|
|
|
@ -65,6 +65,31 @@ typedef struct JsonSshLogThread_ {
|
|
|
|
MemBuffer *buffer;
|
|
|
|
MemBuffer *buffer;
|
|
|
|
} JsonSshLogThread;
|
|
|
|
} JsonSshLogThread;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
void JsonSshLogJSON(json_t *tjs, SshState *ssh_state)
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
json_t *cjs = json_object();
|
|
|
|
|
|
|
|
if (cjs != NULL) {
|
|
|
|
|
|
|
|
json_object_set_new(cjs, "proto_version",
|
|
|
|
|
|
|
|
json_string((char *)ssh_state->cli_hdr.proto_version));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
json_object_set_new(cjs, "software_version",
|
|
|
|
|
|
|
|
json_string((char *)ssh_state->cli_hdr.software_version));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
json_object_set_new(tjs, "client", cjs);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
json_t *sjs = json_object();
|
|
|
|
|
|
|
|
if (sjs != NULL) {
|
|
|
|
|
|
|
|
json_object_set_new(sjs, "proto_version",
|
|
|
|
|
|
|
|
json_string((char *)ssh_state->srv_hdr.proto_version));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
json_object_set_new(sjs, "software_version",
|
|
|
|
|
|
|
|
json_string((char *)ssh_state->srv_hdr.software_version));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
json_object_set_new(tjs, "server", sjs);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int JsonSshLogger(ThreadVars *tv, void *thread_data, const Packet *p)
|
|
|
|
static int JsonSshLogger(ThreadVars *tv, void *thread_data, const Packet *p)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
JsonSshLogThread *aft = (JsonSshLogThread *)thread_data;
|
|
|
|
JsonSshLogThread *aft = (JsonSshLogThread *)thread_data;
|
|
|
|
@ -102,25 +127,7 @@ static int JsonSshLogger(ThreadVars *tv, void *thread_data, const Packet *p)
|
|
|
|
/* reset */
|
|
|
|
/* reset */
|
|
|
|
MemBufferReset(buffer);
|
|
|
|
MemBufferReset(buffer);
|
|
|
|
|
|
|
|
|
|
|
|
json_t *cjs = json_object();
|
|
|
|
JsonSshLogJSON(tjs, ssh_state);
|
|
|
|
if (cjs != NULL) {
|
|
|
|
|
|
|
|
json_object_set_new(cjs, "proto_version",
|
|
|
|
|
|
|
|
json_string((char *)ssh_state->cli_hdr.proto_version));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
json_object_set_new(cjs, "software_version",
|
|
|
|
|
|
|
|
json_string((char *)ssh_state->cli_hdr.software_version));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
json_object_set_new(tjs, "client", cjs);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
json_t *sjs = json_object();
|
|
|
|
|
|
|
|
if (sjs != NULL) {
|
|
|
|
|
|
|
|
json_object_set_new(sjs, "proto_version",
|
|
|
|
|
|
|
|
json_string((char *)ssh_state->srv_hdr.proto_version));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
json_object_set_new(sjs, "software_version",
|
|
|
|
|
|
|
|
json_string((char *)ssh_state->srv_hdr.software_version));
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
json_object_set_new(tjs, "server", sjs);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
json_object_set_new(js, "ssh", tjs);
|
|
|
|
json_object_set_new(js, "ssh", tjs);
|
|
|
|
|
|
|
|
|
|
|
|
|
Eric Leblond
10 years ago