Deduplicate, add more information

Removed duplicate "action" element. Added decoder name and parent. Added hostname.
Mel0day · Aug 12, 2016 · 4985d87 · 4985d87
1 parent aefeecf
commit 4985d87
Showing 1 changed file with 9 additions and 3 deletions.
diff --git a/src/analysisd/format/to_json.c b/src/analysisd/format/to_json.c
@@ -50,6 +50,12 @@ char *Eventinfo_to_jsonstr(const Eventinfo *lf)
         cJSON_AddStringToObject(rule, "info", lf->generated_rule->info);
     }
 
+    if( lf->decoder_info->name ) {
+        cJSON_AddStringToObject(root, "decoder", lf->decoder_info->name);
+    }
+    if( lf->decoder_info->parent ) {
+        cJSON_AddStringToObject(root, "decoder_parent", lf->decoder_info->parent);
+    }
 
     if (lf->action) {
         cJSON_AddStringToObject(root, "action", lf->action);
@@ -119,9 +125,6 @@ char *Eventinfo_to_jsonstr(const Eventinfo *lf)
     if ( lf->data ) {
         cJSON_AddStringToObject(root, "data", lf->data);
     }
-    if ( lf->action ) {
-        cJSON_AddStringToObject(root, "action", lf->action);
-    }
     if ( lf->url ) {
         cJSON_AddStringToObject(root, "url", lf->url);
     }
@@ -131,6 +134,9 @@ char *Eventinfo_to_jsonstr(const Eventinfo *lf)
     if ( lf->status ) {
         cJSON_AddStringToObject(root, "status", lf->status);
     }
+    if ( lf->hostname ) {
+        cJSON_AddStringToObject(root, "hostname", lf->hostname);
+    }
     if ( lf->program_name ) {
         cJSON_AddStringToObject(root, "program_name", lf->program_name);
     }