suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	46203de0e9	doc: adjust for master to main rename	14 hours ago
Victor Julien	e62eb00459	doc/userguide: add ips chapter; add concept Move setup guides into the new chapter as well. Explain `stream.inline` logic. Ticket: #5513. Ticket: #6284.	3 days ago
Philippe Antoine	9146fc8957	doc: upgrade note about keyword tls.cert_subject Following commit `5379b52af2` rules that use multiple times the keyword tls.cert_subject will result in Warning: detect: duplicate instance for tls.cert_subject These rules likely meant to use a multi-buffer which is not the case for tls.cert_subject (even if it was documented so). Ticket: 7890 This is put in a new section of upgrade notes for upgrading to 8.0.1	3 days ago
Juliana Fajardini	27e165f760	doc/rules/index: keep rule types doc near the end As this chapter is more meta than about rule keywords, keep it by the end of the index, to have some semantic separation from the other sections.	4 days ago
Juliana Fajardini	d5810a42e1	userguide: document how suricata processes rules Added a page that explains how rules are prioritized by Suri, as well as what main different types of inspection happen and what elements are involved when ordering rules. Task #5449	4 days ago
Shivani Bhardwaj	b21f737aee	doc: add doc on internals of inspection of raw data Explain briefly the internals of inspection of raw data in the following order: - Stream Engine - Stream reassembly - Role of Detection Engine and Applayer Parsers - High level communication between Stream and Detection Engine - Relevant suricata.yaml settings alongwith some diagrams. Ticket 4351	4 days ago
Shivani Bhardwaj	9ed5ac7669	doc: make firewall table names consistent	1 week ago
Shivani Bhardwaj	7fec1883cd	doc: add more info to firewall design Add information about: - available tables, default policies and rule ordering - Packet layer and applayer tables and hooks - engine analysis output - commandline options available - how to load firewall rules Also, reorganize sections and content to assist the definitions.	1 week ago
Jeff Lucovsky	17e7387ff4	doc/fileinfo: Document fileinfo context/usage Issue: 6498	1 week ago
Thomas Winter	0b2dfa2b68	doc: Add upgrade note for ppp changes	1 week ago
Philippe Antoine	0026019dcf	doc: complete list of multi-buffers Ticket: 7867	2 weeks ago
Philippe Antoine	646c78269a	doc/devguide: section with conceptualized steps for adding app-layer Ticket: 6840	3 weeks ago
Tommy Wang	fc6b96fb85	doc/lualib: fix wrong tuple section markdown in flowlib Sections had wrong levels due to wrong markdown.	3 weeks ago
Tommy Wang	a10053e62c	doc/lualib: fix flow timestamps return value order Task #7854	3 weeks ago
Philippe Antoine	d0a513df6a	detect/integers: support kibibyte unit Ticket: 7869	3 weeks ago
Philippe Antoine	be9858d3aa	detect/integers: document usage of units Ticket: 7190	3 weeks ago
Theo Buehler	315844ccd8	docs: fix deprecated inclusion of rtd theme path Since userguide/conf.py uses the deprecated get_html_theme_path(), sphinx emits a warning which breaks the build as warnings are treated as errors. Issue: 7859	3 weeks ago
Juliana Fajardini	ec1da6fd3a	doc/exceptions: fix wrong section markdown Sections had wrong levels due to wrong markdown.	4 weeks ago
Jeff Lucovsky	21707ab26c	doc/from_base64: Emphasize keyword only values Emphasize that specifying the keyword only will result in the defaults for each option to be used. Issue: 7853	4 weeks ago
Juliana Fajardini	a8453d73cd	detect: remove unused non-pf stats counters Remove unused rule prefilter-related stats counters that aren't in use. `94644ac960` (detect: move non-pf rules into special prefilter engines) removed the logic that made use of and incremented the stats counters: - det_ctx->counter_fnonmpm_list - det_ctx->counter_nonmpm_list Some code was left, registering them, and mentioning them in the json schema. Ticket #7834	1 month ago
Lukas Sismis	897cdb8571	doc/dpdK: update RX/TX descriptor note for Connect-X 4 Ticket: 7639	1 month ago
Jason Ish	eaef74af05	lua: document the dnp3 lib Ticket: #7631	2 months ago
Jason Ish	3b7b908fe2	doc/upgrade: mention that lua rules are enabled by default	2 months ago
Jason Ish	7a65ca10e2	doc/lua-detection: fix example script; remove most buffers - Reference rule hooks instead Ticket: #7728	2 months ago
Jason Ish	f56bd4db75	doc/lua-output: fix example script for new apis Ticket: #7728	2 months ago
Jason Ish	7535b5aa1d	doc/lua-functions: update lua-function documentation - cleanup usage and documentation around needs - mentiond that rule hooks are used instead of "needs" keywords with link with rule hooks (which is still in the firewall-design doc)	2 months ago
Jason Ish	decf795e94	doc/install: remove reference to --enable-lua This configure command no longer exists.	2 months ago
Jason Ish	4791f37ca2	doc/lua-detection: update note to mention rules are enabled by default In 8.0, Lua rules are enabled by default.	2 months ago
Alexandre Iooss	57e0ff0ee0	doc/lua: fix typo in stream toserver and toclient	2 months ago
Jeff Lucovsky	1030e4fa92	doc/suricatasc: Mentioned get-flow-stats-by-id cmd Add get-flow-stats-by-id to the list of commands supported by suricatasc Issue: 7081	2 months ago
Jeff Lucovsky	07b7f36748	doc/reload: Expand rule-reload discussion Clarify the resources involved in a rule reload. Issue: 5078	2 months ago
Jeff Lucovsky	c0d54d838e	gen/typo: Misc. typo fixes	2 months ago
Jeff Lucovsky	97b03b4076	doc/netflow: Discuss netflow Add discussion for netflow configuration, event type and fields contained in netflow records. Issue: 5139	2 months ago
Shivani Bhardwaj	58367149cc	doc: add upgrade note about change in inspection	3 months ago
Philippe Antoine	f4378eb306	doc/devguide: document app-layer protocol detection Ticket: 6022	3 months ago
Philippe Antoine	4d4eb84eca	doc: document krb5 event type Ticket: 6566	3 months ago
Philippe Antoine	f907216e1a	doc: do not have bittorrent in the middle of SMB events	3 months ago
Jason Ish	580a4445cd	doc/install: use our recommended header order	3 months ago
Jason Ish	6b94689a44	doc/userguide: remove example with CentOS 7 CentOS 7 is EOL. Ticket: #7749	3 months ago
Jason Ish	8ed506659d	doc/userguide: break out package installation Break out RPM, Debian, and Ubuntu package installation into their own pages. Also break out other distributions like "Arch" into an "Other" section with a note about how those packages are not supported by the OISF. Ticket: #6252 Ticket: #6069	3 months ago
Jason Ish	1de19ee94c	doc/userguide: add appendix item on eve schema Add some basic documentation on our EVE schema, mainly to show users that it exists.	3 months ago
Jeff Lucovsky	a300df4c4d	detect/entropy: Clarify when entropy is logged Clarify when entropy values are logged and associated with non-alert log records.	3 months ago
Jason Ish	4a0f278502	doc/install: windows build documentation Ticket: #5911	3 months ago
Jason Ish	f35a56fa65	doc/code-style: add rust; minor cleanups - Add small section on Rust code, and Rust code exposed to FFI. - Other minor cleanups. Ticket: #7078 Ticket: #6955	3 months ago
Jason Ish	249bd32a9d	doc/userguide/code-style: update header ordering To match our recommended header ordering.	3 months ago
Eric Leblond	751f3eef3b	doc/userguide: fix some typos	3 months ago
Eric Leblond	6236574b9c	doc/userguide: enrichment_key is now context_key	3 months ago
Eric Leblond	20a0575d96	doc/userguide: fix some typos Suggestions from Juliana. Co-authored-by: Juliana Fajardini Reichow <jufajardini@gmail.com>	3 months ago
Eric Leblond	40c545f8d9	doc/userguide: jsonline is now standard ndjson	3 months ago
Eric Leblond	f724c75cc9	doc/userguide: improve datajson doc	3 months ago

1 2 3 4 5 ...

1167 Commits (dependabot/github_actions/codecov/codecov-action-5.5.1)