_OVERWRITE.

Here is the call graph for this function:

◆ JsonFileLogRegister()

void JsonFileLogRegister ( void  )

Definition at line 341 of file output-json-file.c.

References LOGGER_JSON_FILE, and OutputRegisterFileSubModule().

Referenced by OutputRegisterLoggers().

Here is the call graph for this function:
Here is the caller graph for this function: