|
|
|
|
@ -118,13 +118,14 @@ outputs:
|
|
|
|
|
# batch-size: 10 ## number of entry to keep in buffer
|
|
|
|
|
types:
|
|
|
|
|
- alert:
|
|
|
|
|
# payload: yes # enable dumping payload in Base64
|
|
|
|
|
# payload-printable: yes # enable dumping payload in printable (lossy) format
|
|
|
|
|
# packet: yes # enable dumping of packet (without stream segments)
|
|
|
|
|
# http: yes # enable dumping of http fields
|
|
|
|
|
# tls: yes # enable dumping of tls fields
|
|
|
|
|
# ssh: yes # enable dumping of ssh fields
|
|
|
|
|
# smtp: yes # enable dumping of smtp fields
|
|
|
|
|
# payload: yes # enable dumping payload in Base64
|
|
|
|
|
# payload-buffer-size: 4kb # max size of payload buffer to output in eve-log
|
|
|
|
|
# payload-printable: yes # enable dumping payload in printable (lossy) format
|
|
|
|
|
# packet: yes # enable dumping of packet (without stream segments)
|
|
|
|
|
# http: yes # enable dumping of http fields
|
|
|
|
|
# tls: yes # enable dumping of tls fields
|
|
|
|
|
# ssh: yes # enable dumping of ssh fields
|
|
|
|
|
# smtp: yes # enable dumping of smtp fields
|
|
|
|
|
|
|
|
|
|
# HTTP X-Forwarded-For support by adding an extra field or overwriting
|
|
|
|
|
# the source or destination IP address (depending on flow direction)
|
|
|
|
|
|
maxtors
9 years ago