Add "united" JSON files output

src/output-json.c

@@ -312,7 +312,14 @@ TmEcode OutputJSON(json_t *js, void *data, uint64_t *count)
 {
     AlertJsonThread *aft = (AlertJsonThread *)data;
     MemBuffer *buffer = (MemBuffer *)aft->buffer;
-    char *js_s = json_dumps(js, JSON_PRESERVE_ORDER|JSON_COMPACT|JSON_ENSURE_ASCII);
+    char *js_s = json_dumps(js,
+                            JSON_PRESERVE_ORDER|JSON_COMPACT|JSON_ENSURE_ASCII|
+#ifdef JSON_ESCAPE_SLASH
+                            JSON_ESCAPE_SLASH
+#else
+                            0
+#endif
+                            );
     if (unlikely(js_s == NULL))
         return TM_ECODE_OK;
 
@@ -719,6 +726,8 @@ OutputCtx *AlertJsonInitCtx(ConfNode *conf)
                 }
                 if (strcmp(output->val, "files") == 0) {
                     SCLogDebug("Enabling files output");
+                    ConfNode *child = ConfNodeLookupChild(output, "files");
+                    json_ctx->files_ctx = OutputFileLogInit(child);
                     outputFlags |= OUTPUT_FILES;
                     continue;
                 }

suricata.yaml.in

@@ -84,7 +84,7 @@ outputs:
 
   # "United" event log in JSON format
   - eve-log:
-      enabled: yes
+      enabled: no
       type: file #file|syslog|unix_dgram|unix_stream
       filename: eve.json
       # the following are valid when type: syslog above
@@ -99,9 +99,9 @@ outputs:
         - dns
         - tls:
             extended: yes     # enable this for extended logging information
-        #- files
+        - files:
-        #  force-magic: no   # force logging magic on all logged files
+            force-magic: no   # force logging magic on all logged files
-        #  force-md5: no     # force logging of md5 checksums
+            force-md5: no     # force logging of md5 checksums
         #- drop
         #- ssh