diff -u ../orig/output-json-alert.c ./output-json-alert.c --- ../orig/output-json-alert.c 2014-03-27 13:26:06.661903468 -0400 +++ ./output-json-alert.c 2014-03-27 13:25:56.113884992 -0400 @@ -119,6 +119,13 @@ /* alert */ json_object_set_new(js, "alert", ajs); + /* payload */ + char payload[p->payload_len + 1]; + uint32_t offset = 0; + PrintStringsToBuffer((uint8_t *)payload, &offset, p->payload_len + 1, + p->payload, p->payload_len); + json_object_set_new(js, "payload", json_string(payload)); + OutputJSONBuffer(js, aft->file_ctx, aft->buffer); json_object_del(js, "alert"); } diff -u ../orig/output-json.c ./output-json.c --- ../orig/output-json.c 2014-03-27 13:26:06.657903461 -0400 +++ ./output-json.c 2014-03-27 13:25:56.113884992 -0400 @@ -218,6 +218,15 @@ if (event_type) { json_object_set_new(js, "event_type", json_string(event_type)); } + + /* packet +#define BUFFER_SIZE 2048 + char packet[BUFFER_SIZE]; + uint32_t offset = 0; + PrintStringsToBuffer((uint8_t *)packet, &offset, BUFFER_SIZE, + GET_PKT_DATA(p), GET_PKT_LEN(p)); + json_object_set_new(js, "packet", json_string(packet)); + */ /* vlan */ if (p->vlan_idx > 0) { diff -u ../orig/util-print.c ./util-print.c --- ../orig/util-print.c 2014-03-27 13:26:06.657903461 -0400 +++ ./util-print.c 2014-03-27 13:25:56.113884992 -0400 @@ -215,6 +215,19 @@ return; } +void PrintStringsToBuffer(uint8_t *dst_buf, uint32_t *dst_buf_offset_ptr, uint32_t dst_buf_size, + uint8_t *src_buf, uint32_t src_buf_len) +{ + uint32_t ch = 0; + for (ch = 0; ch < src_buf_len; ch++) { + PrintBufferData((char *)dst_buf, dst_buf_offset_ptr, dst_buf_size, + "%c", + isprint((uint8_t)src_buf[ch]) || src_buf[ch] == '\n' || src_buf[ch] == '\r' ? (uint8_t)src_buf[ch] : '.'); + } + + return; +} + #ifndef s6_addr16 # define s6_addr16 __u6_addr.__u6_addr16 #endif diff -u ../orig/util-print.h ./util-print.h --- ../orig/util-print.h 2014-03-27 13:26:06.653903454 -0400 +++ ./util-print.h 2014-03-27 13:25:56.113884992 -0400 @@ -49,6 +49,8 @@ void PrintRawDataFp(FILE *, uint8_t *, uint32_t); void PrintRawDataToBuffer(uint8_t *dst_buf, uint32_t *dst_buf_offset_ptr, uint32_t dst_buf_size, uint8_t *src_buf, uint32_t src_buf_len); +void PrintStringsToBuffer(uint8_t *dst_buf, uint32_t *dst_buf_offset_ptr, uint32_t dst_buf_size, + uint8_t *src_buf, uint32_t src_buf_len); void PrintRawLineHexBuf(char *, uint32_t, uint8_t *, uint32_t ); const char *PrintInet(int , const void *, char *, socklen_t);