Actions
Feature #2021
closeddoc: sha256 filesum extraction missing in documentation
Effort:
low
Difficulty:
low
Label:
Beginner, Outreachy
Description
The following is missing from redmine documentation:
...
The routine is the same -
alert http any any -> any any (msg:"Black list checksum match and
extract SHA256"; filesha256:fileextraction-chksum.list; filestore;
sid:666; rev:1;)
and then the file - fileextraction-chksum.list in your rules directory
will contain the sha256 sums
...
Updated by Victor Julien about 7 years ago
- Tracker changed from Support to Feature
- Subject changed from sha256 filesum extraction missing in documentation to doc: sha256 filesum extraction missing in documentation
- Assignee set to OISF Dev
- Target version set to Documentation
Updated by Victor Julien about 5 years ago
- Assignee changed from OISF Dev to Community Ticket
- Target version changed from Documentation to TBD
- Effort set to low
- Difficulty set to low
- Label Beginner, Outreachy added
Updated by Andreas Herz almost 5 years ago
- Status changed from New to Closed
this is now already included in the docs, see https://suricata.readthedocs.io/en/latest/file-extraction/file-extraction.html#rules
Updated by Victor Julien over 2 years ago
- Related to Task #4772: tracking: parity between fields logged and fields available for detection added
Updated by Victor Julien over 2 years ago
- Related to deleted (Task #4772: tracking: parity between fields logged and fields available for detection)
Actions