注册事务日志线程模块

void TmModuleTxLoggerRegister (void)
{tmm_modules[TMM_TXLOGGER].name = "__tx_logger__";tmm_modules[TMM_TXLOGGER].ThreadInit = OutputTxLogThreadInit;tmm_modules[TMM_TXLOGGER].Func = OutputTxLog;tmm_modules[TMM_TXLOGGER].ThreadExitPrintStats = OutputTxLogExitPrintStats;tmm_modules[TMM_TXLOGGER].ThreadDeinit = OutputTxLogThreadDeinit;tmm_modules[TMM_TXLOGGER].cap_flags = 0;
}

注册协议的线程模块

void TmModuleJsonDnsLogRegister (void)
{tmm_modules[TMM_JSONDNSLOG].name = MODULE_NAME;tmm_modules[TMM_JSONDNSLOG].ThreadInit = LogDnsLogThreadInit;tmm_modules[TMM_JSONDNSLOG].ThreadDeinit = LogDnsLogThreadDeinit;tmm_modules[TMM_JSONDNSLOG].RegisterTests = NULL;tmm_modules[TMM_JSONDNSLOG].cap_flags = 0;tmm_modules[TMM_JSONDNSLOG].flags = TM_FLAG_LOGAPI_TM;OutputRegisterTxModule(MODULE_NAME, "dns-json-log", JsonDnsLogInitCtx,ALPROTO_DNS, JsonDnsLogger);OutputRegisterTxSubModule("eve-log", MODULE_NAME, "eve-log.dns", JsonDnsLogInitCtxSub,ALPROTO_DNS, JsonDnsLogger);
}

注册协议的日志线程初始化和销毁函数

注册协议的事务日志模块

void
/*** \brief Register a tx output module.** This function will register an output module so it can be* configured with the configuration file.** \retval Returns 0 on success, -1 on failure.*/
void
OutputRegisterTxModule(const char *name, const char *conf_name,OutputCtx *(*InitFunc)(ConfNode *), AppProto alproto,TxLogger TxLogFunc)

注册协议的事务日志模块，存储到output_modules

初始化输出

/*** Initialize the output modules.*/
void RunModeInitializeOutputs(void)

根据配置选择加载输出模块，调用SetupOutput将输出模块添加到OutputPacketLogger *list;

初始化TxLogger线程

/** \brief thread init for the tx logger*  This will run the thread init functions for the individual registered*  loggers */
static TmEcode OutputTxLogThreadInit(ThreadVars *tv, void *initdata, void **data)

遍历前面添加到OutputPacketLogger *list的日志模块，调用日志模块对应的线程模块的线程初始化函数，对日志模块进行初始化。

日志输出

static TmEcode OutputTxLog(ThreadVars *tv, Packet *p, void *thread_data, PacketQueue *pq, PacketQueue *postpq)

遍历所有事务日志模块OutputTxLogger *list，找到事务协议对应的日志模块，调用日志输出函数输出日志。