suricata

Commit Graph

Author	SHA1	Message	Date
Eric Leblond	27cdfec28a	eve/schema: update following flow changes	2 years ago
Victor Julien	38fdfd8718	eve/schema: flow/stream updates	2 years ago
Victor Julien	308fe31cb5	eve/schema: add tls client logging	2 years ago
Victor Julien	036686e21c	etc/schema: clang (re)format	2 years ago
Philippe Antoine	b0ce55c9df	flow: finish to remove obsolete counters As was begun in `b3599507f4` Ticket: #5317	3 years ago
Eric Leblond	2cc9152fc9	rust/smb: log uuid of interface in dcerpc When doing a DCERPC request, we can use the context id to log the interface that is used. Doing that we can see in one single event what is the DCERPC interface and opnum that are used. This allows to have all the information needed to resolve the request to a function call. Feature #5413.	3 years ago
Philippe Antoine	e94920b49f	smb: do not use tree id to match create request and response As an SMB2 async response does not have a tree id, even if the request has it. Per spec, MessageId should be enough to identifiy a message request and response uniquely across all messages that are sent on the same SMB2 Protocol transport connection. So, the tree id is redundant anyways. Ticket: #5508	3 years ago
Shivani Bhardwaj	14561ffe72	eve/schema: add smtp url bool fields	3 years ago
Philippe Antoine	64b2385c64	krb: log for ticket encryption Also logs if the ticket encryption is weak. It is different from the encryption used for the rest of the packet, and this allows to detect kerberoasting attack. Ticket: #5442	3 years ago
Philippe Antoine	896f0d91ce	quic: complete schema.json adding ja3 and extension fields	3 years ago
Victor Julien	929faae6d4	eve/schema: add drop.udplen, email fields	3 years ago
Victor Julien	3617be326c	eve/schema: add pcap_filename field	3 years ago
Victor Julien	fc566037b4	eve/schema: add new flow fields	3 years ago
Victor Julien	2ba9da4815	eve/schema: add missing magic from files array	3 years ago
Victor Julien	2a7349406c	eve/schema: add missing capture_file field	3 years ago
Victor Julien	42adaf5627	eve/schema: add missing http fields	3 years ago
Victor Julien	d58f9e54d0	eve/schema: add missing alert fields	3 years ago
Victor Julien	2abce12b5b	eve/schema: add missing smb fields	3 years ago
Victor Julien	b24e1f1e46	eve/schema: add missing drop fields for ipv6	3 years ago
Victor Julien	6ad5d6a148	eve/schema: add profiling detect fields	3 years ago
Victor Julien	0035673208	eve/drop: log drop reason Ticket: #5202.	3 years ago
Philippe Antoine	284ad462fc	output: adds schema.json Ticket: #1369	3 years ago
Victor Julien	f037f6f4ff	classification: sync and update Sync to latest ET open and introduce inappropriate as a classification to replace something some find inappropriate.	4 years ago
Jason Ish	400b26ad68	logrotate: reindent to 4 spaces 4 spaces seems to be the norm on Linux, so reindent from a mix of 8 spaces and tabs to 4 spaces.	4 years ago
Jason Ish	99d9e09599	config: install classification.config (and ref) to $datadir Install classification.config and reference.config to $datadir, where they can be updated on every upgrade. This required moving them into a sub-directory for autotools to do its thing. Redmine issue: https://redmine.openinfosecfoundation.org/issues/3209	5 years ago
Jason Ish	7cc0067be0	Sample systemd unit file for Suricata. Create a sample systemd unit file based on the build time configuration. Redmine issue: https://redmine.openinfosecfoundation.org/issues/2138	8 years ago
Jason Ish	ddf6bce5d8	Sample logrotate configuration file. Create a sample logrotate configuration file with filenames set for the configuration.	8 years ago

27 Commits (6621b0ec93ab80a4fcfabeac70891fe282b569ef)