Actions
Bug #1602
closed
ZR
EL
eve-log prefix field feature broken
Bug #1602:
eve-log prefix field feature broken
Affected Versions:
Effort:
Difficulty:
Label:
Description
The eve-log prefix field is ignored. This was added as a feature in this release, but was undone by a later PR.
History:
Bug 1204 (https://redmine.openinfosecfoundation.org/issues/1454) added the prefix field and was fixed in PR 1532 (Merged through PR 1540)
In this commit, the prefix logic is not moved to the the newly created function: util-logopenfile.c:LogFileWrite
https://github.com/inliniac/suricata/commit/a13be67b5e6c26c53149b88f9565c58f7fbe3381
(Merged through 1712)
ZR Updated by Zach Rasmor over 10 years ago
Correction: it was Feature 1454 that added the prefix field (link is correct, text is incorrect)
ZR Updated by Zach Rasmor over 10 years ago
- Related to Feature #1454: Proposal to add Lumberjack/CEE formatting option to EVE JSON syslog output for compatibility with rsyslog parsing added
VJ Updated by Victor Julien over 10 years ago
This should be restored through Eric's https://github.com/inliniac/suricata/pull/1757 (now also in master), can you confirm?
ZR Updated by Zach Rasmor over 10 years ago
Confirmed. Thanks a lot!
VJ Updated by Victor Julien over 10 years ago
- Subject changed from eve-log prefix field feature ignored (undone by PR 1712) to eve-log prefix field feature broken
- Status changed from New to Closed
- Assignee set to Eric Leblond
- Target version set to 3.0RC2
Actions