#include "suricata-common.h"#include "flow.h"#include "conf.h"#include "tm-threads.h"#include "util-error.h"#include "util-debug.h"#include "output.h"#include "output-eve-bindgen.h"#include "alert-fastlog.h"#include "alert-debuglog.h"#include "alert-syslog.h"#include "output-json.h"#include "output-json-alert.h"#include "output-json-anomaly.h"#include "output-json-flow.h"#include "output-json-netflow.h"#include "log-cf-common.h"#include "output-json-drop.h"#include "output-eve-stream.h"#include "log-httplog.h"#include "output-json-http.h"#include "output-json-dns.h"#include "log-tlslog.h"#include "log-tlsstore.h"#include "output-json-tls.h"#include "log-pcap.h"#include "app-layer-ssh.h"#include "output-json-file.h"#include "output-json-smtp.h"#include "output-json-stats.h"#include "log-tcp-data.h"#include "log-stats.h"#include "output-json-nfs.h"#include "output-json-ftp.h"#include "app-layer-ftp.h"#include "output-json-smb.h"#include "output-json-ike.h"#include "output-json-dhcp.h"#include "output-json-mqtt.h"#include "output-json-pgsql.h"#include "output-lua.h"#include "output-json-dnp3.h"#include "output-json-metadata.h"#include "output-json-dcerpc.h"#include "output-json-frame.h"#include "app-layer-parser.h"#include "output-filestore.h"#include "output-json-arp.h"
Go to the source code of this file.
Data Structures | |
| struct | RootLogger_ |
Macros | |
| #define | ARRAY_CAP_STEP 16 |
Typedefs | |
| typedef struct RootLogger_ | RootLogger |
Functions | |
| typedef | TAILQ_HEAD (LoggerThreadStore_, LoggerThreadStoreNode_) |
| TAILQ_HEAD (OutputFileRolloverFlag_) | |
| void | OutputRegisterPacketModule (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, OutputPacketLoggerFunctions *output_module_functions) |
| Register a packet output module. More... | |
| void | OutputRegisterPacketSubModule (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, OutputPacketLoggerFunctions *output_logger_functions) |
| Register a packet output sub-module. More... | |
| void | OutputRegisterTxModuleWithCondition (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, TxLoggerCondition TxLogCondition, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| Register a tx output module with condition. More... | |
| void | OutputRegisterTxSubModuleWithCondition (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, TxLoggerCondition TxLogCondition, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| void | OutputRegisterTxModuleWithProgress (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, int tc_log_progress, int ts_log_progress, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| Register a tx output module with progress. More... | |
| void | OutputRegisterTxSubModuleWithProgress (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, int tc_log_progress, int ts_log_progress, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| void | OutputRegisterTxModule (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| Register a tx output module. More... | |
| void | OutputRegisterTxSubModule (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| void | OutputRegisterFileSubModule (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, SCFileLogger FileLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| Register a file output sub-module. More... | |
| void | OutputRegisterFiledataModule (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, SCFiledataLogger FiledataLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| Register a file data output module. More... | |
| void | OutputRegisterFlowSubModule (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, FlowLogger FlowLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| Register a flow output sub-module. More... | |
| void | OutputRegisterStreamingModule (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, SCStreamingLogger StreamingLogFunc, enum SCOutputStreamingType stream_type, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| Register a streaming data output module. More... | |
| void | OutputRegisterStatsModule (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, StatsLogger StatsLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| Register a stats data output module. More... | |
| void | OutputRegisterStatsSubModule (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, StatsLogger StatsLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) |
| Register a stats data output sub-module. More... | |
| OutputModule * | OutputGetModuleByConfName (const char *conf_name) |
| Get an output module by name. More... | |
| void | OutputDeregisterAll (void) |
| Deregister all modules. Useful for a memory clean exit. More... | |
| int | OutputDropLoggerEnable (void) |
| void | OutputDropLoggerDisable (void) |
| void | OutputRegisterFileRotationFlag (int *flag) |
| Register a flag for file rotation notification. More... | |
| void | OutputUnregisterFileRotationFlag (int *flag) |
| Unregister a file rotation flag. More... | |
| void | OutputNotifyFileRotation (void) |
| Notifies all registered file rotation notification flags. More... | |
| TmEcode | OutputLoggerFlush (ThreadVars *tv, Packet *p, void *thread_data) |
| TmEcode | OutputLoggerLog (ThreadVars *tv, Packet *p, void *thread_data) |
| TmEcode | OutputLoggerThreadInit (ThreadVars *tv, const void *initdata, void **data) |
| TmEcode | OutputLoggerThreadDeinit (ThreadVars *tv, void *thread_data) |
| void | OutputRegisterRootLogger (ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit, OutputLogFunc LogFunc, OutputGetActiveCountFunc ActiveCntFunc) |
| void | OutputSetupActiveLoggers (void) |
| void | OutputClearActiveLoggers (void) |
| void | TmModuleLoggerRegister (void) |
| EveJsonSimpleAppLayerLogger * | SCEveJsonSimpleGetLogger (AppProto alproto) |
| void | OutputRegisterRootLoggers (void) |
| Register all root loggers. More... | |
| int | SCOutputEvePreRegisterLogger (EveJsonTxLoggerRegistrationData reg_data) |
| void | OutputRegisterLoggers (void) |
| Register all non-root logging modules. More... | |
Variables | |
| LoggerThreadStoreNode | |
| OutputFileRolloverFlag | |
Detailed Description
The root logging output for all non-application logging.
The loggers are made up of a hierarchy of loggers. At the top we have the root logger which is the main entry point to logging. Under the root there exists parent loggers that are the entry point for specific types of loggers such as packet logger, transaction loggers, etc. Each parent logger may have 0 or more loggers that actual handle the job of producing output to something like a file.
Definition in file output.c.
Macro Definition Documentation
◆ ARRAY_CAP_STEP
Typedef Documentation
◆ RootLogger
| typedef struct RootLogger_ RootLogger |
Function Documentation
◆ OutputClearActiveLoggers()
| void OutputClearActiveLoggers | ( | void | ) |
Definition at line 850 of file output.c.
References SCFree, TAILQ_FIRST, and TAILQ_REMOVE.
◆ OutputDeregisterAll()
| void OutputDeregisterAll | ( | void | ) |
Deregister all modules. Useful for a memory clean exit.
Definition at line 635 of file output.c.
References output_modules, SCFree, TAILQ_FIRST, and TAILQ_REMOVE.
Referenced by GlobalsDestroy().
◆ OutputDropLoggerDisable()
◆ OutputDropLoggerEnable()
◆ OutputGetModuleByConfName()
| OutputModule* OutputGetModuleByConfName | ( | const char * | conf_name | ) |
Get an output module by name.
- Return values
-
The OutputModule with the given name or NULL if no output module with the given name is registered.
Definition at line 618 of file output.c.
References OutputModule_::conf_name, output_modules, and TAILQ_FOREACH.
◆ OutputLoggerFlush()
| TmEcode OutputLoggerFlush | ( | ThreadVars * | tv, |
| Packet * | p, | ||
| void * | thread_data | ||
| ) |
◆ OutputLoggerLog()
| TmEcode OutputLoggerLog | ( | ThreadVars * | tv, |
| Packet * | p, | ||
| void * | thread_data | ||
| ) |
◆ OutputLoggerThreadDeinit()
| TmEcode OutputLoggerThreadDeinit | ( | ThreadVars * | tv, |
| void * | thread_data | ||
| ) |
Definition at line 782 of file output.c.
References TM_ECODE_FAILED.
◆ OutputLoggerThreadInit()
| TmEcode OutputLoggerThreadInit | ( | ThreadVars * | tv, |
| const void * | initdata, | ||
| void ** | data | ||
| ) |
◆ OutputNotifyFileRotation()
| void OutputNotifyFileRotation | ( | void | ) |
Notifies all registered file rotation notification flags.
Definition at line 712 of file output.c.
References OutputFileRolloverFlag, and SCMutexLock.
Referenced by SuricataMainLoop().
◆ OutputRegisterFiledataModule()
| void OutputRegisterFiledataModule | ( | LoggerId | id, |
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitFunc | InitFunc, | ||
| SCFiledataLogger | FiledataLogFunc, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Register a file data output module.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 436 of file output.c.
Referenced by OutputFilestoreRegister().
◆ OutputRegisterFileRotationFlag()
| void OutputRegisterFileRotationFlag | ( | int * | flag | ) |
Register a flag for file rotation notification.
- Parameters
-
flag A pointer that will be set to 1 when file rotation is requested.
Definition at line 669 of file output.c.
References OutputFileRolloverFlag, SCCalloc, SCLogError, SCMutexLock, and unlikely.
◆ OutputRegisterFileSubModule()
| void OutputRegisterFileSubModule | ( | LoggerId | id, |
| const char * | parent_name, | ||
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitSubFunc | InitFunc, | ||
| SCFileLogger | FileLogFunc, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Register a file output sub-module.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 399 of file output.c.
Referenced by JsonFileLogRegister().
◆ OutputRegisterFlowSubModule()
| void OutputRegisterFlowSubModule | ( | LoggerId | id, |
| const char * | parent_name, | ||
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitSubFunc | InitFunc, | ||
| FlowLogger | FlowLogFunc, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Register a flow output sub-module.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 472 of file output.c.
Referenced by JsonFlowLogRegister(), and JsonNetFlowLogRegister().
◆ OutputRegisterLoggers()
| void OutputRegisterLoggers | ( | void | ) |
Register all non-root logging modules.
Definition at line 1023 of file output.c.
References AlertDebugLogRegister(), AlertFastLogRegister(), AlertSyslogRegister(), ALPROTO_HTTP2, EveStreamLogRegister(), JsonDropLogRegister(), JsonHttpLogRegister(), JsonSmtpLogRegister(), LogCustomFormatRegister(), LOGGER_JSON_TX, LogHttpLogRegister(), LuaLogRegister(), OutputJsonLogInitSub(), OutputJsonRegister(), and OutputRegisterTxSubModuleWithProgress().
Referenced by TmModuleLoggerRegister().
◆ OutputRegisterPacketModule()
| void OutputRegisterPacketModule | ( | LoggerId | id, |
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitFunc | InitFunc, | ||
| OutputPacketLoggerFunctions * | output_module_functions | ||
| ) |
Register a packet output module.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 173 of file output.c.
References OutputPacketLoggerFunctions_::ConditionFunc, OutputModule_::conf_name, FatalError, OutputPacketLoggerFunctions_::FlushFunc, id, OutputModule_::InitFunc, OutputPacketLoggerFunctions_::LogFunc, OutputModule_::logger_id, OutputModule_::name, name, output_modules, OutputModule_::PacketConditionFunc, OutputModule_::PacketFlushFunc, OutputModule_::PacketLogFunc, SCCalloc, SCLogDebug, TAILQ_INSERT_TAIL, OutputModule_::ThreadDeinit, OutputPacketLoggerFunctions_::ThreadDeinitFunc, OutputModule_::ThreadInit, OutputPacketLoggerFunctions_::ThreadInitFunc, and unlikely.
◆ OutputRegisterPacketSubModule()
| void OutputRegisterPacketSubModule | ( | LoggerId | id, |
| const char * | parent_name, | ||
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitSubFunc | InitFunc, | ||
| OutputPacketLoggerFunctions * | output_logger_functions | ||
| ) |
Register a packet output sub-module.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 211 of file output.c.
References OutputPacketLoggerFunctions_::ConditionFunc, OutputModule_::conf_name, FatalError, OutputPacketLoggerFunctions_::FlushFunc, id, OutputModule_::InitSubFunc, OutputPacketLoggerFunctions_::LogFunc, OutputModule_::logger_id, OutputModule_::name, name, output_modules, OutputModule_::PacketConditionFunc, OutputModule_::PacketFlushFunc, OutputModule_::PacketLogFunc, OutputModule_::parent_name, SCCalloc, SCLogDebug, TAILQ_INSERT_TAIL, OutputModule_::ThreadDeinit, OutputPacketLoggerFunctions_::ThreadDeinitFunc, OutputModule_::ThreadInit, OutputPacketLoggerFunctions_::ThreadInitFunc, and unlikely.
◆ OutputRegisterRootLogger()
| void OutputRegisterRootLogger | ( | ThreadInitFunc | ThreadInit, |
| ThreadDeinitFunc | ThreadDeinit, | ||
| OutputLogFunc | LogFunc, | ||
| OutputGetActiveCountFunc | ActiveCntFunc | ||
| ) |
Definition at line 808 of file output.c.
Referenced by OutputPacketLoggerRegister(), and OutputStreamingLoggerRegister().
◆ OutputRegisterRootLoggers()
| void OutputRegisterRootLoggers | ( | void | ) |
Register all root loggers.
Definition at line 887 of file output.c.
Referenced by TmModuleLoggerRegister().
◆ OutputRegisterStatsModule()
| void OutputRegisterStatsModule | ( | LoggerId | id, |
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitFunc | InitFunc, | ||
| StatsLogger | StatsLogFunc, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Register a stats data output module.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 547 of file output.c.
Referenced by LogStatsLogRegister().
◆ OutputRegisterStatsSubModule()
| void OutputRegisterStatsSubModule | ( | LoggerId | id, |
| const char * | parent_name, | ||
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitSubFunc | InitFunc, | ||
| StatsLogger | StatsLogFunc, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Register a stats data output sub-module.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 583 of file output.c.
Referenced by JsonStatsLogRegister().
◆ OutputRegisterStreamingModule()
| void OutputRegisterStreamingModule | ( | LoggerId | id, |
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitFunc | InitFunc, | ||
| SCStreamingLogger | StreamingLogFunc, | ||
| enum SCOutputStreamingType | stream_type, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Register a streaming data output module.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 509 of file output.c.
Referenced by LogTcpDataLogRegister().
◆ OutputRegisterTxModule()
| void OutputRegisterTxModule | ( | LoggerId | id, |
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitFunc | InitFunc, | ||
| AppProto | alproto, | ||
| TxLogger | TxLogFunc, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Register a tx output module.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 375 of file output.c.
Referenced by LogHttpLogRegister().
◆ OutputRegisterTxModuleWithCondition()
| void OutputRegisterTxModuleWithCondition | ( | LoggerId | id, |
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitFunc | InitFunc, | ||
| AppProto | alproto, | ||
| TxLogger | TxLogFunc, | ||
| TxLoggerCondition | TxLogCondition, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Register a tx output module with condition.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 326 of file output.c.
Referenced by LogTlsStoreRegister().
◆ OutputRegisterTxModuleWithProgress()
| void OutputRegisterTxModuleWithProgress | ( | LoggerId | id, |
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitFunc | InitFunc, | ||
| AppProto | alproto, | ||
| TxLogger | TxLogFunc, | ||
| int | tc_log_progress, | ||
| int | ts_log_progress, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Register a tx output module with progress.
This function will register an output module so it can be configured with the configuration file.
- Return values
-
Returns 0 on success, -1 on failure.
Definition at line 350 of file output.c.
Referenced by LogTlsLogRegister().
◆ OutputRegisterTxSubModule()
| void OutputRegisterTxSubModule | ( | LoggerId | id, |
| const char * | parent_name, | ||
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitSubFunc | InitFunc, | ||
| AppProto | alproto, | ||
| TxLogger | TxLogFunc, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Definition at line 383 of file output.c.
Referenced by JsonDCERPCLogRegister(), JsonDHCPLogRegister(), JsonDNP3LogRegister(), JsonDoh2LogRegister(), JsonHttpLogRegister(), JsonIKELogRegister(), JsonMQTTLogRegister(), JsonNFSLogRegister(), JsonPgsqlLogRegister(), JsonSMBLogRegister(), and JsonSmtpLogRegister().
◆ OutputRegisterTxSubModuleWithCondition()
| void OutputRegisterTxSubModuleWithCondition | ( | LoggerId | id, |
| const char * | parent_name, | ||
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitSubFunc | InitFunc, | ||
| AppProto | alproto, | ||
| TxLogger | TxLogFunc, | ||
| TxLoggerCondition | TxLogCondition, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
◆ OutputRegisterTxSubModuleWithProgress()
| void OutputRegisterTxSubModuleWithProgress | ( | LoggerId | id, |
| const char * | parent_name, | ||
| const char * | name, | ||
| const char * | conf_name, | ||
| OutputInitSubFunc | InitFunc, | ||
| AppProto | alproto, | ||
| TxLogger | TxLogFunc, | ||
| int | tc_log_progress, | ||
| int | ts_log_progress, | ||
| ThreadInitFunc | ThreadInit, | ||
| ThreadDeinitFunc | ThreadDeinit | ||
| ) |
Definition at line 358 of file output.c.
Referenced by JsonTlsLogRegister(), and OutputRegisterLoggers().
◆ OutputSetupActiveLoggers()
| void OutputSetupActiveLoggers | ( | void | ) |
Definition at line 837 of file output.c.
References RootLogger_::ActiveCntFunc, cnt, and TAILQ_FIRST.
◆ OutputUnregisterFileRotationFlag()
| void OutputUnregisterFileRotationFlag | ( | int * | flag | ) |
Unregister a file rotation flag.
Note that it is safe to call this function with a flag that may not have been registered, in which case this function won't do anything.
- Parameters
-
flag A pointer that has been previously registered for file rotation notifications.
Definition at line 692 of file output.c.
References next, OutputFileRolloverFlag, and SCMutexLock.
Referenced by LogFileFreeCtx().
◆ SCEveJsonSimpleGetLogger()
| EveJsonSimpleAppLayerLogger* SCEveJsonSimpleGetLogger | ( | AppProto | alproto | ) |
Definition at line 865 of file output.c.
References g_alproto_max.
◆ SCOutputEvePreRegisterLogger()
| int SCOutputEvePreRegisterLogger | ( | EveJsonTxLoggerRegistrationData | reg_data | ) |
◆ TAILQ_HEAD() [1/2]
| typedef TAILQ_HEAD | ( | LoggerThreadStore_ | , |
| LoggerThreadStoreNode_ | |||
| ) |
◆ TAILQ_HEAD() [2/2]
◆ TmModuleLoggerRegister()
| void TmModuleLoggerRegister | ( | void | ) |
Definition at line 859 of file output.c.
References OutputRegisterLoggers(), and OutputRegisterRootLoggers().
Referenced by RegisterAllModules().
Variable Documentation
◆ LoggerThreadStoreNode
◆ OutputFileRolloverFlag
| OutputFileRolloverFlag |
Definition at line 127 of file output.c.
Referenced by OutputNotifyFileRotation(), OutputRegisterFileRotationFlag(), and OutputUnregisterFileRotationFlag().
