aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

http log: Add extended information

Browse Source
remotes/origin/master-1.1.x
Chris Wakelin 14 years ago committed by Victor Julien
parent 1adf4b868c
commit 8b81063fc2
1 changed files with 97 additions and 0 deletions
Show Stats Download Patch File Download Diff File

97
src/log-httplog.c
Unescape Escape View File

@ -204,6 +204,55 @@ TmEcode LogHttpLogIPv4(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, P
} else {
fprintf(aft->file_ctx->fp, "<useragent unknown>");
}
fprintf(aft->file_ctx->fp, " [**] ");
/* referer */
htp_header_t *h_referer = table_getc(tx->request_headers, "referer");
if (h_referer != NULL) {
PrintRawUriFp(aft->file_ctx->fp,
(uint8_t *)bstr_ptr(h_referer->value),
bstr_len(h_referer->value));
} else {
fprintf(aft->file_ctx->fp, "<no referer>");
}
fprintf(aft->file_ctx->fp, " [**] ");
/* method */
if (tx->request_method != NULL) {
PrintRawUriFp(aft->file_ctx->fp,
(uint8_t *)bstr_ptr(tx->request_method),
bstr_len(tx->request_method));
}
fprintf(aft->file_ctx->fp, " [**] ");
/* protocol */
if (tx->request_protocol != NULL) {
PrintRawUriFp(aft->file_ctx->fp,
(uint8_t *)bstr_ptr(tx->request_protocol),
bstr_len(tx->request_protocol));
}
fprintf(aft->file_ctx->fp, " [**] ");
/* response status */
if (tx->response_status != NULL) {
PrintRawUriFp(aft->file_ctx->fp,
(uint8_t *)bstr_ptr(tx->response_status),
bstr_len(tx->response_status));
/* Redirect? */
if ((tx->response_status_number > 300) && ((tx->response_status_number) < 303)) {
htp_header_t *h_location = table_getc(tx->response_headers, "location");
if (h_location != NULL) {
fprintf(aft->file_ctx->fp, " => ");
PrintRawUriFp(aft->file_ctx->fp,
(uint8_t *)bstr_ptr(h_location->value),
bstr_len(h_location->value));
}
}
}
fprintf(aft->file_ctx->fp, " [**] ");
/* length */
fprintf(aft->file_ctx->fp, "%lu bytes", tx->response_message_len);
/* ip/tcp header info */
fprintf(aft->file_ctx->fp, " [**] %s:%" PRIu16 " -> %s:%" PRIu16 "\n",
@ -319,6 +368,54 @@ TmEcode LogHttpLogIPv6(ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, P
} else {
fprintf(aft->file_ctx->fp, "<useragent unknown>");
}
fprintf(aft->file_ctx->fp, " [**] ");
/* referer */
htp_header_t *h_referer = table_getc(tx->request_headers, "referer");
if (h_referer != NULL) {
PrintRawUriFp(aft->file_ctx->fp,
(uint8_t *)bstr_ptr(h_referer->value),
bstr_len(h_referer->value));
} else {
fprintf(aft->file_ctx->fp, "<no referer>");
}
fprintf(aft->file_ctx->fp, " [**] ");
/* method */
if (tx->request_method != NULL) {
PrintRawUriFp(aft->file_ctx->fp,
(uint8_t *)bstr_ptr(tx->request_method),
bstr_len(tx->request_method));
}
fprintf(aft->file_ctx->fp, " [**] ");
/* protocol */
if (tx->request_protocol != NULL) {
PrintRawUriFp(aft->file_ctx->fp,
(uint8_t *)bstr_ptr(tx->request_protocol),
bstr_len(tx->request_protocol));
}
/* response status */
if (tx->response_status != NULL) {
PrintRawUriFp(aft->file_ctx->fp,
(uint8_t *)bstr_ptr(tx->response_status),
bstr_len(tx->response_status));
/* Redirect? */
if ((tx->response_status_number > 300) && ((tx->response_status_number) < 303)) {
htp_header_t *h_location = table_getc(tx->response_headers, "location");
if (h_location != NULL) {
fprintf(aft->file_ctx->fp, " => ");
PrintRawUriFp(aft->file_ctx->fp,
(uint8_t *)bstr_ptr(h_location->value),
bstr_len(h_location->value));
}
}
}
fprintf(aft->file_ctx->fp, " [**] ");
/* length */
fprintf(aft->file_ctx->fp, "%lu bytes", tx->response_message_len);
/* ip/tcp header info */
fprintf(aft->file_ctx->fp, " [**] %s:%" PRIu16 " -> %s:%" PRIu16 "\n",

Write Preview
Loading…
Cancel
Save