Project

General

Profile

Actions

Feature #1005

open

conditional logging: controlling what gets logged

Added by Victor Julien about 11 years ago. Updated about 2 years ago.

Status:
Assigned
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

For http, files, tls, dns, etc.

Per log option: enabled, conditional, disabled

Per rule keyword: log:(all|tls|http|dns|file);


Subtasks 1 (0 open1 closed)

Feature #3823: conditional logging: tx log filteringClosedVictor JulienActions

Related issues 6 (5 open1 closed)

Related to Suricata - Feature #821: conditional logging: output steeringNewCommunity TicketActions
Related to Suricata - Feature #843: Custom http logging filter functionalityClosedCommunity TicketActions
Related to Suricata - Feature #2661: output the http-body-data to eve.jsonNewCommunity TicketActions
Related to Suricata - Feature #2055: Optionally logging on files.json - Not log every file, only certain files that are stored and extractedNewOISF DevActions
Related to Suricata - Feature #1950: allow configuration of file-store typesNewCommunity TicketActions
Related to Suricata - Feature #121: Alert on domain name look up, capture traffic for corresponding IPNewCommunity TicketActions
Actions

Also available in: Atom PDF