From 4ef12dcf5d0d7e47f25a5a1cb78b9c2b73f8deef Mon Sep 17 00:00:00 2001 From: Eric Leblond Date: Thu, 30 Apr 2015 12:52:22 +0200 Subject: [PATCH] alert-json: use new JsonHttpAddMetadata function This patch uses the newly introduced function to handle the logging of HTTP data. --- src/output-json-alert.c | 33 ++++++--------------------------- 1 file changed, 6 insertions(+), 27 deletions(-) diff --git a/src/output-json-alert.c b/src/output-json-alert.c index 3c4219b428..e357d2c9d9 100644 --- a/src/output-json-alert.c +++ b/src/output-json-alert.c @@ -101,31 +101,6 @@ static int AlertJsonDumpStreamSegmentCallback(const Packet *p, void *data, uint8 return 1; } -/** Handle the case where no JSON support is compiled in. - * - */ -static void AlertJsonHttp(const Flow *f, json_t *js) -{ - HtpState *htp_state = (HtpState *)FlowGetAppState(f); - if (htp_state) { - uint64_t tx_id = AppLayerParserGetTransactionLogId(f->alparser); - htp_tx_t *tx = AppLayerParserGetTx(IPPROTO_TCP, ALPROTO_HTTP, htp_state, tx_id); - - if (tx) { - json_t *hjs = json_object(); - if (unlikely(hjs == NULL)) - return; - - JsonHttpLogJSONBasic(hjs, tx); - JsonHttpLogJSONExtended(hjs, tx); - - json_object_set_new(js, "http", hjs); - } - } - - return; -} - static void AlertJsonTls(const Flow *f, json_t *js) { SSLState *ssl_state = (SSLState *)FlowGetAppState(f); @@ -198,6 +173,7 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p) { MemBuffer *payload = aft->payload_buffer; AlertJsonOutputCtx *json_output_ctx = aft->json_output_ctx; + json_t *hjs = NULL; int i; @@ -225,8 +201,11 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p) uint16_t proto = FlowGetAppProtocol(p->flow); /* http alert */ - if (proto == ALPROTO_HTTP) - AlertJsonHttp(p->flow, js); + if (proto == ALPROTO_HTTP) { + hjs = JsonHttpAddMetadata(p->flow); + if (hjs) + json_object_set_new(js, "http", hjs); + } FLOWLOCK_UNLOCK(p->flow); }