Adds "matched" line to the audit logs

2025-09-29 19:24:29 +03:00 · 2016-02-12 13:28:43 -03:00
parent 362b376acb
commit a2ffb36159
3 changed files with 7 additions and 0 deletions
--- a/src/rule.cc
+++ b/src/rule.cc
@@ -391,6 +391,10 @@ bool Rule::evaluate(Transaction *trasn) {
            if (ret) {
                bool containsDisruptive = false;
                bool chainResult = false;
+
+                ruleMessage->m_match = "Operator `" + this->op->op +
+                    "' with parameter `" + this->op->param + "' against" \
+                    " variable `" + v->m_key + "' (Value: `" + value + "' )";
 #ifndef NO_LOGS
                trasn->debug(4, "Rule returned 1.");
 #endif
--- a/src/transaction.cc
+++ b/src/transaction.cc
@@ -1542,6 +1542,7 @@ std::string Transaction::toJSON(int parts) {
                reinterpret_cast<const unsigned char*>("producer"),
                strlen("producer"));
            yajl_gen_map_open(g);
+            LOGFY_ADD("match", a->m_match.c_str());
            LOGFY_ADD("ruleId", std::to_string(a->m_ruleId).c_str());
            LOGFY_ADD("file", a->m_ruleFile.c_str());
            LOGFY_ADD("lineNumber", std::to_string(a->m_ruleLine).c_str());