Project

General

Profile

Support #2309

SuriCon 2017 brainstorm

Added by Victor Julien 9 months ago.

Status:
New
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:

Description

Meta ticket. Add relations to this ticket for the tickets discussed at SuriCon or created after SuriCon brainstorm.


Related issues

Related to Feature #2308: threshold/suppress by http_hostAssigned2017-12-01
Related to Feature #2310: lua: expose xbitsNew
Related to Feature #2311: math on extracted valuesNew
Related to Feature #2312: http: parsing for async streamsNew2017-12-01
Related to Feature #2313: save & restore state when suricata restartsNew
Related to Feature #2314: protocol parser: rdpNew
Related to Feature #646: smb log feature to be introducedClosed2012-11-28
Related to Feature #2315: eve: ftp loggingAssigned
Related to Feature #2316: global memcapAssigned2017-12-01
Related to Optimization #2317: rcuNew
Related to Feature #2303: file-store enhancements (aka file-store v2): deduplication; hash-based naming; json metadata and cleanup toolingClosed2014-06-08
Related to Feature #2278: failing betterNew2017-11-20
Related to Feature #550: Extract file attachments from FTPClosed2012-09-10
Related to Feature #2192: JA3 TLS client fingerprintingClosed2017-07-24
Related to Feature #2279: TLS 1.3 decoding, SNI extraction and loggingAssigned
Related to Feature #2280: http: rules that match both request and responseAssigned2017-11-20
Related to Feature #1576: http: byte-range supportNew2015-10-09
Related to Feature #2281: tcp stream: simpler IDS handling of overlap evasionsAssigned2017-11-20
Related to Feature #120: Capture full session on alertNew
Related to Feature #385: Configuration option to log all known (pcap) data for a stream when an alert firesNew2011-12-06
Related to Feature #2219: Save pcap only if alertAssigned2017-10-04
Related to Feature #2290: lua: expose lua generated buffers to rule langNew2017-11-27
Related to Feature #2284: detect partial file transfersNew2017-11-20
Related to Feature #1705: hyperscan pcre integrationClosed
Related to Feature #1006: transformation apiClosed2013-10-23
Related to Feature #2291: traffic-id: ruleset for traffic classification and bypassAssigned2017-11-27
Related to Feature #2285: modify memcaps over unix socketClosed2017-11-20
Related to Feature #2283: turn content modifiers into 'sticky buffers'New
Related to Feature #1948: allow filestore name configuration optionsClosed2016-11-10
Related to Feature #2286: doc: document best practices around handling file extractionAssigned2017-11-20
Related to Feature #2282: event log aka weird.logNew2017-11-20
Related to Optimization #2272: Analyze DNS response if query is not presentNew2017-11-16
Related to Feature #741: Introduce endswith keywordClosed2013-01-31
Related to Feature #742: startswith keywordClosed2013-02-01
Related to Feature #735: Introduce content_len keywordClosed2013-01-26
Related to Feature #2299: pcap: read directory with pcaps from the commandlineClosed2017-11-28
Related to Feature #2298: pcap: store pcaps in compressed formClosed
Related to Feature #1828: YARA supportAssigned2016-06-25
Related to Feature #1949: only write unique filesClosed2016-11-10
Related to Feature #962: Can I log the mac address of the source?Assigned
Related to Feature #2318: matching on large amounts of data with dynamic updatesNew2012-12-052016-05-31
Related to Feature #2319: Expose flow lifetime to the rulelanguageNew
Related to Feature #2320: configure host os policy over unix socketRejected
Related to Bug #2321: yaml: clean up usage of listsAssigned2017-12-01
Related to Support #2322: create place for easy sharing of test casesNew2017-12-01
Related to Feature #660: Update host policy from unix socketNew2012-12-05

History

#1 Updated by Victor Julien 9 months ago

  • Related to Feature #2308: threshold/suppress by http_host added

#2 Updated by Victor Julien 9 months ago

#3 Updated by Victor Julien 9 months ago

#4 Updated by Victor Julien 9 months ago

  • Related to Feature #2312: http: parsing for async streams added

#5 Updated by Victor Julien 9 months ago

  • Related to Feature #2313: save & restore state when suricata restarts added

#6 Updated by Victor Julien 9 months ago

#7 Updated by Victor Julien 9 months ago

  • Related to Feature #646: smb log feature to be introduced added

#8 Updated by Victor Julien 9 months ago

#9 Updated by Victor Julien 9 months ago

#10 Updated by Victor Julien 9 months ago

#11 Updated by Victor Julien 9 months ago

  • Related to Feature #2303: file-store enhancements (aka file-store v2): deduplication; hash-based naming; json metadata and cleanup tooling added

#12 Updated by Victor Julien 9 months ago

#13 Updated by Victor Julien 9 months ago

  • Related to Feature #550: Extract file attachments from FTP added

#14 Updated by Victor Julien 9 months ago

#15 Updated by Victor Julien 9 months ago

  • Related to Feature #2279: TLS 1.3 decoding, SNI extraction and logging added

#16 Updated by Victor Julien 9 months ago

  • Related to Feature #2280: http: rules that match both request and response added

#17 Updated by Victor Julien 9 months ago

#18 Updated by Victor Julien 9 months ago

  • Related to Feature #2281: tcp stream: simpler IDS handling of overlap evasions added

#19 Updated by Victor Julien 9 months ago

  • Related to Feature #120: Capture full session on alert added

#20 Updated by Victor Julien 9 months ago

  • Related to Feature #385: Configuration option to log all known (pcap) data for a stream when an alert fires added

#21 Updated by Victor Julien 9 months ago

#22 Updated by Victor Julien 9 months ago

  • Related to Feature #2290: lua: expose lua generated buffers to rule lang added

#23 Updated by Victor Julien 9 months ago

#24 Updated by Victor Julien 9 months ago

#25 Updated by Victor Julien 9 months ago

#26 Updated by Victor Julien 9 months ago

  • Related to Feature #2291: traffic-id: ruleset for traffic classification and bypass added

#27 Updated by Victor Julien 9 months ago

  • Related to Feature #2285: modify memcaps over unix socket added

#28 Updated by Victor Julien 9 months ago

  • Related to Feature #2283: turn content modifiers into 'sticky buffers' added

#29 Updated by Victor Julien 9 months ago

  • Related to Feature #1948: allow filestore name configuration options added

#30 Updated by Victor Julien 9 months ago

  • Related to Feature #2286: doc: document best practices around handling file extraction added

#31 Updated by Victor Julien 9 months ago

#32 Updated by Victor Julien 9 months ago

#33 Updated by Victor Julien 9 months ago

#34 Updated by Victor Julien 9 months ago

#35 Updated by Victor Julien 9 months ago

  • Related to Feature #735: Introduce content_len keyword added

#36 Updated by Victor Julien 9 months ago

  • Related to Feature #2299: pcap: read directory with pcaps from the commandline added

#37 Updated by Victor Julien 9 months ago

  • Related to Feature #2298: pcap: store pcaps in compressed form added

#38 Updated by Victor Julien 9 months ago

#39 Updated by Victor Julien 9 months ago

#40 Updated by Victor Julien 9 months ago

  • Related to Feature #962: Can I log the mac address of the source? added

#41 Updated by Victor Julien 9 months ago

  • Related to Feature #2318: matching on large amounts of data with dynamic updates added

#42 Updated by Victor Julien 9 months ago

  • Related to Feature #2319: Expose flow lifetime to the rulelanguage added

#43 Updated by Victor Julien 9 months ago

  • Related to Feature #2320: configure host os policy over unix socket added

#44 Updated by Victor Julien 9 months ago

  • Related to Bug #2321: yaml: clean up usage of lists added

#45 Updated by Victor Julien 9 months ago

  • Related to Support #2322: create place for easy sharing of test cases added

#46 Updated by Victor Julien 4 months ago

  • Related to Feature #660: Update host policy from unix socket added

Also available in: Atom PDF