From 730ee3d7215bb1c7c47a7d663ba2a74ce16b7e9b Mon Sep 17 00:00:00 2001
From: Tom DeCanio <decanio.tom@gmail.com>
Date: Tue, 12 Nov 2013 22:43:19 -0800
Subject: [PATCH] First cut at "united" file log output in JSON

---
 src/Makefile.am   |  1 +
 src/output-json.c | 17 ++++++++++++++---
 src/output-json.h |  3 +++
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/src/Makefile.am b/src/Makefile.am
index 18c86d56a0..49d526929f 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -219,6 +219,7 @@ output-filedata.c output-filedata.h \
 output-packet.c output-packet.h \
 output-tx.c output-tx.h \
 output-dnslog.c output-dnslog.h \
+output-file.c output-file.h \
 output-httplog.c output-httplog.h \
 output-json.c output-json.h \
 output-tlslog.c output-tlslog.h \
diff --git a/src/output-json.c b/src/output-json.c
index 93927e5517..0444b9366b 100644
--- a/src/output-json.c
+++ b/src/output-json.c
@@ -51,6 +51,8 @@
 #include "output-dnslog.h"
 #include "output-httplog.h"
 #include "output-tlslog.h"
+#include "output-file.h"
+#include "output-json.h"
 
 #include "util-byte.h"
 #include "util-privs.h"
@@ -60,7 +62,6 @@
 #include "util-buffer.h"
 #include "util-logopenfile.h"
 
-#include "output-json.h"
 
 #ifndef HAVE_LIBJANSSON
 
@@ -163,8 +164,9 @@ static enum json_output json_out = ALERT_FILE;
 
 #define OUTPUT_ALERTS (1<<0)
 #define OUTPUT_DNS    (1<<1)
-#define OUTPUT_HTTP   (1<<2)
-#define OUTPUT_TLS    (1<<3)
+#define OUTPUT_FILES  (1<<2)
+#define OUTPUT_HTTP   (1<<3)
+#define OUTPUT_TLS    (1<<4)
 
 static uint32_t outputFlags = 0;
 
@@ -527,6 +529,10 @@ TmEcode AlertJson (ThreadVars *tv, Packet *p, void *data, PacketQueue *pq, Packe
         OutputDnsLog(tv, p, data, pq, postpq);
     }
 
+    if (outputFlags & OUTPUT_FILES) {
+        OutputFileLog(tv, p, data, pq, postpq);
+    }
+
     if (outputFlags & OUTPUT_HTTP) {
         OutputHttpLog(tv, p, data, pq, postpq);
     }
@@ -711,6 +717,11 @@ OutputCtx *AlertJsonInitCtx(ConfNode *conf)
                     outputFlags |= OUTPUT_DNS;
                     continue;
                 }
+                if (strcmp(output->val, "files") == 0) {
+                    SCLogDebug("Enabling files output");
+                    outputFlags |= OUTPUT_FILES;
+                    continue;
+                }
                 if (strcmp(output->val, "http") == 0) {
                     SCLogDebug("Enabling HTTP output");
                     ConfNode *child = ConfNodeLookupChild(output, "http");
diff --git a/src/output-json.h b/src/output-json.h
index 17500eeeb7..f914a141f4 100644
--- a/src/output-json.h
+++ b/src/output-json.h
@@ -42,6 +42,7 @@ OutputCtx *AlertJsonInitCtx(ConfNode *);
 typedef struct OutputJsonCtx_ {
     LogFileCtx *file_ctx;
     OutputCtx *http_ctx;
+    OutputCtx *files_ctx;
     OutputCtx *tls_ctx;
 } OutputJsonCtx;
 
@@ -53,9 +54,11 @@ typedef struct AlertJsonThread_ {
 
     uint64_t alert_cnt;
     uint64_t dns_cnt;
+    uint64_t files_cnt;
     uint64_t http_cnt;
     uint64_t tls_cnt;
     OutputCtx *http_ctx;
+    OutputCtx *files_ctx;
     OutputCtx *tls_ctx;
 } AlertJsonThread;