Project

General

Profile

Feature #266

log http raw request for network forensic

Added by delta yeh almost 9 years ago. Updated about 2 months ago.

Status:
New
Priority:
Normal
Target version:
Effort:
medium
Difficulty:
medium
Label:

Description

It would be great that suricata can log raw http traffic for network forensic audit.
each http request and response in a file (response body can be optional).
Modsecurity audit log is a good reference: http://www.modsecurity.org/documentation/modsecurity-apache/2.5.12/modsecurity2-data-formats.html#N10269

History

#1

Updated by Victor Julien almost 9 years ago

  • Target version set to TBD

I certainly can see this being useful. However I don't foresee having the dev resources for it any time soon.

Community input (patches!) is very welcome here.

#2

Updated by Victor Julien almost 9 years ago

  • Assignee set to Anonymous
#3

Updated by Sangkyun Noh over 8 years ago

  • Assignee changed from Anonymous to Sangkyun Noh
#4

Updated by Victor Julien over 1 year ago

  • Effort set to medium
  • Difficulty set to medium
#5

Updated by Victor Julien about 2 months ago

  • Assignee changed from Sangkyun Noh to Community Ticket

Also available in: Atom PDF