Project

General

Profile

Actions
Copy link

Bug #3835

closed

Suricata applayer anomaly eve-log

Added by Lukas Dolezel almost 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Jeff Lucovsky
Target version:
-
Affected Versions:
5.0.3
Effort:
Difficulty:
Label:
Needs backport to 5.0

Description

When Suricata has configured more than one eve-log output with applayer anomaly, then only the first output gets applayer messages.

Confirmed here
https://forum.suricata.io/t/applayer-anomaly-bug/422/2

Related issues 1 (0 open1 closed)

Copied to Suricata - Bug #3854: Suricata applayer anomaly eve-logClosedJeff LucovskyActions
Actions
Copy link

Also available in: Atom PDF