Bug #2206: eve log integration or socket output for file extraction details - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #2206

closed

eve log integration or socket output for file extraction details

Added by Robert Haist about 7 years ago. Updated about 7 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Target version:

Affected Versions:

Effort:

Difficulty:

Label:

Description

To ease integration for file analysis attached to suricata it would be great to include the content of the .meta files from extracted files in either eve.json or allow an additional unix socket instead of a logfile for "file-log" in the config.

Actions

Copy link

Updated by Victor Julien about 7 years ago

I'm not sure I understand. The fileinfo records provide this info in eve, right?

Actions

Copy link

Updated by Robert Haist about 7 years ago

Victor Julien wrote:

I'm not sure I understand. The fileinfo records provide this info in eve, right?

We investigated this further. You are right. Please excuse the spam. Issue can be closed.

Actions

Copy link

Updated by Peter Manev about 7 years ago

Status changed from New to Closed

Closing as updated/requested

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #2206

eve log integration or socket output for file extraction details

Updated by Victor Julien about 7 years ago

Updated by Robert Haist about 7 years ago

Updated by Peter Manev about 7 years ago