Project

General

Profile

Actions
Copy link

Bug #3835

closed

Suricata applayer anomaly eve-log

Added by Lukas Dolezel over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Jeff Lucovsky
Target version:
-
Affected Versions:
5.0.3
Effort:
Difficulty:
Label:
Needs backport to 5.0

Description

When Suricata has configured more than one eve-log output with applayer anomaly, then only the first output gets applayer messages.

Confirmed here
https://forum.suricata.io/t/applayer-anomaly-bug/422/2

Related issues 1 (0 open1 closed)

Copied to Suricata - Bug #3854: Suricata applayer anomaly eve-logClosedJeff LucovskyActions
Actions
Copy link
 #1

Updated by Jeff Lucovsky over 4 years ago

  • Status changed from New to In Review
  • Assignee set to Jeff Lucovsky
Actions
Copy link
 #2

Updated by Jeff Lucovsky over 4 years ago

  • Label Needs backport to 5.0 added
Actions
Copy link
 #3

Updated by Jeff Lucovsky over 4 years ago

  • Copied to Bug #3854: Suricata applayer anomaly eve-log added
Actions
Copy link
 #4

Updated by Jeff Lucovsky over 4 years ago

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: Atom PDF