suricata

Commit Graph

Author	SHA1	Message	Date
Mats Klepsland	800608ab65	userguide: add JA3S fields to the TLS logger documentation	6 years ago
Jeff Lucovsky	8a94b93b7b	doc: Anomaly logging documentation This changeset adds discussion of anomaly log records and the anomaly log record format.	6 years ago
Pascal Delalande	bde65467a9	doc: add ssh protocol in eve log section	6 years ago
Maurizio Abba	6c0ec0b2f3	eve/http: add request/response http headers Add a keyword configuration dump-all-headers, with allowed values {both, request, response}, dumping all HTTP headers in the eve-log http object. Each header is a single object in the list request_headers (response_headers) with the following notation: { "name": <header name>, "value": <header value> } To avoid forged malicious headers, the header name size is capped at 256 bytes, the header value size at 2048. By default, dump-all-headers is disabled.	6 years ago
Maurizio Abba	bce7c2dd87	eve/http: add tx->request_port_number as http_port Add the port specified in the hostname (if any) to the http object in eve. The port may be different from the dest_port used by the TCP flow.	7 years ago
Pascal Delalande	4f48927c44	doc: spelling mistakes in various sections of the user guide	7 years ago
Pascal Delalande	e3c5784dd5	doc: minor updates (tls custom, TODO removal, ftp/smb file rules)	7 years ago
Victor Julien	83bf60d897	doc: add ntlmssp, kerberos and other setup fields	7 years ago
Victor Julien	e09027915a	doc: fix json formatting in smb doc	7 years ago
Victor Julien	67e81a9555	doc: initial smb eve documentation	7 years ago
Mats Klepsland	47a7ebbbc2	doc: add JA3 fields to the TLS logger documentation	7 years ago
Giuseppe Longo	fb66d45754	doc: introduce dns compact logging	7 years ago
Victor Julien	50a182194a	eve: log pcap filename	7 years ago
Pascal Delalande	2e5b293afb	doc: update eve json output for DNS and HTTP	7 years ago
Pascal Delalande	80f2fbac6e	rust/tftp: eve logging with rust	7 years ago
Pascal Delalande	0c99338e07	doc: update docs for DNS flags logging	7 years ago
Eric Leblond	ef88689f1e	doc: add app_proto to alert event	8 years ago
Eric Leblond	f4374ffd0b	doc: some more info about alert format	8 years ago
Ray Ruvinskiy	7539973109	tls: logging for session resumption We assume session resumption has occurred if the Client Hello message included a session id, we have not seen the server certificate, but we have seen a Change Cipher Spec message from the server. Previously, these transactions were not logged at all because the server cert was never seen. Ticket: https://redmine.openinfosecfoundation.org/issues/1969	8 years ago
Mats Klepsland	ee9f822b8e	doc: add documentation for tls_cert_serial keyword	8 years ago
Mats Klepsland	e91bb09c91	doc: add documentation for TLS eve-log	8 years ago
Andi	8e655cf107	eve-json-format: add newest version from the wiki This was added by pevma in the wiki, so should go into the sphinx doc as well.	9 years ago
Jason Ish	2751baae46	doc: rename from "sphinx" to "userguide"	9 years ago

23 Commits (924982e7921eec9a75953b90ac103b64acd7dcfc)