Bug #1328
closedNo vlanid in pcap-log
Description
I have a suricata box with getting data from a SPAN. If i run tcpdump on this interface is see the VLAN-IDs that the packets are tagged with. But the data that suricata stores through alerts.pcap-log are not saved with vlanid. 1) Why is this? 2) Is this something we can change?
Updated by Andreas Moe over 9 years ago
Sorry, i ment in the outputs.pcap-log not alerts.pcap-log.
Updated by Victor Julien over 9 years ago
I don't see why this happens actually. We should just pass on the raw packets.
Updated by Andreas Herz about 8 years ago
- Assignee set to OISF Dev
- Target version set to TBD
Updated by Andreas Herz almost 6 years ago
- Status changed from New to Closed
Hi, we're closing this issue since there have been no further responses.
If you think this bug is still relevant, try to test it again with the
most recent version of suricata and reopen the issue. If you want to
improve the bug report please take a look at
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Reporting_Bugs