[Oisf-devel] [COMMIT] OISF branch, master, updated. suricata-2.0beta2-205-g31a024c
noreply at openinfosecfoundation.org
noreply at openinfosecfoundation.org
Fri Jan 31 08:11:42 UTC 2014
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "OISF".
The branch, master has been updated
via 31a024c9b5a37ac17232806a72bfa7aa7acdaf2f (commit)
via cd7a5ff0ca80703cd43cbc55c883e906c455c448 (commit)
via efd4c42c0a0b0c30043aa02f49a1dade9cb56fd6 (commit)
via 99504274668fd5b066e6c6007c1cc510bb2701c8 (commit)
via 870bb23ff6b5403eb3b3fbecd4784a4b2458170e (commit)
via 6cecb4e4d24d068b1f7c55aa5a0a39e23494404a (commit)
via 5874f52ec63b824a09af04a3c704b28d9e40cc23 (commit)
via b5ef269b03bdc51a985fbb852f619bcda6ff13fe (commit)
via 3fc63d365611d47cabcdbb070925b6f48facfc04 (commit)
via 039f7b3e5f828588c14916dae426862e25a9d43c (commit)
via a9eab06593e71c28ec8edb10a0a58b77cc16f913 (commit)
via 3a794f7a6341720532fedcbe63896d346eb4015c (commit)
via f0aa2ed240c45cbe8c0e2ef62efa6f5faddaa1e3 (commit)
via 4bd37cc46a839c23d423976f80961cf312e483cb (commit)
via 52c3d3ad7c1c075a8b6a1ffd44f63bd8f8723e7c (commit)
via 85335d9cbeb101dac74e3ef8fb3a576f06803b2b (commit)
via 42858647e2e7fc46e45b6cbab43319713bfed2e8 (commit)
via 79771ff570086701d31e6ba5649cb2fbcc8a010f (commit)
via f830cb80268962300312826ee7bca3d34bb506ba (commit)
via 8c3e71559a055c64206dc0c4afa7425553550bcd (commit)
via bc71a43e089b5a028c13d7861b87c7c53fb97698 (commit)
via 4874d5abbbed4403c7d29e468a91c2ab3e988ed2 (commit)
via 18458a14fb17a719494c5695ddb05e29097e8339 (commit)
via 6fd1b31c57d15ac97d9547ac486a678d8131eea7 (commit)
via a3d86594dcacdd0d2c5fe459cf1763ced2acb22a (commit)
via 55df2d5cdb132f19cee293ab0f0c442d321aa194 (commit)
via 0c067646a86973ee2426defc9110337a372add00 (commit)
via 730ee3d7215bb1c7c47a7d663ba2a74ce16b7e9b (commit)
via 88a04742c013b2b4fe0bf6a86ece6d538a55458e (commit)
via b4ac0d90a4684b25e0d170bf4042a7a9af64c514 (commit)
via a12fa7c4e1d64d7d5c230222e55ccd5fc9207b60 (commit)
via 6974817f72bbb31540c3bcff0dfe38a1161e7451 (commit)
via a44b2b987bac5c5179ef30c0099694d96ba14dc3 (commit)
via 3241732e277b6a79cb005dd1dd05799a489cbe19 (commit)
via 3bc95c925860ea5ffdf7eab07cd7b740ff00b75e (commit)
via 8adbc741ba605323e5a707a675caf52888ba2554 (commit)
via 07d3b38d3bd071d300cced3a76f5f4a8d7372005 (commit)
via 1dd6d7a104e06912edc9875683f4ed0a2f7ac3c1 (commit)
via 6c1de2115c21d86d05a6833518e8386191e9601c (commit)
via c654b63f6a2dc331a64d0eed19f28739b6843fc0 (commit)
via 51b7cf149108f754e2191b93ae67188cc86af2db (commit)
via c8beb9bf9da89f06e18f4c4dcbdda2458c659fa3 (commit)
via 8c95b085c5ac12e21808fd3fd2c162fb51658b5d (commit)
via ce6b07b1b9dd2b71883ad09b9126d251c8e1dcbd (commit)
via 11f84d4ff70f260b17da1750a56b5d93eac59c67 (commit)
via 280e4bcb618fb3488e951b2ef66080dd790b0933 (commit)
via 34d04c310470f56be32ff012e084e58cbdc32b15 (commit)
via 0df6af3a0b8cfd9c3b8c918c2d6f647b61bc7ba5 (commit)
via 5543b6eef436d13cdfc362050e6f0d45bc79c9bb (commit)
via b94b8e03bdc9a8deb073db8faa129586a5d76eeb (commit)
via 07571367d3bcf51be6866fbed293ae649eca809d (commit)
via 860523f5bcad559787deacdfa4de0070c38f25b7 (commit)
via e9b192fcc0f1765b7932c5f6f196df136c74d130 (commit)
via 5498654114a3bd082df0128a277ffde6e4001cb1 (commit)
from 7450f32351ab408878b022189736544bcdd613d8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 31a024c9b5a37ac17232806a72bfa7aa7acdaf2f
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 15:22:55 2014 +0100
Various fixes for scan-build warnings
commit cd7a5ff0ca80703cd43cbc55c883e906c455c448
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 14:38:03 2014 +0100
output: cleanups
Preparation of making output type for json logs configurable.
commit efd4c42c0a0b0c30043aa02f49a1dade9cb56fd6
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 13:58:28 2014 +0100
json tls log: rename to output-json-tls
commit 99504274668fd5b066e6c6007c1cc510bb2701c8
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 13:49:42 2014 +0100
output: check for multiple instances of drop and tls
Both the drop and tls logs are currently not designed to have multiple
instances running. So until that is changed, error out if more than one
instance is started.
commit 870bb23ff6b5403eb3b3fbecd4784a4b2458170e
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 13:34:45 2014 +0100
json drop log: rename to output-json-drop
commit 6cecb4e4d24d068b1f7c55aa5a0a39e23494404a
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 13:29:36 2014 +0100
json dns: rename output-dnslog -> output-json-dns
commit 5874f52ec63b824a09af04a3c704b28d9e40cc23
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 13:26:59 2014 +0100
json: rename output-httplog -> output-json-http
commit b5ef269b03bdc51a985fbb852f619bcda6ff13fe
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 13:20:47 2014 +0100
json outputs: cleanups
Clean up header files and improve memory handling.
commit 3fc63d365611d47cabcdbb070925b6f48facfc04
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 12:26:01 2014 +0100
jansson file log: make file log module
Turn the libjansson based file logger into a file module, as a child
of eve-log.
commit 039f7b3e5f828588c14916dae426862e25a9d43c
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 11:45:30 2014 +0100
tls json: turn into packet logger
Like log-tls, turn the json tls logger into a packet logger as the
protocol parser is not tx aware.
Make it a child of eve-log as well.
commit a9eab06593e71c28ec8edb10a0a58b77cc16f913
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 10:59:51 2014 +0100
output: simple name space support for sub modules
To avoid module name clashes, a submode abc of parent xyz, will now
register itself as xyz.abc.
commit 3a794f7a6341720532fedcbe63896d346eb4015c
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 10:50:38 2014 +0100
drop-json: make child of eve-log
Make drop json child of eve-log.
commit f0aa2ed240c45cbe8c0e2ef62efa6f5faddaa1e3
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 10:15:59 2014 +0100
json drop log: move into packet module
Move JSON drop log into a full packet module.
commit 4bd37cc46a839c23d423976f80961cf312e483cb
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 09:18:12 2014 +0100
log api: use AppProto instead of uint16_t
commit 52c3d3ad7c1c075a8b6a1ffd44f63bd8f8723e7c
Author: Victor Julien <victor at inliniac.net>
Date: Thu Jan 30 09:14:59 2014 +0100
log api: convert all names to const
Instead of strdupping all names w/o a need, use const ptrs.
commit 85335d9cbeb101dac74e3ef8fb3a576f06803b2b
Author: Victor Julien <victor at inliniac.net>
Date: Wed Jan 29 19:42:46 2014 +0100
alert json: make child of eve-log
Enable alert json for eve-log by registering the module as a sub-
module of eve-log.
commit 42858647e2e7fc46e45b6cbab43319713bfed2e8
Author: Victor Julien <victor at inliniac.net>
Date: Wed Jan 29 18:50:32 2014 +0100
alert-json: make full module out of json alert
Make a full module out of the json alert code in output-json-alert.[ch].
commit 79771ff570086701d31e6ba5649cb2fbcc8a010f
Author: Victor Julien <victor at inliniac.net>
Date: Wed Jan 29 18:19:27 2014 +0100
output: sub-module support for other log api's
Packets:
void OutputRegisterPacketSubModule(const char *parent_name, char *name, char *conf_name,
OutputCtx *(*InitFunc)(ConfNode *, OutputCtx *),
PacketLogger LogFunc, PacketLogCondition ConditionFunc);
Files:
void OutputRegisterFileSubModule(const char *parent_name, char *name, char *conf_name,
OutputCtx *(*InitFunc)(ConfNode *, OutputCtx *), FileLogger FileLogFunc);
Filedata:
void OutputRegisterFiledataSubModule(const char *parent_name, char *name, char *conf_name,
OutputCtx *(*InitFunc)(ConfNode *, OutputCtx *), FiledataLogger FiledataLogFunc);
commit f830cb80268962300312826ee7bca3d34bb506ba
Author: Victor Julien <victor at inliniac.net>
Date: Wed Jan 29 17:38:04 2014 +0100
output: introduce concept of sub-modules
To support the 'eve-log' idea, we need to be able to force all log
modules to be enabled by the master eve-log module, and need to be
able to make all logs go into a single file. This didn't fit the
API so far, so added the sub-module concept.
A sub-module is a regular module, that registers itself as a sub-
module of another module:
OutputRegisterTxSubModule("eve-log", "JsonHttpLog", "http",
OutputHttpLogInitSub, ALPROTO_HTTP, JsonHttpLogger);
The first argument is the name of the parent. The 4th argument is
the OutputCtx init function. It differs slightly from the non-sub
one. The different is that in addition to it's ConfNode, it gets
the OutputCtx from the parent. This way it can set the parents
LogFileCtx in it's own OutputCtx.
The runmode setup code will take care of all the extra setup. It's
possible to register a module both as a normal module and as a sub-
module, which can operate at the same time.
Only the TxLogger API is handled in this patch, the rest will be
updated later.
commit 8c3e71559a055c64206dc0c4afa7425553550bcd
Author: Victor Julien <victor at inliniac.net>
Date: Wed Jan 29 15:29:15 2014 +0100
dns-json: turn logger to tx api
Convert Json DNS logger into a Tx Logger API logger.
commit bc71a43e089b5a028c13d7861b87c7c53fb97698
Author: Victor Julien <victor at inliniac.net>
Date: Wed Jan 29 14:36:22 2014 +0100
http-json: separate module using tx api
Turn HTTP json logger into a Tx Logger API logger.
commit 4874d5abbbed4403c7d29e468a91c2ab3e988ed2
Author: Victor Julien <victor at inliniac.net>
Date: Wed Jan 29 11:32:10 2014 +0100
Various compile fixes after rebase with master
commit 18458a14fb17a719494c5695ddb05e29097e8339
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Thu Jan 16 16:18:54 2014 -0800
json: rebase fixes
- restore json output-file.[ch] as output-json-file.[ch] after rebase conflict
- fix Makefile.am after merge conflict
- some dev-log-api-v4.0 rebase json fallout cleanup
commit 6fd1b31c57d15ac97d9547ac486a678d8131eea7
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 19 12:58:47 2013 -0800
Remaining JSON output pull request comment edits
commit a3d86594dcacdd0d2c5fe459cf1763ced2acb22a
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Mon Nov 18 14:36:52 2013 -0800
address most initial JSON pull request comments
commit 55df2d5cdb132f19cee293ab0f0c442d321aa194
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Wed Nov 13 19:33:00 2013 -0800
add "united" drop JSON log
commit 0c067646a86973ee2426defc9110337a372add00
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Wed Nov 13 11:17:03 2013 -0800
Add "united" JSON files output
commit 730ee3d7215bb1c7c47a7d663ba2a74ce16b7e9b
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 12 22:43:19 2013 -0800
First cut at "united" file log output in JSON
commit 88a04742c013b2b4fe0bf6a86ece6d538a55458e
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 12 18:48:37 2013 -0800
JSON output cleanup
commit b4ac0d90a4684b25e0d170bf4042a7a9af64c514
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 12 18:13:43 2013 -0800
remove unused http JSON code
commit a12fa7c4e1d64d7d5c230222e55ccd5fc9207b60
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 12 18:09:01 2013 -0800
more output JSON cleanup
commit 6974817f72bbb31540c3bcff0dfe38a1161e7451
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 12 17:45:56 2013 -0800
remove dead JSON DNS output code
commit a44b2b987bac5c5179ef30c0099694d96ba14dc3
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 12 17:43:00 2013 -0800
JSON output cleanup
commit 3241732e277b6a79cb005dd1dd05799a489cbe19
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 12 17:28:16 2013 -0800
rename alert-json.[ch] output-json.[ch]
commit 3bc95c925860ea5ffdf7eab07cd7b740ff00b75e
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 12 16:56:48 2013 -0800
fix compile errors w/o libjansson
commit 8adbc741ba605323e5a707a675caf52888ba2554
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 12 15:41:50 2013 -0800
remove unused JSON TMM_*JSON enumerations
commit 07d3b38d3bd071d300cced3a76f5f4a8d7372005
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Fri Nov 8 11:39:49 2013 -0800
Add support for JSON output to syslog/unix_stream/unix_dgram
commit 1dd6d7a104e06912edc9875683f4ed0a2f7ac3c1
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Fri Nov 8 11:27:52 2013 -0800
Add "united" log to suricata.yaml.in
commit 6c1de2115c21d86d05a6833518e8386191e9601c
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Fri Nov 8 11:24:18 2013 -0800
JSON output cleanup
commit c654b63f6a2dc331a64d0eed19f28739b6843fc0
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Wed Nov 6 15:12:43 2013 -0800
add united TLS JSON logging
commit 51b7cf149108f754e2191b93ae67188cc86af2db
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 5 18:45:11 2013 -0800
add ICMP type and code support to JSON log
commit c8beb9bf9da89f06e18f4c4dcbdda2458c659fa3
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 5 14:48:39 2013 -0800
Support for configuration of JSON http output module
commit 8c95b085c5ac12e21808fd3fd2c162fb51658b5d
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Nov 5 09:50:47 2013 -0800
Add vlan and pcap_cnt to JSON logs
commit ce6b07b1b9dd2b71883ad09b9126d251c8e1dcbd
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Mon Nov 4 20:33:51 2013 -0800
First cut at united .yaml configuration
commit 11f84d4ff70f260b17da1750a56b5d93eac59c67
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Mon Nov 4 12:54:36 2013 -0800
beginning of JSON config alignment
commit 280e4bcb618fb3488e951b2ef66080dd790b0933
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Mon Nov 4 11:57:03 2013 -0800
move some JSON alert work outside of lock
commit 34d04c310470f56be32ff012e084e58cbdc32b15
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Mon Nov 4 11:41:56 2013 -0800
JSON cleanup
commit 0df6af3a0b8cfd9c3b8c918c2d6f647b61bc7ba5
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Mon Nov 4 08:22:51 2013 -0800
Alert/HTTP/DNS JSON output working with Logstash
commit 5543b6eef436d13cdfc362050e6f0d45bc79c9bb
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Sun Oct 27 02:23:59 2013 -0700
nested json alert output
commit b94b8e03bdc9a8deb073db8faa129586a5d76eeb
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Oct 22 04:52:39 2013 -0700
cleanup fallout from upstream merge with alert json work
commit 07571367d3bcf51be6866fbed293ae649eca809d
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Tue Jun 25 12:40:16 2013 -0700
Change JSON alert syslog level to INFO
commit 860523f5bcad559787deacdfa4de0070c38f25b7
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Wed Jun 12 11:04:11 2013 -0700
fix NULL string into JSON in alert-json
commit e9b192fcc0f1765b7932c5f6f196df136c74d130
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Wed Jun 5 09:25:06 2013 -0700
change srcport->sp dstport->dp
commit 5498654114a3bd082df0128a277ffde6e4001cb1
Author: Tom DeCanio <decanio.tom at gmail.com>
Date: Thu May 30 14:04:34 2013 -0700
Add JSON formatted alert output
-----------------------------------------------------------------------
Summary of changes:
src/Makefile.am | 7 +
src/log-droplog.c | 6 +
src/log-tlslog.c | 6 +
src/output-file.c | 9 +-
src/output-file.h | 2 +-
src/output-filedata.c | 9 +-
src/output-filedata.h | 2 +-
src/output-json-alert.c | 342 ++++++++++++++++++
src/{log-droplog.h => output-json-alert.h} | 14 +-
src/{log-dnslog.c => output-json-dns.c} | 321 ++++++++++--------
src/{log-dnslog.h => output-json-dns.h} | 10 +-
src/output-json-drop.c | 336 ++++++++++++++++++
src/{log-droplog.h => output-json-drop.h} | 11 +-
src/output-json-file.c | 358 +++++++++++++++++++
src/{log-dnslog.h => output-json-file.h} | 10 +-
src/output-json-http.c | 394 +++++++++++++++++++++
src/{detect-rev.h => output-json-http.h} | 11 +-
src/output-json-tls.c | 376 ++++++++++++++++++++
src/{detect-http-ua.h => output-json-tls.h} | 10 +-
src/output-json.c | 495 +++++++++++++++++++++++++++
src/output-json.h | 62 ++++
src/output-packet.c | 8 +-
src/output-packet.h | 2 +-
src/output-tx.c | 11 +-
src/output-tx.h | 2 +-
src/output.c | 205 +++++++++--
src/output.h | 40 ++-
src/runmodes.c | 265 +++++++++------
src/suricata.c | 20 ++
src/tm-modules.c | 2 +-
src/tm-modules.h | 2 +-
src/tm-threads-common.h | 7 +
src/util-mem.h | 40 +++
suricata.yaml.in | 23 ++
34 files changed, 3055 insertions(+), 363 deletions(-)
create mode 100644 src/output-json-alert.c
copy src/{log-droplog.h => output-json-alert.h} (70%)
copy src/{log-dnslog.c => output-json-dns.c} (50%)
copy src/{log-dnslog.h => output-json-dns.h} (80%)
create mode 100644 src/output-json-drop.c
copy src/{log-droplog.h => output-json-drop.h} (80%)
create mode 100644 src/output-json-file.c
copy src/{log-dnslog.h => output-json-file.h} (80%)
create mode 100644 src/output-json-http.c
copy src/{detect-rev.h => output-json-http.h} (80%)
create mode 100644 src/output-json-tls.c
copy src/{detect-http-ua.h => output-json-tls.h} (80%)
create mode 100644 src/output-json.c
create mode 100644 src/output-json.h
hooks/post-receive
--
OISF
More information about the Oisf-devel
mailing list