Bug #3835: Suricata applayer anomaly eve-log - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #3835

closed

Suricata applayer anomaly eve-log

Added by Lukas Dolezel almost 4 years ago. Updated almost 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Jeff Lucovsky

Target version:

Affected Versions:

5.0.3

Effort:

Difficulty:

Label:

Needs backport to 5.0

Description

When Suricata has configured more than one eve-log output with applayer anomaly, then only the first output gets applayer messages.

Confirmed here
https://forum.suricata.io/t/applayer-anomaly-bug/422/2

Related issues 1 (0 open — 1 closed)

Actions

Copy link

Updated by Jeff Lucovsky almost 4 years ago

Status changed from New to In Review
Assignee set to Jeff Lucovsky

https://github.com/OISF/suricata/pull/5256

Actions

Copy link

Updated by Jeff Lucovsky almost 4 years ago

Label Needs backport to 5.0 added

Actions

Copy link

Updated by Jeff Lucovsky almost 4 years ago

Copied to Bug #3854: Suricata applayer anomaly eve-log added

Actions

Copy link

Updated by Jeff Lucovsky almost 4 years ago

Status changed from In Review to Closed

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #3835

Suricata applayer anomaly eve-log

Updated by Jeff Lucovsky almost 4 years ago

Updated by Jeff Lucovsky almost 4 years ago

Updated by Jeff Lucovsky almost 4 years ago

Updated by Jeff Lucovsky almost 4 years ago