Actions
Feature #1948
closedallow filestore name configuration options
Description
It would be useful to configure patterns for file names for file extraction to give us more control over the filenames when using file_store.
Currently we just get file.1, file.2 etc. Setting the file name to a hash (sha256 preferably) would be helpful.
Updated by Victor Julien about 8 years ago
I like the idea to use the hash as file name. Would a global switch be ok for that?
Updated by Duane Howard about 8 years ago
For us I think that would be fine. Not sure if others would have the need to be able to specify paths, and/or patterns (timestamps, src/dst, etc.)
Updated by Victor Julien about 8 years ago
I guess this mean we first start writing to a temporary filename and then when it's done rename the file to the hash name.
Updated by Andreas Herz over 7 years ago
- Assignee set to Anonymous
- Target version set to TBD
Updated by Victor Julien almost 7 years ago
- Related to Task #2309: SuriCon 2017 brainstorm added
Updated by Victor Julien almost 7 years ago
- Related to Feature #2303: file-store enhancements (aka file-store v2): deduplication; hash-based naming; json metadata and cleanup tooling added
Updated by Victor Julien almost 7 years ago
- Status changed from New to Closed
- Assignee changed from Anonymous to Jason Ish
- Target version changed from TBD to 4.1beta1
https://github.com/OISF/suricata/pull/3175 implements sha256 hash as file names
Actions