Project

General

Profile

Actions
Copy link

Feature #1007

closed

united output

Added by Victor Julien over 10 years ago. Updated about 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Tom DeCanio
Target version:
2.0rc1
Effort:
Difficulty:
Label:

Description

Unified output for all events and alerts into a single "stream", where the stream can be a file, socket, etc.

Files

enhanced-alerting.rst (2.83 KB) enhanced-alerting.rst RFC sent to ML Eric Leblond, 10/25/2013 05:56 AM

Subtasks 2 (0 open2 closed)

Feature #772: JSON output for alertsClosedTom DeCanio09/06/2012Actions
Feature #542: TLS JSON outputClosedTom DeCanio09/06/2012Actions
Actions
Copy link
 #1

Updated by Eric Leblond over 10 years ago

The logging format can be JSON. It should contains all the information available and be extensible:

  • Output all key values possible
    • base64 encode binary
    • examples
      • all http keywords
      • stream chunk
      • packet
    • Extensibility
      • rule can set key:value
      • luajit export value
      • output matched string in alert
        • optional
        • only if significative value
Actions
Copy link
 #2

Updated by Victor Julien over 10 years ago

  • Status changed from New to Assigned
  • Assignee set to Tom DeCanio
  • Target version set to 2.0rc2
Actions
Copy link
 #3

Updated by Eric Leblond over 10 years ago

Attached file is proposal.

Actions
Copy link
 #4

Updated by Victor Julien over 10 years ago

  • Target version changed from 2.0rc2 to 2.0beta2
Actions
Copy link
 #5

Updated by Victor Julien over 10 years ago

  • Target version changed from 2.0beta2 to 2.0rc1
Actions
Copy link
 #6

Updated by Victor Julien about 10 years ago

  • Status changed from Assigned to Closed
Actions
Copy link

Also available in: Atom PDF