aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,748 Commits
8 Branches
165 Tags
218 MiB
main
main-8.0.x
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.2
suricata-7.0.13
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'decf795e94'
${ noResults }
Commit Graph

1255 Commits (decf795e94dc1b84b62c8cfd4f3a4c44ac5dfd18)

Author SHA1 Message Date
Jason Ish decf795e94 doc/install: remove reference to --enable-lua 
This configure command no longer exists.
 4 months ago
Jason Ish 4791f37ca2 doc/lua-detection: update note to mention rules are enabled by default 
In 8.0, Lua rules are enabled by default.
 4 months ago
Alexandre Iooss 57e0ff0ee0 doc/lua: fix typo in stream toserver and toclient 4 months ago
Jeff Lucovsky 1030e4fa92 doc/suricatasc: Mentioned get-flow-stats-by-id cmd 
Add get-flow-stats-by-id to the list of commands supported by suricatasc

Issue: 7081
 4 months ago
Jeff Lucovsky 07b7f36748 doc/reload: Expand rule-reload discussion 
Clarify the resources involved in a rule reload.

Issue: 5078
 4 months ago
Jeff Lucovsky c0d54d838e gen/typo: Misc. typo fixes 4 months ago
Jeff Lucovsky 97b03b4076 doc/netflow: Discuss netflow 
Add discussion for netflow configuration, event type and fields
contained in netflow records.

Issue: 5139
 4 months ago
Shivani Bhardwaj 58367149cc doc: add upgrade note about change in inspection 5 months ago
Philippe Antoine f4378eb306 doc/devguide: document app-layer protocol detection 
Ticket: 6022
 5 months ago
Philippe Antoine 4d4eb84eca doc: document krb5 event type 
Ticket: 6566
 5 months ago
Philippe Antoine f907216e1a doc: do not have bittorrent in the middle of SMB events 5 months ago
Jason Ish 580a4445cd doc/install: use our recommended header order 5 months ago
Jason Ish 6b94689a44 doc/userguide: remove example with CentOS 7 
CentOS 7 is EOL.

Ticket: #7749
 5 months ago
Jason Ish 8ed506659d doc/userguide: break out package installation 
Break out RPM, Debian, and Ubuntu package installation into their own
pages.

Also break out other distributions like "Arch" into an "Other" section
with a note about how those packages are not supported by the OISF.

Ticket: #6252
Ticket: #6069
 5 months ago
Jason Ish 1de19ee94c doc/userguide: add appendix item on eve schema 
Add some basic documentation on our EVE schema, mainly to show users
that it exists.
 5 months ago
Jeff Lucovsky a300df4c4d detect/entropy: Clarify when entropy is logged 
Clarify when entropy values are logged and associated with non-alert log
records.
 5 months ago
Jason Ish 4a0f278502 doc/install: windows build documentation 
Ticket: #5911
 5 months ago
Jason Ish f35a56fa65 doc/code-style: add rust; minor cleanups 
- Add small section on Rust code, and Rust code exposed to FFI.
- Other minor cleanups.

Ticket: #7078
Ticket: #6955
 5 months ago
Jason Ish 249bd32a9d doc/userguide/code-style: update header ordering 
To match our recommended header ordering.
 5 months ago
Eric Leblond 751f3eef3b doc/userguide: fix some typos 5 months ago
Eric Leblond 6236574b9c doc/userguide: enrichment_key is now context_key 5 months ago
Eric Leblond 20a0575d96 doc/userguide: fix some typos 
Suggestions from Juliana.

Co-authored-by: Juliana Fajardini Reichow <jufajardini@gmail.com>
 5 months ago
Eric Leblond 40c545f8d9 doc/userguide: jsonline is now standard ndjson 5 months ago
Eric Leblond f724c75cc9 doc/userguide: improve datajson doc 5 months ago
Eric Leblond a652eee508 doc/userguide: remove left over datajson reference 5 months ago
Eric Leblond 7d28758a54 doc/userguide: improve datajson doc 
Patch adds ``remove_key`` option and clarifies the text.
 5 months ago
Eric Leblond 0ae88a408a doc/userguide: basic doc for jsonline format 5 months ago
Eric Leblond 9873c5d2e1 doc/userguide: add dataset with json 5 months ago
Jason Ish 8e8c3040e7 doc/upgrade: note about dns address swap on responses 
Document the change in DNS addresses for ticket 6400.

Ticket: https://redmine.openinfosecfoundation.org/issues/6400
 5 months ago
Philippe Antoine b29d46d81f rust: bindgen SCAppLayerParserStateIssetFlag 
Ticket: 7667
 5 months ago
Victor Julien f2faba5a23 detect/config: add flow tracking doc 5 months ago
Victor Julien ecbcccf355 detect: add tcp.wscale keyword 
Allows matching on wscale option value in TCP header options.

Ticket: #7713.
 5 months ago
Lukas Sismis 8817a959e8 threading: support thread autopinning and interface-specific affinity 
Using the new configuration format, it is now possible to set CPU affinity
settings per interface.

The threading.autopin option has been added to automatically use CPUs from the
same NUMA node as the interface. The autopin option requires
hwloc-devel / hwloc-dev to be installed and --enable-hwloc flag in configure
script.

Ticket: 7036
 5 months ago
Lukas Sismis 1a1789eb29 doc: remove title in threading section with no content 5 months ago
Lukas Sismis 6c654e30ac threading: support previous threading configuration format 
Provide backward compatibility with the previous configuration
format to allow smooth transition to the new format.
The commit adds docs about the new format and the introduced changes.
 5 months ago
Jeff Lucovsky a8a3780276 doc/entropy: Document the entropy log output 5 months ago
Jeff Lucovsky 62e3c02914 doc: Add missing contributors to ack file 
Add missing contributors as identified by
    git shortlog -s -n --no-merges -- .
 6 months ago
Juliana Fajardini 9614770483 doc/lua: document request_host lua lib 
Seems that we missed bringing this one, when documenting HTTP lua lib
functions.
 6 months ago
Jason Ish 62df7c8e81 doc/lua: remove reference to removed functions 
These have all been replaced by libs and already documented in their
lib format.

Ticket: #7728
 6 months ago
Juliana Fajardini f3aa0085a0 pgsql: rename copy in/out response field 
We used `copy_column_count`, while just `columns` is more accurate with
what PostgreSQL describes, and what Wireshark shows.

Related to
Task #7644
Task #7645
 6 months ago
Juliana Fajardini 2086f99d6b pgsql: add initial support to CopyIn mode/subproto 
This sub-protocol inspects messages sent mainly from the frontend to
the backend after a 'COPY FROM STDIN' has been processed by the
backend.

Parses new messages:
- CopyInResponse -- initiates copy-in mode/sub-protocol
- CopyData (In) -- data transfer message, from frontend to backend
- CopyDone -- signals that no more CopyData messages will be seen from
  the frontend, for the current transaction
- CopyFail -- used by the frontend to signal some failure to proceed
  with sending CopyData messages

Task #7645
 6 months ago
Jason Ish e5faedf7e6 lua/util: move SCThreadInfo into suricata.util lib 
Move the SCThreadInfo global function into the suricata.util library as
thread_info().

This is the last global function to be registered, so remove the
supporting functions.
 6 months ago
Jason Ish 778a699622 lua: simplify streaming output setup 
Setup the init function to simply return:

   {streaming = "tcp"}

or

   {streaming = "http"}

The returned table can have a lot of parameters that don't make sense
together, this should simplify this one case.
 6 months ago
Jason Ish 02bdea2bce lua/streaming: provide streaming buffer as argument 
When setting up a Lua output script for streaming data, we're
explicitly requesting stream data. Just pass the streaming data as
arguments, rather than requiring the script to make an extra call to
get the stream data.

The streaming data will be passed in the "stream" field of the args
passed to the log function.

Eliminates the SCStreamingBuffer Lua function.
 6 months ago
Jason Ish 11b3ebcb5f lua/bytevar: convert SCByteVar to Lua lib 
Similar to flowvars and flowints, but a byte var cannot be registered
from a Lua script, but it still needs to be setup. Instead provide an
"map" function that sets it up, or errors out if the byte var is
unknown.

This also required passing the signature into the Lua init method, as
the state of the Signature object and the time of loading the Lua
keyword is required.
 6 months ago
Jason Ish ce7cdd6f9a lua: create suricata.config lua lib 
Currently only provides "log_path" as a replacement for SCLogPath.
 6 months ago
Juliana Fajardini c5b9277474 doc/payload: fix typo, minor formatting changes 6 months ago
Juliana Fajardini 95560f0966 docs/exceptions: minor improvements 
Add section label and doc reference, add another term to Common terms
section.

Tried to also improve readability for the Midstream behavior tables:
- Highlight key-words when differences are only in `do` vs `no`.
- Change order of sentences in certain descriptions, to align with the
  steps those happen for the engine.
 6 months ago
Juliana Fajardini 0256ce51eb doc/exceptions: clarify ambiguous terminology 
The terms 'inspection' and 'detection' were being used to signify
different engine actions in this document, while throughout the
documentation and code they're many times interchangeable.

Replace 'inspection' with 'parsing' or even 'decoding and parsing' as
more appropriate.

Add a small glossary to clarify what we mean with those terms.
 6 months ago
Juliana Fajardini e5c1e5f792 doc/exceptions: standardize page section markdown 
Following the discussion on #7396, use those symbols for to keep the
standard.
Remove the repeting `Exception Policies` section header, too.

Related to
Task #7396
 6 months ago