Logger is the output part of Suricata, which outputs various valuable analysis results to the outside of Suricata. Firstly, let’s begin with the usage of it.
1.Usage
OutputLoggerLog() in FlowWorker(): traverse the RootLoggers list and call the callback logFunction.
2.Registration
To be honest, it’s not that straight forward.
A.The first step:
void TmModuleLoggerRegister(void)
{
OutputRegisterRootLoggers();
OutputRegisterLoggers();
}
// Register loggers to RootLoggers according to the classification: packet, tx, filddata and etc. And every classification has its own list to store their OutputModule.
void OutputRegisterRootLoggers(void)
{
OutputPacketLoggerRegister();
OutputTxLoggerRegister();
OutputFiledataLoggerRegister();
OutputFileLoggerRegister();
OutputStreamingLoggerRegister();
}
// The mostly used logg
最低0.47元/天 解锁文章
1619
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
