Feature #3701: eve: add tenant_id in eve-log for other types than alert - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #3701

closed

eve: add tenant_id in eve-log for other types than alert

Added by Justin Ossevoort almost 4 years ago. Updated over 3 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Justin Ossevoort

Target version:

7.0.0-beta1

Effort:

Difficulty:

Label:

Description

We're in the process of adopting multi-tenant support in Suricata and we've run in to the issue that the tenant_id is only being logged for alert type logging. But we also process other event types, which will also have to be sorted according to respective tenants.

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #3701

eve: add tenant_id in eve-log for other types than alert

Updated by Victor Julien over 3 years ago