Actions
Feature #2011
closedeve.alert: print outside IP addresses on alerts on traffic inside tunnels
Effort:
Difficulty:
Label:
Description
When an alert triggers on a GRE tunnel (or another tunnel supported by Suricata), we only log the IP addresses inside the tunnel in EVE-log. It would be useful to also log the IP addresses outside the tunnel and the tunnel protocol.
Updated by Victor Julien about 7 years ago
- Subject changed from output-json-alert: print outside IP addresses on alerts on traffic inside tunnels to eve.alert: print outside IP addresses on alerts on traffic inside tunnels
- Status changed from New to Assigned
- Target version set to 70
Updated by Mats Klepsland about 7 years ago
Implemented in https://github.com/inliniac/suricata/pull/2566
Updated by Victor Julien about 7 years ago
- Status changed from Assigned to Closed
- Target version changed from 70 to 4.0beta1
Actions