diff --git a/src/output-json-alert.c b/src/output-json-alert.c index 1ee191b1ff..71ba88066f 100644 --- a/src/output-json-alert.c +++ b/src/output-json-alert.c @@ -108,13 +108,13 @@ static int AlertJson(ThreadVars *tv, JsonAlertLogThread *aft, const Packet *p) json_object_set_new(ajs, "action", json_string(action)); json_object_set_new(ajs, "gid", json_integer(pa->s->gid)); - json_object_set_new(ajs, "id", json_integer(pa->s->id)); + json_object_set_new(ajs, "signature_id", json_integer(pa->s->id)); json_object_set_new(ajs, "rev", json_integer(pa->s->rev)); - json_object_set_new(ajs, "msg", + json_object_set_new(ajs, "signature", json_string((pa->s->msg) ? pa->s->msg : "")); - json_object_set_new(ajs, "class", + json_object_set_new(ajs, "category", json_string((pa->s->class_msg) ? pa->s->class_msg : "")); - json_object_set_new(ajs, "pri", json_integer(pa->s->prio)); + json_object_set_new(ajs, "severity", json_integer(pa->s->prio)); /* alert */ json_object_set_new(js, "alert", ajs); @@ -180,13 +180,13 @@ static int AlertJsonDecoderEvent(ThreadVars *tv, JsonAlertLogThread *aft, const json_object_set_new(ajs, "action", json_string(action)); json_object_set_new(ajs, "gid", json_integer(pa->s->gid)); - json_object_set_new(ajs, "id", json_integer(pa->s->id)); + json_object_set_new(ajs, "signature_id", json_integer(pa->s->id)); json_object_set_new(ajs, "rev", json_integer(pa->s->rev)); - json_object_set_new(ajs, "msg", + json_object_set_new(ajs, "signature", json_string((pa->s->msg) ? pa->s->msg : "")); - json_object_set_new(ajs, "class", + json_object_set_new(ajs, "category", json_string((pa->s->class_msg) ? pa->s->class_msg : "")); - json_object_set_new(ajs, "pri", json_integer(pa->s->prio)); + json_object_set_new(ajs, "severity", json_integer(pa->s->prio)); /* alert */ json_object_set_new(js, "alert", ajs); diff --git a/src/output-json-http.c b/src/output-json-http.c index fc5028a66f..7c41ea7edf 100644 --- a/src/output-json-http.c +++ b/src/output-json-http.c @@ -99,7 +99,7 @@ static void JsonHttpLogJSON(JsonHttpLogThread *aft, json_t *js, htp_tx_t *tx) c = SCStrndup((char *)bstr_ptr(tx->request_uri), bstr_len(tx->request_uri)); if (c != NULL) { - json_object_set_new(hjs, "uri", json_string(c)); + json_object_set_new(hjs, "url", json_string(c)); SCFree(c); } } @@ -113,11 +113,11 @@ static void JsonHttpLogJSON(JsonHttpLogThread *aft, json_t *js, htp_tx_t *tx) c = SCStrndup((char *)bstr_ptr(h_user_agent->value), bstr_len(h_user_agent->value)); if (c != NULL) { - json_object_set_new(hjs, "user-agent", json_string(c)); + json_object_set_new(hjs, "http_user_agent", json_string(c)); SCFree(c); } } else { - json_object_set_new(hjs, "user-agent", json_string("")); + json_object_set_new(hjs, "http_user_agent", json_string("")); } /* x-forwarded-for */ @@ -146,7 +146,7 @@ static void JsonHttpLogJSON(JsonHttpLogThread *aft, json_t *js, htp_tx_t *tx) if (c != NULL) { p = strchrnul(c, ';'); *p = '\0'; - json_object_set_new(hjs, "content-type", json_string(c)); + json_object_set_new(hjs, "http_content_type", json_string(c)); SCFree(c); } } @@ -161,7 +161,7 @@ static void JsonHttpLogJSON(JsonHttpLogThread *aft, json_t *js, htp_tx_t *tx) c = SCStrndup((char *)bstr_ptr(h_referer->value), bstr_len(h_referer->value)); if (c != NULL) { - json_object_set_new(hjs, "referer", json_string(c)); + json_object_set_new(hjs, "http_refer", json_string(c)); SCFree(c); } } @@ -171,7 +171,7 @@ static void JsonHttpLogJSON(JsonHttpLogThread *aft, json_t *js, htp_tx_t *tx) c = SCStrndup((char *)bstr_ptr(tx->request_method), bstr_len(tx->request_method)); if (c != NULL) { - json_object_set_new(hjs, "method", json_string(c)); + json_object_set_new(hjs, "http_method", json_string(c)); SCFree(c); } } diff --git a/src/output-json.c b/src/output-json.c index c3ba9a97d2..55647e2694 100644 --- a/src/output-json.c +++ b/src/output-json.c @@ -208,7 +208,7 @@ json_t *CreateJSONHeader(Packet *p, int direction_sensitive) /* sensor id */ if (sensor_id >= 0) - json_object_set_new(js, "sensor-id", json_integer(sensor_id)); + json_object_set_new(js, "sensor_id", json_integer(sensor_id)); /* pcap_cnt */ if (p->pcap_cnt != 0) { @@ -240,24 +240,24 @@ json_t *CreateJSONHeader(Packet *p, int direction_sensitive) } /* tuple */ - json_object_set_new(js, "srcip", json_string(srcip)); + json_object_set_new(js, "src_ip", json_string(srcip)); switch(p->proto) { case IPPROTO_ICMP: break; case IPPROTO_UDP: case IPPROTO_TCP: case IPPROTO_SCTP: - json_object_set_new(js, "sp", json_integer(sp)); + json_object_set_new(js, "src_port", json_integer(sp)); break; } - json_object_set_new(js, "dstip", json_string(dstip)); + json_object_set_new(js, "dest_ip", json_string(dstip)); switch(p->proto) { case IPPROTO_ICMP: break; case IPPROTO_UDP: case IPPROTO_TCP: case IPPROTO_SCTP: - json_object_set_new(js, "dp", json_integer(dp)); + json_object_set_new(js, "dest_port", json_integer(dp)); break; } json_object_set_new(js, "proto", json_string(proto));