Project

General

Profile

Support #2309

SuriCon 2017 brainstorm

Added by Victor Julien about 2 years ago.

Status:
New
Priority:
Normal
Assignee:
Affected Versions:
Label:

Description

Meta ticket. Add relations to this ticket for the tickets discussed at SuriCon or created after SuriCon brainstorm.


Related issues

Related to Feature #2308: threshold/suppress by http_hostAssignedTodd MortimerActions
Related to Feature #2310: lua: expose xbitsNewCommunity TicketActions
Related to Feature #2311: math on extracted valuesIn ReviewJeff LucovskyActions
Related to Feature #2312: http: parsing for async streamsIn ReviewPhilippe AntoineActions
Related to Task #2313: tracking: save & restore state when suricata restartsNewOISF DevActions
Related to Feature #2314: protocol parser: rdpClosedZach KellyActions
Related to Feature #646: smb log feature to be introducedClosed11/28/2012Victor JulienActions
Related to Feature #2315: eve: ftp loggingClosedJeff LucovskyActions
Related to Feature #2316: global memcapAssigned12/01/2017Giuseppe LongoActions
Related to Optimization #2317: rcuNewOISF DevActions
Related to Feature #2303: file-store enhancements (aka file-store v2): deduplication; hash-based naming; json metadata and cleanup toolingClosed06/08/2014Jason IshActions
Related to Task #2278: tracking: failing betterNewOISF DevActions
Related to Feature #550: Extract file attachments from FTPClosed09/10/2012Eric LeblondActions
Related to Feature #2192: JA3 TLS client fingerprintingClosed07/24/2017Mats KlepslandActions
Related to Feature #2279: TLS 1.3 decoding, SNI extraction and loggingClosedMats KlepslandActions
Related to Feature #2280: http: rules that match both request and responseAssigned11/20/2017Victor JulienActions
Related to Feature #1576: http: byte-range supportIn ReviewPhilippe AntoineActions
Related to Feature #2281: tcp stream: simpler IDS handling of overlap evasionsAssignedVictor JulienActions
Related to Feature #120: Capture full session on alertNewCommunity TicketActions
Related to Feature #385: Configuration option to log all known (pcap) data for a stream when an alert firesClosedCommunity TicketActions
Related to Documentation #2219: Save pcap only if alertAssignedJason IshActions
Related to Feature #2290: lua: expose lua generated buffers to rule langNewVictor JulienActions
Related to Feature #2284: detect partial file transfersNewCommunity TicketActions
Related to Feature #1705: hyperscan pcre integrationClosedActions
Related to Feature #1006: transformation apiClosed10/23/2013Victor JulienActions
Related to Feature #2291: traffic-id: ruleset for traffic classification and bypassAssignedJason IshActions
Related to Feature #2285: modify memcaps over unix socketClosed11/20/2017Giuseppe LongoActions
Related to Feature #2283: turn content modifiers into 'sticky buffers'ClosedOISF DevActions
Related to Feature #1948: allow filestore name configuration optionsClosed11/10/2016Jason IshActions
Related to Documentation #2286: doc: document best practices around handling file extractionClosedJason IshActions
Related to Feature #2282: event log aka weird.logClosedJeff LucovskyActions
Related to Optimization #2272: Analyze DNS response if query is not presentAssignedJason IshActions
Related to Feature #741: Introduce endswith keywordClosed01/31/2013Victor JulienActions
Related to Feature #742: startswith keywordClosed02/01/2013Victor JulienActions
Related to Feature #735: Introduce content_len keywordClosed01/26/2013Victor JulienActions
Related to Feature #2299: pcap: read directory with pcaps from the commandlineClosed11/28/2017Danny BrowningActions
Related to Feature #2298: pcap: store pcaps in compressed formClosedActions
Related to Feature #1828: YARA supportRejectedActions
Related to Feature #1949: only write unique filesClosed11/10/2016Jason IshActions
Related to Feature #962: Can I log the mac address of the source?AssignedSascha SteinbissActions
Related to Feature #2318: matching on large amounts of data with dynamic updatesClosedVictor JulienActions
Related to Feature #2319: Expose flow lifetime to the rulelanguageNewStian BergsethActions
Related to Feature #2320: configure host os policy over unix socketRejectedActions
Related to Optimization #2321: yaml: clean up usage of listsAssignedJason IshActions
Related to Support #2322: create place for easy sharing of test casesClosedCommunity TicketActions
Related to Feature #660: Update host policy from unix socketRejectedActions
#1

Updated by Victor Julien about 2 years ago

  • Related to Feature #2308: threshold/suppress by http_host added
#2

Updated by Victor Julien about 2 years ago

#3

Updated by Victor Julien about 2 years ago

#4

Updated by Victor Julien about 2 years ago

  • Related to Feature #2312: http: parsing for async streams added
#5

Updated by Victor Julien about 2 years ago

  • Related to Task #2313: tracking: save & restore state when suricata restarts added
#6

Updated by Victor Julien about 2 years ago

#7

Updated by Victor Julien about 2 years ago

  • Related to Feature #646: smb log feature to be introduced added
#8

Updated by Victor Julien about 2 years ago

#9

Updated by Victor Julien about 2 years ago

#10

Updated by Victor Julien about 2 years ago

#11

Updated by Victor Julien about 2 years ago

  • Related to Feature #2303: file-store enhancements (aka file-store v2): deduplication; hash-based naming; json metadata and cleanup tooling added
#12

Updated by Victor Julien about 2 years ago

  • Related to Task #2278: tracking: failing better added
#13

Updated by Victor Julien about 2 years ago

  • Related to Feature #550: Extract file attachments from FTP added
#14

Updated by Victor Julien about 2 years ago

#15

Updated by Victor Julien about 2 years ago

  • Related to Feature #2279: TLS 1.3 decoding, SNI extraction and logging added
#16

Updated by Victor Julien about 2 years ago

  • Related to Feature #2280: http: rules that match both request and response added
#17

Updated by Victor Julien about 2 years ago

#18

Updated by Victor Julien about 2 years ago

  • Related to Feature #2281: tcp stream: simpler IDS handling of overlap evasions added
#19

Updated by Victor Julien about 2 years ago

  • Related to Feature #120: Capture full session on alert added
#20

Updated by Victor Julien about 2 years ago

  • Related to Feature #385: Configuration option to log all known (pcap) data for a stream when an alert fires added
#21

Updated by Victor Julien about 2 years ago

#22

Updated by Victor Julien about 2 years ago

  • Related to Feature #2290: lua: expose lua generated buffers to rule lang added
#23

Updated by Victor Julien about 2 years ago

#24

Updated by Victor Julien about 2 years ago

#25

Updated by Victor Julien about 2 years ago

#26

Updated by Victor Julien about 2 years ago

  • Related to Feature #2291: traffic-id: ruleset for traffic classification and bypass added
#27

Updated by Victor Julien about 2 years ago

  • Related to Feature #2285: modify memcaps over unix socket added
#28

Updated by Victor Julien about 2 years ago

  • Related to Feature #2283: turn content modifiers into 'sticky buffers' added
#29

Updated by Victor Julien about 2 years ago

  • Related to Feature #1948: allow filestore name configuration options added
#30

Updated by Victor Julien about 2 years ago

  • Related to Documentation #2286: doc: document best practices around handling file extraction added
#31

Updated by Victor Julien about 2 years ago

#32

Updated by Victor Julien about 2 years ago

#33

Updated by Victor Julien about 2 years ago

#34

Updated by Victor Julien about 2 years ago

#35

Updated by Victor Julien about 2 years ago

  • Related to Feature #735: Introduce content_len keyword added
#36

Updated by Victor Julien about 2 years ago

  • Related to Feature #2299: pcap: read directory with pcaps from the commandline added
#37

Updated by Victor Julien about 2 years ago

  • Related to Feature #2298: pcap: store pcaps in compressed form added
#38

Updated by Victor Julien about 2 years ago

#39

Updated by Victor Julien about 2 years ago

#40

Updated by Victor Julien about 2 years ago

  • Related to Feature #962: Can I log the mac address of the source? added
#41

Updated by Victor Julien about 2 years ago

  • Related to Feature #2318: matching on large amounts of data with dynamic updates added
#42

Updated by Victor Julien about 2 years ago

  • Related to Feature #2319: Expose flow lifetime to the rulelanguage added
#43

Updated by Victor Julien about 2 years ago

  • Related to Feature #2320: configure host os policy over unix socket added
#44

Updated by Victor Julien about 2 years ago

#45

Updated by Victor Julien about 2 years ago

  • Related to Support #2322: create place for easy sharing of test cases added
#46

Updated by Victor Julien almost 2 years ago

  • Related to Feature #660: Update host policy from unix socket added

Also available in: Atom PDF