From 398ebf934509a8d27a1c8b858eae061b89d5c44a Mon Sep 17 00:00:00 2001
From: Victor Julien <victor@inliniac.net>
Date: Fri, 12 Mar 2021 10:22:01 +0100
Subject: [PATCH] eve/drop: use highest priority drop

When adding the alert to a drop record make sure the add the highest
priority.

It would until now add all drops from high to low prio, effectively
overwriting the record each time.

Ticket #4397
---
 src/output-json-drop.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/output-json-drop.c b/src/output-json-drop.c
index 9cdd23a2f8..3eb7e6832b 100644
--- a/src/output-json-drop.c
+++ b/src/output-json-drop.c
@@ -164,6 +164,7 @@ static int DropLogJSON (JsonDropLogThread *aft, const Packet *p)
             {
                 AlertJsonHeader(NULL, p, pa, js, 0, &addr);
                 logged = 1;
+                break;
             }
         }
         if (logged == 0) {