Project

General

Profile

Actions
Copy link

Feature #3231

closed

EVE DNS v2 logging does not support request filtering.

Added by Jason Ish over 4 years ago. Updated over 4 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
Jason Ish
Target version:
-
Effort:
Difficulty:
Label:

Description

The v2 implementation of EVE DNS supports filtering the response types with the answer-types parameter, however there is no equivalent to filter requests from being logged. This is a regression from the v1 logging which supported request filtering.

Actions
Copy link
 #1

Updated by Victor Julien over 4 years ago

Think we should target 5.0.1 for this?

Actions
Copy link
 #2

Updated by Jason Ish over 4 years ago

  • Target version set to 5.0.1

Victor Julien wrote:

Think we should target 5.0.1 for this?

Yeah, I do.

Actions
Copy link
 #3

Updated by Jason Ish over 4 years ago

  • Status changed from Assigned to Rejected

Rejecting. I was wrong, I think due to dated documentation. Filtering does work as expected, and aligns with the last documentation updates to the EVE/DNS section.

This suricata-verify test confirms it works as expected:
https://github.com/OISF/suricata-verify/pull/150

Actions
Copy link
 #4

Updated by Victor Julien over 4 years ago

  • Target version deleted (5.0.1)
  • Effort deleted (low)
  • Difficulty deleted (low)
Actions
Copy link

Also available in: Atom PDF