Actions
Feature #2196
closedAdd flow_id to the file extracted .meta file
Effort:
Difficulty:
Label:
Description
To enable easier mappings of extracted files and connected alerts I suggest adding the field "flow_id" to the corresponding .meta file.
If you would like or need more information why I like this feature or need someone to to test it I would gladly help out
Updated by Andreas Herz over 6 years ago
- Assignee set to OISF Dev
- Target version set to TBD
Updated by Victor Julien over 4 years ago
- Related to Feature #2145: Relate directly flowid with certificate file added
Updated by Victor Julien about 4 years ago
This is only relevant to filestore v1, which will be removed soon.
Updated by Victor Julien about 4 years ago
- Status changed from New to Assigned
- Assignee changed from OISF Dev to Jason Ish
For v2 we support it, but a SV test is missing.
Updated by Jason Ish about 4 years ago
- Target version changed from TBD to 6.0.0beta1
Updated by Jason Ish about 4 years ago
- Related to Task #2959: deprecate: filestore v1 added
Updated by Jason Ish almost 4 years ago
Add SV test to verify file-store v2 has a flow_id in the fileinfo records.
Updated by Jason Ish over 3 years ago
- Status changed from Assigned to Closed
Tests for flow_id in fileinfo and meta files added.
Commits:
https://github.com/OISF/suricata-verify/commit/81d2d72fecfb1b623a27b668c5a756cac172017d
https://github.com/OISF/suricata-verify/commit/a9a6112d5875215f55006cba1becd299e5aba49d
Actions