diff --git a/src/assay.cc b/src/assay.cc index b3aff08c..a2316ede 100644 --- a/src/assay.cc +++ b/src/assay.cc @@ -695,6 +695,7 @@ std::string Assay::to_json(int parts) { std::string ts = ascTime(&timeStamp).c_str(); std::string uniqueId = UniqueId::uniqueId(); + parts = 0; g = yajl_gen_alloc(NULL); if (g == NULL) { return ""; @@ -709,6 +710,7 @@ std::string Assay::to_json(int parts) { strlen("transaction")); yajl_gen_map_open(g); + /* Part: A (header mandatory) */ LOGFY_ADD("client_ip", this->m_clientIpAddress); LOGFY_ADD("time_stamp", ts.c_str()); LOGFY_ADD("server_id", uniqueId.c_str()); @@ -725,27 +727,33 @@ std::string Assay::to_json(int parts) { LOGFY_ADD("protocol", m_protocol); LOGFY_ADD_INT("http_version", m_httpVersion); LOGFY_ADD("uri", this->m_uri); - LOGFY_ADD("body", this->m_requestBody.str().c_str()); - /* request headers */ - yajl_gen_string(g, reinterpret_cast("headers"), - strlen("headers")); - yajl_gen_map_open(g); - - for (auto h : this->m_variables_strings) { - std::string filter = "REQUEST_HEADERS:"; - std::string a = h.first; - std::string b = h.second; - - if (a.compare(0, filter.length(), filter) == 0) { - if (a.length() > filter.length()) { - LOGFY_ADD(a.c_str() + filter.length(), b.c_str()); - } - } + if (parts & AuditLog::CAuditLogPart) { + LOGFY_ADD("body", this->m_requestBody.str().c_str()); + } + + /* request headers */ + if (parts & AuditLog::BAuditLogPart) { + yajl_gen_string(g, reinterpret_cast("headers"), + strlen("headers")); + yajl_gen_map_open(g); + + for (auto h : this->m_variables_strings) { + std::string filter = "REQUEST_HEADERS:"; + std::string a = h.first; + std::string b = h.second; + + if (a.compare(0, filter.length(), filter) == 0) { + if (a.length() > filter.length()) { + LOGFY_ADD(a.c_str() + filter.length(), b.c_str()); + } + } + } + + /* end: request headers */ + yajl_gen_map_close(g); } - /* end: request headers */ - yajl_gen_map_close(g); /* end: request */ yajl_gen_map_close(g); @@ -754,61 +762,66 @@ std::string Assay::to_json(int parts) { strlen("response")); yajl_gen_map_open(g); - LOGFY_ADD("body", this->m_responseBody.str().c_str()); + if (parts & AuditLog::GAuditLogPart) { + LOGFY_ADD("body", this->m_responseBody.str().c_str()); + } LOGFY_ADD_NUM("http_code", httpCodeReturned); /* response headers */ - yajl_gen_string(g, reinterpret_cast("headers"), - strlen("headers")); - yajl_gen_map_open(g); + if (parts & AuditLog::FAuditLogPart) { + yajl_gen_string(g, reinterpret_cast("headers"), + strlen("headers")); + yajl_gen_map_open(g); - for (auto h : this->m_variables_strings) { - std::string filter = "RESPONSE_HEADERS:"; - std::string a = h.first; - std::string b = h.second; + for (auto h : this->m_variables_strings) { + std::string filter = "RESPONSE_HEADERS:"; + std::string a = h.first; + std::string b = h.second; - if (a.compare(0, filter.length(), filter) == 0) { - if (a.length() > filter.length()) { - LOGFY_ADD(a.c_str() + filter.length(), b.c_str()); + if (a.compare(0, filter.length(), filter) == 0) { + if (a.length() > filter.length()) { + LOGFY_ADD(a.c_str() + filter.length(), b.c_str()); + } } } + /* end: response headers */ + yajl_gen_map_close(g); } - /* end: response headers */ - yajl_gen_map_close(g); /* end: response */ yajl_gen_map_close(g); /* producer */ - yajl_gen_string(g, reinterpret_cast("producer"), - strlen("producer")); - yajl_gen_map_open(g); + if (parts & AuditLog::HAuditLogPart) { + yajl_gen_string(g, reinterpret_cast("producer"), + strlen("producer")); + yajl_gen_map_open(g); - /* producer > libmodsecurity */ - LOGFY_ADD("modsecurity", ModSecurity::whoAmI().c_str()); + /* producer > libmodsecurity */ + LOGFY_ADD("modsecurity", ModSecurity::whoAmI().c_str()); - /* producer > connector */ - LOGFY_ADD("connector", m_ms->getConnectorInformation().c_str()); + /* producer > connector */ + LOGFY_ADD("connector", m_ms->getConnectorInformation().c_str()); - /* producer > engine state */ - LOGFY_ADD("secrules_engine", - Rules::ruleEngineStateString(m_rules->secRuleEngine)); + /* producer > engine state */ + LOGFY_ADD("secrules_engine", + Rules::ruleEngineStateString(m_rules->secRuleEngine)); - /* producer > components */ - yajl_gen_string(g, - reinterpret_cast("components"), - strlen("components")); - - yajl_gen_array_open(g); - for (auto a : m_rules->components) { + /* producer > components */ yajl_gen_string(g, - reinterpret_cast - (a.c_str()), a.length()); + reinterpret_cast("components"), + strlen("components")); + + yajl_gen_array_open(g); + for (auto a : m_rules->components) { + yajl_gen_string(g, + reinterpret_cast + (a.c_str()), a.length()); + } + yajl_gen_array_close(g); + + /* end: producer */ + yajl_gen_map_close(g); } - yajl_gen_array_close(g); - - /* end: producer */ - yajl_gen_map_close(g); - /* end: transaction */ yajl_gen_map_close(g); diff --git a/src/audit_log.cc b/src/audit_log.cc index 32070154..b9d6a903 100644 --- a/src/audit_log.cc +++ b/src/audit_log.cc @@ -148,7 +148,7 @@ bool AuditLog::saveIfRelevant(Assay *assay) { return true; } - m_writer->write(assay); + m_writer->write(assay, m_parts); return true; } diff --git a/src/audit_log_writer.cc b/src/audit_log_writer.cc index 2c1967df..7a797051 100644 --- a/src/audit_log_writer.cc +++ b/src/audit_log_writer.cc @@ -33,7 +33,7 @@ std::string AuditLogWriter::file_name(const std::string& unique_id) { * Temporary print the log into the std::cout to debug purposes. * */ -bool AuditLogWriter::write(Assay *assay) { +bool AuditLogWriter::write(Assay *assay, int parts) { std::cout << assay->to_json(0) << std::endl; return true; } diff --git a/src/audit_log_writer.h b/src/audit_log_writer.h index 3abcdb8e..c7a470a5 100644 --- a/src/audit_log_writer.h +++ b/src/audit_log_writer.h @@ -36,7 +36,7 @@ class AuditLogWriter { virtual bool close() { return true; } virtual bool init() { return true; } - virtual bool write(Assay *assay); + virtual bool write(Assay *assay, int parts); std::string file_name(const std::string& unique_id); diff --git a/src/audit_log_writer_parallel.cc b/src/audit_log_writer_parallel.cc index 296c005e..f515df69 100644 --- a/src/audit_log_writer_parallel.cc +++ b/src/audit_log_writer_parallel.cc @@ -74,10 +74,10 @@ bool AuditLogWriterParallel::close() { } -bool AuditLogWriterParallel::write(Assay *assay) { +bool AuditLogWriterParallel::write(Assay *assay, int parts) { FILE *fp; int fd; - std::string log = assay->to_json(0); + std::string log = assay->to_json(parts); std::string fileName = logFilePath(&assay->timeStamp, YearMonthDayDirectory | YearMonthDayAndTimeDirectory | YearMonthDayAndTimeFileName); diff --git a/src/audit_log_writer_parallel.h b/src/audit_log_writer_parallel.h index 66b795be..90d21ee6 100644 --- a/src/audit_log_writer_parallel.h +++ b/src/audit_log_writer_parallel.h @@ -33,7 +33,7 @@ class AuditLogWriterParallel : public AuditLogWriter { bool init() override; bool close() override; - bool write(Assay *assay) override; + bool write(Assay *assay, int parts) override; /** * diff --git a/src/audit_log_writer_serial.cc b/src/audit_log_writer_serial.cc index 8a365559..90a7df2a 100644 --- a/src/audit_log_writer_serial.cc +++ b/src/audit_log_writer_serial.cc @@ -30,7 +30,7 @@ bool AuditLogWriterSerial::close() { } -bool AuditLogWriterSerial::write(Assay *assay) { +bool AuditLogWriterSerial::write(Assay *assay, int parts) { return true; } diff --git a/src/audit_log_writer_serial.h b/src/audit_log_writer_serial.h index 59a07fd0..baffca3e 100644 --- a/src/audit_log_writer_serial.h +++ b/src/audit_log_writer_serial.h @@ -37,7 +37,7 @@ class AuditLogWriterSerial : public AuditLogWriter { bool init() override; bool close() override; - bool write(Assay *assay) override; + bool write(Assay *assay, int parts) override; }; } // namespace ModSecurity