Bug #236
closedfast log xrefs should be removed.
Description
Currently the suricata fast.log doesn't match the snort fast log. xrefs should be removed from fast log.
Example snort fast logs (ip addy's have been changed)
12/26-06:44:10.148430 [**] [1:2002750:23] ET POLICY Reserved IP Space Traffic - Bogon Nets 2 [**] [Classification: Potentially Bad Traffic] [Priority: 2] {PROTO:007} 10.1.1.1 -> 10.1.1.2
12/26-11:11:11.012275 [**] [1:2009022:3] ET VIRUS Zlob User Agent - Likely Zlob (securityinternet) [**] [Classification: A Network Trojan was detected] [Priority: 1] {TCP} 10.1.1.1:1033 -> 10.1.1.2:80
12/29-11:11:11.592820 [**] [1:2002750:23] ET POLICY Reserved IP Space Traffic - Bogon Nets 2 [**] [Classification: Potentially Bad Traffic] [Priority: 2] {MANET} 10.1.1.1 -> 10.1.1.2
Files
Updated by Gurvinder Singh over 14 years ago
- File 0001-removed-xref-from-the-alert-fastlog.patch 0001-removed-xref-from-the-alert-fastlog.patch added
- Status changed from New to Resolved
- % Done changed from 0 to 80
Patch has been attached.
Updated by Victor Julien over 14 years ago
- Status changed from Resolved to Closed
- % Done changed from 80 to 100
Patch applied to my local tree, thanks Gurvinder.