suricata
Data Structures | Macros | Typedefs | Functions | Variables
output.h File Reference
#include "decode.h"
#include "tm-modules.h"
#include "output-packet.h"
#include "output-tx.h"
#include "output-file.h"
#include "output-filedata.h"
#include "output-flow.h"
#include "output-streaming.h"
#include "output-stats.h"
Include dependency graph for output.h:

Go to the source code of this file.

Data Structures

struct  OutputLoggerThreadStore_
 
struct  OutputInitResult_
 
struct  OutputModule_
 
struct  EveJsonSimpleAppLayerLogger
 

Macros

#define DEFAULT_LOG_MODE_APPEND   "yes"
 
#define DEFAULT_LOG_FILETYPE   "regular"
 

Typedefs

typedef struct OutputLoggerThreadStore_ OutputLoggerThreadStore
 
typedef struct OutputInitResult_ OutputInitResult
 
typedef OutputInitResult(* OutputInitFunc) (ConfNode *)
 
typedef OutputInitResult(* OutputInitSubFunc) (ConfNode *, OutputCtx *)
 
typedef TmEcode(* OutputLogFunc) (ThreadVars *, Packet *, void *)
 
typedef uint32_t(* OutputGetActiveCountFunc) (void)
 
typedef struct OutputModule_ OutputModule
 
typedef bool(* EveJsonSimpleTxLogFunc) (void *, struct JsonBuilder *)
 
typedef struct EveJsonSimpleAppLayerLogger EveJsonSimpleAppLayerLogger
 

Functions

typedef TAILQ_HEAD (OutputModuleList_, OutputModule_) OutputModuleList
 
void OutputRegisterModule (const char *, const char *, OutputInitFunc)
 
void OutputRegisterPacketModule (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, PacketLogger LogFunc, PacketLogCondition ConditionFunc, ThreadInitFunc, ThreadDeinitFunc)
 Register a packet output module. More...
 
void OutputRegisterPacketSubModule (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, PacketLogger LogFunc, PacketLogCondition ConditionFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 Register a packet output sub-module. More...
 
void OutputRegisterTxModule (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 Register a tx output module. More...
 
void OutputRegisterTxSubModule (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 
void OutputRegisterTxModuleWithCondition (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, TxLoggerCondition TxLogCondition, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 Register a tx output module with condition. More...
 
void OutputRegisterTxSubModuleWithCondition (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, TxLoggerCondition TxLogCondition, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 
void OutputRegisterTxModuleWithProgress (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, int tc_log_progress, int ts_log_progress, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 Register a tx output module with progress. More...
 
void OutputRegisterTxSubModuleWithProgress (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, AppProto alproto, TxLogger TxLogFunc, int tc_log_progress, int ts_log_progress, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 
void OutputRegisterFileSubModule (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, SCFileLogger FileLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 Register a file output sub-module. More...
 
void OutputRegisterFiledataModule (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, SCFiledataLogger FiledataLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 Register a file data output module. More...
 
void OutputRegisterFlowSubModule (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, FlowLogger FlowLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 Register a flow output sub-module. More...
 
void OutputRegisterStreamingModule (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, SCStreamingLogger StreamingLogFunc, enum SCOutputStreamingType stream_type, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 Register a streaming data output module. More...
 
void OutputRegisterStatsModule (LoggerId id, const char *name, const char *conf_name, OutputInitFunc InitFunc, StatsLogger StatsLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 Register a stats data output module. More...
 
void OutputRegisterStatsSubModule (LoggerId id, const char *parent_name, const char *name, const char *conf_name, OutputInitSubFunc InitFunc, StatsLogger StatsLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit)
 Register a stats data output sub-module. More...
 
OutputModuleOutputGetModuleByConfName (const char *name)
 Get an output module by name. More...
 
void OutputDeregisterAll (void)
 Deregister all modules. Useful for a memory clean exit. More...
 
int OutputDropLoggerEnable (void)
 
void OutputDropLoggerDisable (void)
 
void OutputRegisterFileRotationFlag (int *flag)
 Register a flag for file rotation notification. More...
 
void OutputUnregisterFileRotationFlag (int *flag)
 Unregister a file rotation flag. More...
 
void OutputNotifyFileRotation (void)
 Notifies all registered file rotation notification flags. More...
 
void OutputRegisterRootLogger (ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit, OutputLogFunc LogFunc, OutputGetActiveCountFunc ActiveCntFunc)
 
void TmModuleLoggerRegister (void)
 
TmEcode OutputLoggerLog (ThreadVars *, Packet *, void *)
 
TmEcode OutputLoggerThreadInit (ThreadVars *, const void *, void **)
 
TmEcode OutputLoggerThreadDeinit (ThreadVars *, void *)
 
void OutputLoggerExitPrintStats (ThreadVars *, void *)
 
void OutputSetupActiveLoggers (void)
 
void OutputClearActiveLoggers (void)
 
EveJsonSimpleAppLayerLoggerSCEveJsonSimpleGetLogger (AppProto alproto)
 

Variables

OutputModuleList output_modules
 

Detailed Description

Author
Endace Technology Limited, Jason Ish jason.nosp@m..ish.nosp@m.@enda.nosp@m.ce.c.nosp@m.om

Definition in file output.h.

Macro Definition Documentation

◆ DEFAULT_LOG_FILETYPE

#define DEFAULT_LOG_FILETYPE   "regular"

Definition at line 32 of file output.h.

◆ DEFAULT_LOG_MODE_APPEND

#define DEFAULT_LOG_MODE_APPEND   "yes"

Definition at line 31 of file output.h.

Typedef Documentation

◆ EveJsonSimpleAppLayerLogger

typedef struct EveJsonSimpleAppLayerLogger EveJsonSimpleAppLayerLogger

◆ EveJsonSimpleTxLogFunc

typedef bool(* EveJsonSimpleTxLogFunc) (void *, struct JsonBuilder *)

Definition at line 164 of file output.h.

◆ OutputGetActiveCountFunc

typedef uint32_t(* OutputGetActiveCountFunc) (void)

Definition at line 54 of file output.h.

◆ OutputInitFunc

typedef OutputInitResult(* OutputInitFunc) (ConfNode *)

Definition at line 51 of file output.h.

◆ OutputInitResult

typedef struct OutputInitResult_ OutputInitResult

◆ OutputInitSubFunc

typedef OutputInitResult(* OutputInitSubFunc) (ConfNode *, OutputCtx *)

Definition at line 52 of file output.h.

◆ OutputLogFunc

typedef TmEcode(* OutputLogFunc) (ThreadVars *, Packet *, void *)

Definition at line 53 of file output.h.

◆ OutputLoggerThreadStore

typedef struct OutputLoggerThreadStore_ OutputLoggerThreadStore

◆ OutputModule

typedef struct OutputModule_ OutputModule

Function Documentation

◆ OutputClearActiveLoggers()

void OutputClearActiveLoggers ( void  )

Definition at line 821 of file output.c.

References SCFree, TAILQ_FIRST, and TAILQ_REMOVE.

◆ OutputDeregisterAll()

void OutputDeregisterAll ( void  )

Deregister all modules. Useful for a memory clean exit.

Definition at line 629 of file output.c.

References output_modules, SCFree, TAILQ_FIRST, and TAILQ_REMOVE.

Referenced by GlobalsDestroy().

Here is the caller graph for this function:

◆ OutputDropLoggerDisable()

void OutputDropLoggerDisable ( void  )

Definition at line 651 of file output.c.

◆ OutputDropLoggerEnable()

int OutputDropLoggerEnable ( void  )

Definition at line 643 of file output.c.

◆ OutputGetModuleByConfName()

OutputModule* OutputGetModuleByConfName ( const char *  conf_name)

Get an output module by name.

Return values
TheOutputModule with the given name or NULL if no output module with the given name is registered.

Definition at line 612 of file output.c.

References OutputModule_::conf_name, output_modules, and TAILQ_FOREACH.

◆ OutputLoggerExitPrintStats()

void OutputLoggerExitPrintStats ( ThreadVars ,
void *   
)

◆ OutputLoggerLog()

TmEcode OutputLoggerLog ( ThreadVars ,
Packet ,
void *   
)

Definition at line 708 of file output.c.

◆ OutputLoggerThreadDeinit()

TmEcode OutputLoggerThreadDeinit ( ThreadVars ,
void *   
)

Definition at line 753 of file output.c.

References TM_ECODE_FAILED.

◆ OutputLoggerThreadInit()

TmEcode OutputLoggerThreadInit ( ThreadVars ,
const void *  ,
void **   
)

Definition at line 722 of file output.c.

◆ OutputNotifyFileRotation()

void OutputNotifyFileRotation ( void  )

Notifies all registered file rotation notification flags.

Definition at line 701 of file output.c.

References OutputFileRolloverFlag, and TAILQ_FOREACH.

Referenced by SuricataMainLoop().

Here is the caller graph for this function:

◆ OutputRegisterFiledataModule()

void OutputRegisterFiledataModule ( LoggerId  id,
const char *  name,
const char *  conf_name,
OutputInitFunc  InitFunc,
SCFiledataLogger  FiledataLogFunc,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a file data output module.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 430 of file output.c.

Referenced by OutputFilestoreRegister().

Here is the caller graph for this function:

◆ OutputRegisterFileRotationFlag()

void OutputRegisterFileRotationFlag ( int *  flag)

Register a flag for file rotation notification.

Parameters
flagA pointer that will be set to 1 when file rotation is requested.

Definition at line 663 of file output.c.

References OutputFileRolloverFlag, SCCalloc, SCLogError, TAILQ_INSERT_TAIL, and unlikely.

◆ OutputRegisterFileSubModule()

void OutputRegisterFileSubModule ( LoggerId  id,
const char *  parent_name,
const char *  name,
const char *  conf_name,
OutputInitSubFunc  InitFunc,
SCFileLogger  FileLogFunc,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a file output sub-module.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 393 of file output.c.

Referenced by JsonFileLogRegister().

Here is the caller graph for this function:

◆ OutputRegisterFlowSubModule()

void OutputRegisterFlowSubModule ( LoggerId  id,
const char *  parent_name,
const char *  name,
const char *  conf_name,
OutputInitSubFunc  InitFunc,
FlowLogger  FlowLogFunc,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a flow output sub-module.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 466 of file output.c.

Referenced by JsonFlowLogRegister(), and JsonNetFlowLogRegister().

Here is the caller graph for this function:

◆ OutputRegisterModule()

void OutputRegisterModule ( const char *  ,
const char *  ,
OutputInitFunc   
)

Referenced by LuaLogRegister(), and OutputJsonRegister().

Here is the caller graph for this function:

◆ OutputRegisterPacketModule()

void OutputRegisterPacketModule ( LoggerId  id,
const char *  name,
const char *  conf_name,
OutputInitFunc  InitFunc,
PacketLogger  PacketLogFunc,
PacketLogCondition  PacketConditionFunc,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a packet output module.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 169 of file output.c.

Referenced by AlertDebugLogRegister(), AlertFastLogRegister(), AlertSyslogRegister(), and PcapLogRegister().

Here is the caller graph for this function:

◆ OutputRegisterPacketSubModule()

void OutputRegisterPacketSubModule ( LoggerId  id,
const char *  parent_name,
const char *  name,
const char *  conf_name,
OutputInitSubFunc  InitFunc,
PacketLogger  PacketLogFunc,
PacketLogCondition  PacketConditionFunc,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a packet output sub-module.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 206 of file output.c.

Referenced by EveStreamLogRegister(), JsonAlertLogRegister(), JsonAnomalyLogRegister(), JsonArpLogRegister(), JsonDropLogRegister(), JsonFrameLogRegister(), and JsonMetadataLogRegister().

Here is the caller graph for this function:

◆ OutputRegisterRootLogger()

void OutputRegisterRootLogger ( ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit,
OutputLogFunc  LogFunc,
OutputGetActiveCountFunc  ActiveCntFunc 
)

Definition at line 779 of file output.c.

Referenced by OutputPacketLoggerRegister(), and OutputStreamingLoggerRegister().

Here is the caller graph for this function:

◆ OutputRegisterStatsModule()

void OutputRegisterStatsModule ( LoggerId  id,
const char *  name,
const char *  conf_name,
OutputInitFunc  InitFunc,
StatsLogger  StatsLogFunc,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a stats data output module.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 541 of file output.c.

Referenced by LogStatsLogRegister().

Here is the caller graph for this function:

◆ OutputRegisterStatsSubModule()

void OutputRegisterStatsSubModule ( LoggerId  id,
const char *  parent_name,
const char *  name,
const char *  conf_name,
OutputInitSubFunc  InitFunc,
StatsLogger  StatsLogFunc,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a stats data output sub-module.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 577 of file output.c.

Referenced by JsonStatsLogRegister().

Here is the caller graph for this function:

◆ OutputRegisterStreamingModule()

void OutputRegisterStreamingModule ( LoggerId  id,
const char *  name,
const char *  conf_name,
OutputInitFunc  InitFunc,
SCStreamingLogger  StreamingLogFunc,
enum SCOutputStreamingType  stream_type,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a streaming data output module.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 503 of file output.c.

Referenced by LogTcpDataLogRegister().

Here is the caller graph for this function:

◆ OutputRegisterTxModule()

void OutputRegisterTxModule ( LoggerId  id,
const char *  name,
const char *  conf_name,
OutputInitFunc  InitFunc,
AppProto  alproto,
TxLogger  TxLogFunc,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a tx output module.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 369 of file output.c.

Referenced by LogHttpLogRegister().

Here is the caller graph for this function:

◆ OutputRegisterTxModuleWithCondition()

void OutputRegisterTxModuleWithCondition ( LoggerId  id,
const char *  name,
const char *  conf_name,
OutputInitFunc  InitFunc,
AppProto  alproto,
TxLogger  TxLogFunc,
TxLoggerCondition  TxLogCondition,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a tx output module with condition.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 320 of file output.c.

Referenced by LogTlsStoreRegister().

Here is the caller graph for this function:

◆ OutputRegisterTxModuleWithProgress()

void OutputRegisterTxModuleWithProgress ( LoggerId  id,
const char *  name,
const char *  conf_name,
OutputInitFunc  InitFunc,
AppProto  alproto,
TxLogger  TxLogFunc,
int  tc_log_progress,
int  ts_log_progress,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Register a tx output module with progress.

This function will register an output module so it can be configured with the configuration file.

Return values
Returns0 on success, -1 on failure.

Definition at line 344 of file output.c.

Referenced by LogTlsLogRegister().

Here is the caller graph for this function:

◆ OutputRegisterTxSubModule()

void OutputRegisterTxSubModule ( LoggerId  id,
const char *  parent_name,
const char *  name,
const char *  conf_name,
OutputInitSubFunc  InitFunc,
AppProto  alproto,
TxLogger  TxLogFunc,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Definition at line 377 of file output.c.

Referenced by JsonDCERPCLogRegister(), JsonDHCPLogRegister(), JsonDNP3LogRegister(), JsonDoh2LogRegister(), JsonHttpLogRegister(), JsonIKELogRegister(), JsonMQTTLogRegister(), JsonNFSLogRegister(), JsonPgsqlLogRegister(), JsonSMBLogRegister(), and JsonSmtpLogRegister().

Here is the caller graph for this function:

◆ OutputRegisterTxSubModuleWithCondition()

void OutputRegisterTxSubModuleWithCondition ( LoggerId  id,
const char *  parent_name,
const char *  name,
const char *  conf_name,
OutputInitSubFunc  InitFunc,
AppProto  alproto,
TxLogger  TxLogFunc,
TxLoggerCondition  TxLogCondition,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Definition at line 328 of file output.c.

◆ OutputRegisterTxSubModuleWithProgress()

void OutputRegisterTxSubModuleWithProgress ( LoggerId  id,
const char *  parent_name,
const char *  name,
const char *  conf_name,
OutputInitSubFunc  InitFunc,
AppProto  alproto,
TxLogger  TxLogFunc,
int  tc_log_progress,
int  ts_log_progress,
ThreadInitFunc  ThreadInit,
ThreadDeinitFunc  ThreadDeinit 
)

Definition at line 352 of file output.c.

Referenced by JsonTlsLogRegister(), and OutputRegisterLoggers().

Here is the caller graph for this function:

◆ OutputSetupActiveLoggers()

void OutputSetupActiveLoggers ( void  )

Definition at line 808 of file output.c.

References RootLogger_::ActiveCntFunc, cnt, and TAILQ_FIRST.

◆ OutputUnregisterFileRotationFlag()

void OutputUnregisterFileRotationFlag ( int *  flag)

Unregister a file rotation flag.

Note that it is safe to call this function with a flag that may not have been registered, in which case this function won't do anything.

Parameters
flagA pointer that has been previously registered for file rotation notifications.

Definition at line 684 of file output.c.

References next, OutputFileRolloverFlag, SCFree, TAILQ_FIRST, TAILQ_NEXT, and TAILQ_REMOVE.

Referenced by LogFileFreeCtx().

Here is the caller graph for this function:

◆ SCEveJsonSimpleGetLogger()

EveJsonSimpleAppLayerLogger* SCEveJsonSimpleGetLogger ( AppProto  alproto)

Definition at line 836 of file output.c.

References ALPROTO_MAX.

◆ TAILQ_HEAD()

typedef TAILQ_HEAD ( OutputModuleList_  ,
OutputModule_   
)

◆ TmModuleLoggerRegister()

void TmModuleLoggerRegister ( void  )

Definition at line 830 of file output.c.

References OutputRegisterLoggers(), and OutputRegisterRootLoggers().

Referenced by RegisterAllModules().

Here is the call graph for this function:
Here is the caller graph for this function:

Variable Documentation

◆ output_modules

OutputModuleList output_modules

Referenced by OutputDeregisterAll(), OutputGetModuleByConfName(), and RunModeInitializeOutputs().