aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,827 Commits
8 Branches
169 Tags
241 MiB
main-8.0.x
main
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.4
suricata-7.0.15
suricata-8.0.3
suricata-7.0.14
suricata-8.0.2
suricata-7.0.13
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd5810a42e1'
${ noResults }
Commit Graph

1163 Commits (d5810a42e19dc7b522d84724aa97481e88b2d8b1)

Author SHA1 Message Date
Juliana Fajardini d5810a42e1 userguide: document how suricata processes rules 
Added a page that explains how rules are prioritized by Suri, as well
as what main different types of inspection happen and what elements are
involved when ordering rules.

Task #5449
 7 months ago
Shivani Bhardwaj b21f737aee doc: add doc on internals of inspection of raw data 
Explain briefly the internals of inspection of raw data in the following order:
- Stream Engine
- Stream reassembly
- Role of Detection Engine and Applayer Parsers
- High level communication between Stream and Detection Engine
- Relevant suricata.yaml settings

alongwith some diagrams.

Ticket 4351
 7 months ago
Shivani Bhardwaj 9ed5ac7669 doc: make firewall table names consistent 8 months ago
Shivani Bhardwaj 7fec1883cd doc: add more info to firewall design 
Add information about:
- available tables, default policies and rule ordering
- Packet layer and applayer tables and hooks
- engine analysis output
- commandline options available
- how to load firewall rules

Also, reorganize sections and content to assist the definitions.
 8 months ago
Jeff Lucovsky 17e7387ff4 doc/fileinfo: Document fileinfo context/usage 
Issue: 6498
 8 months ago
Thomas Winter 0b2dfa2b68 doc: Add upgrade note for ppp changes 8 months ago
Philippe Antoine 0026019dcf doc: complete list of multi-buffers 
Ticket: 7867
 8 months ago
Philippe Antoine 646c78269a doc/devguide: section with conceptualized steps for adding app-layer 
Ticket: 6840
 8 months ago
Tommy Wang fc6b96fb85 doc/lualib: fix wrong tuple section markdown in flowlib 
Sections had wrong levels due to wrong markdown.
 8 months ago
Tommy Wang a10053e62c doc/lualib: fix flow timestamps return value order 
Task #7854
 8 months ago
Philippe Antoine d0a513df6a detect/integers: support kibibyte unit 
Ticket: 7869
 8 months ago
Philippe Antoine be9858d3aa detect/integers: document usage of units 
Ticket: 7190
 8 months ago
Theo Buehler 315844ccd8 docs: fix deprecated inclusion of rtd theme path 
Since userguide/conf.py uses the deprecated get_html_theme_path(),
sphinx emits a warning which breaks the build as warnings are treated
as errors.

Issue: 7859
 8 months ago
Juliana Fajardini ec1da6fd3a doc/exceptions: fix wrong section markdown 
Sections had wrong levels due to wrong markdown.
 8 months ago
Jeff Lucovsky 21707ab26c doc/from_base64: Emphasize keyword only values 
Emphasize that specifying the keyword only will result in the defaults
for each option to be used.

Issue: 7853
 8 months ago
Juliana Fajardini a8453d73cd detect: remove unused non-pf stats counters 
Remove unused rule prefilter-related stats counters that aren't in use.

94644ac960 (detect: move non-pf rules into special prefilter engines)
removed the logic that made use of and incremented the stats counters:
- det_ctx->counter_fnonmpm_list
- det_ctx->counter_nonmpm_list

Some code was left, registering them, and mentioning them in the
json schema.

Ticket #7834
 9 months ago
Lukas Sismis 897cdb8571 doc/dpdK: update RX/TX descriptor note for Connect-X 4 
Ticket: 7639
 9 months ago
Jason Ish eaef74af05 lua: document the dnp3 lib 
Ticket: #7631
 9 months ago
Jason Ish 3b7b908fe2 doc/upgrade: mention that lua rules are enabled by default 9 months ago
Jason Ish 7a65ca10e2 doc/lua-detection: fix example script; remove most buffers 
- Reference rule hooks instead

Ticket: #7728
 9 months ago
Jason Ish f56bd4db75 doc/lua-output: fix example script for new apis 
Ticket: #7728
 9 months ago
Jason Ish 7535b5aa1d doc/lua-functions: update lua-function documentation 
- cleanup usage and documentation around needs
- mentiond that rule hooks are used instead of "needs" keywords with
  link with rule hooks (which is still in the firewall-design doc)
 9 months ago
Jason Ish decf795e94 doc/install: remove reference to --enable-lua 
This configure command no longer exists.
 9 months ago
Jason Ish 4791f37ca2 doc/lua-detection: update note to mention rules are enabled by default 
In 8.0, Lua rules are enabled by default.
 9 months ago
Alexandre Iooss 57e0ff0ee0 doc/lua: fix typo in stream toserver and toclient 9 months ago
Jeff Lucovsky 1030e4fa92 doc/suricatasc: Mentioned get-flow-stats-by-id cmd 
Add get-flow-stats-by-id to the list of commands supported by suricatasc

Issue: 7081
 9 months ago
Jeff Lucovsky 07b7f36748 doc/reload: Expand rule-reload discussion 
Clarify the resources involved in a rule reload.

Issue: 5078
 10 months ago
Jeff Lucovsky c0d54d838e gen/typo: Misc. typo fixes 10 months ago
Jeff Lucovsky 97b03b4076 doc/netflow: Discuss netflow 
Add discussion for netflow configuration, event type and fields
contained in netflow records.

Issue: 5139
 10 months ago
Shivani Bhardwaj 58367149cc doc: add upgrade note about change in inspection 10 months ago
Philippe Antoine f4378eb306 doc/devguide: document app-layer protocol detection 
Ticket: 6022
 10 months ago
Philippe Antoine 4d4eb84eca doc: document krb5 event type 
Ticket: 6566
 10 months ago
Philippe Antoine f907216e1a doc: do not have bittorrent in the middle of SMB events 10 months ago
Jason Ish 580a4445cd doc/install: use our recommended header order 10 months ago
Jason Ish 6b94689a44 doc/userguide: remove example with CentOS 7 
CentOS 7 is EOL.

Ticket: #7749
 10 months ago
Jason Ish 8ed506659d doc/userguide: break out package installation 
Break out RPM, Debian, and Ubuntu package installation into their own
pages.

Also break out other distributions like "Arch" into an "Other" section
with a note about how those packages are not supported by the OISF.

Ticket: #6252
Ticket: #6069
 10 months ago
Jason Ish 1de19ee94c doc/userguide: add appendix item on eve schema 
Add some basic documentation on our EVE schema, mainly to show users
that it exists.
 10 months ago
Jeff Lucovsky a300df4c4d detect/entropy: Clarify when entropy is logged 
Clarify when entropy values are logged and associated with non-alert log
records.
 10 months ago
Jason Ish 4a0f278502 doc/install: windows build documentation 
Ticket: #5911
 10 months ago
Jason Ish f35a56fa65 doc/code-style: add rust; minor cleanups 
- Add small section on Rust code, and Rust code exposed to FFI.
- Other minor cleanups.

Ticket: #7078
Ticket: #6955
 10 months ago
Jason Ish 249bd32a9d doc/userguide/code-style: update header ordering 
To match our recommended header ordering.
 10 months ago
Eric Leblond 751f3eef3b doc/userguide: fix some typos 10 months ago
Eric Leblond 6236574b9c doc/userguide: enrichment_key is now context_key 10 months ago
Eric Leblond 20a0575d96 doc/userguide: fix some typos 
Suggestions from Juliana.

Co-authored-by: Juliana Fajardini Reichow <jufajardini@gmail.com>
 10 months ago
Eric Leblond 40c545f8d9 doc/userguide: jsonline is now standard ndjson 10 months ago
Eric Leblond f724c75cc9 doc/userguide: improve datajson doc 10 months ago
Eric Leblond a652eee508 doc/userguide: remove left over datajson reference 10 months ago
Eric Leblond 7d28758a54 doc/userguide: improve datajson doc 
Patch adds ``remove_key`` option and clarifies the text.
 10 months ago
Eric Leblond 0ae88a408a doc/userguide: basic doc for jsonline format 10 months ago
Eric Leblond 9873c5d2e1 doc/userguide: add dataset with json 10 months ago