diff --git a/doc/userguide/devguide/extending/output/index.rst b/doc/userguide/devguide/extending/output/index.rst index de766a796809..8cda0ce7e67d 100644 --- a/doc/userguide/devguide/extending/output/index.rst +++ b/doc/userguide/devguide/extending/output/index.rst @@ -88,3 +88,14 @@ function: :language: c :start-at: /** \brief Register a file logger :end-at: ); + +File-data Logging +~~~~~~~~~~~~~~~~~ + +File-data loggers can be registered with the +``SCOutputRegisterFileDataLogger`` function: + +.. literalinclude:: ../../../../../src/output-filedata.h + :language: c + :start-at: /** \brief Register a file-data logger + :end-at: ); diff --git a/src/output-filedata.c b/src/output-filedata.c index ae6164b8e202..fdff2d97810f 100644 --- a/src/output-filedata.c +++ b/src/output-filedata.c @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2022 Open Information Security Foundation +/* Copyright (C) 2007-2024 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -40,7 +40,7 @@ bool g_filedata_logger_enabled = false; * it's perfectly valid that have multiple instances of the same * log module (e.g. http.log) with different output ctx'. */ typedef struct OutputFiledataLogger_ { - FiledataLogger LogFunc; + SCFiledataLogger LogFunc; void *initdata; struct OutputFiledataLogger_ *next; const char *name; @@ -51,7 +51,7 @@ typedef struct OutputFiledataLogger_ { static OutputFiledataLogger *list = NULL; -int OutputRegisterFiledataLogger(LoggerId id, const char *name, FiledataLogger LogFunc, +int SCOutputRegisterFiledataLogger(LoggerId id, const char *name, SCFiledataLogger LogFunc, void *initdata, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) { OutputFiledataLogger *op = SCCalloc(1, sizeof(*op)); diff --git a/src/output-filedata.h b/src/output-filedata.h index cb0cbcd9594b..968331f80928 100644 --- a/src/output-filedata.h +++ b/src/output-filedata.h @@ -1,4 +1,4 @@ -/* Copyright (C) 2007-2022 Open Information Security Foundation +/* Copyright (C) 2007-2024 Open Information Security Foundation * * You can copy, redistribute or modify this Program under the terms of * the GNU General Public License version 2 as published by the Free @@ -45,11 +45,32 @@ void OutputFiledataLogFfc(ThreadVars *tv, OutputFiledataLoggerThreadData *td, Pa AppLayerGetFileState files, void *txv, const uint64_t tx_id, AppLayerTxData *txd, const uint8_t call_flags, const bool file_close, const bool file_trunc, const uint8_t dir); -/** filedata logger function pointer type */ -typedef int (*FiledataLogger)(ThreadVars *, void *thread_data, const Packet *, File *, void *tx, +/** + * \brief File-data logger function pointer type. + */ +typedef int (*SCFiledataLogger)(ThreadVars *, void *thread_data, const Packet *, File *, void *tx, const uint64_t tx_id, const uint8_t *, uint32_t, uint8_t, uint8_t dir); -int OutputRegisterFiledataLogger(LoggerId id, const char *name, FiledataLogger LogFunc, +/** \brief Register a file-data logger. + * + * \param logger_id An ID used to distinguish this logger from others + * while profiling. + * + * \param name An informational name for this logger. Used only for + * debugging. + * + * \param LogFunc A function that will be called to log each file-data. + * + * \param initdata Initialization data that will pass to the + * ThreadInitFunc. + * + * \param ThreadInitFunc Thread initialization function. + * + * \param ThreadDeinitFunc Thread de-initialization function. + * + * \retval 0 on success, -1 on failure. + */ +int SCOutputRegisterFiledataLogger(LoggerId id, const char *name, SCFiledataLogger LogFunc, void *initdata, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit); void OutputFiledataLoggerRegister(void); diff --git a/src/output.c b/src/output.c index 9469bfada93a..002f33b5abc6 100644 --- a/src/output.c +++ b/src/output.c @@ -428,7 +428,7 @@ void OutputRegisterFileSubModule(LoggerId id, const char *parent_name, const cha * \retval Returns 0 on success, -1 on failure. */ void OutputRegisterFiledataModule(LoggerId id, const char *name, const char *conf_name, - OutputInitFunc InitFunc, FiledataLogger FiledataLogFunc, ThreadInitFunc ThreadInit, + OutputInitFunc InitFunc, SCFiledataLogger FiledataLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit) { if (unlikely(FiledataLogFunc == NULL)) { diff --git a/src/output.h b/src/output.h index f9e8a6f51d48..43bd9d8b8f74 100644 --- a/src/output.h +++ b/src/output.h @@ -69,7 +69,7 @@ typedef struct OutputModule_ { TxLogger TxLogFunc; TxLoggerCondition TxLogCondition; SCFileLogger FileLogFunc; - FiledataLogger FiledataLogFunc; + SCFiledataLogger FiledataLogFunc; FlowLogger FlowLogFunc; SCStreamingLogger StreamingLogFunc; StatsLogger StatsLogFunc; @@ -120,7 +120,7 @@ void OutputRegisterFileSubModule(LoggerId id, const char *parent_name, const cha ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit); void OutputRegisterFiledataModule(LoggerId id, const char *name, const char *conf_name, - OutputInitFunc InitFunc, FiledataLogger FiledataLogFunc, ThreadInitFunc ThreadInit, + OutputInitFunc InitFunc, SCFiledataLogger FiledataLogFunc, ThreadInitFunc ThreadInit, ThreadDeinitFunc ThreadDeinit); void OutputRegisterFlowSubModule(LoggerId id, const char *parent_name, const char *name, diff --git a/src/runmodes.c b/src/runmodes.c index e9fb64a15368..5cbe7008debf 100644 --- a/src/runmodes.c +++ b/src/runmodes.c @@ -630,7 +630,7 @@ static void SetupOutput( } } else if (module->FiledataLogFunc) { SCLogDebug("%s is a filedata logger", module->name); - OutputRegisterFiledataLogger(module->logger_id, module->name, module->FiledataLogFunc, + SCOutputRegisterFiledataLogger(module->logger_id, module->name, module->FiledataLogFunc, output_ctx, module->ThreadInit, module->ThreadDeinit); filedata_logger_count++; } else if (module->FileLogFunc) {