Feature #384: Add support for logging alert packets in libpcap format - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #384

closed

Add support for logging alert packets in libpcap format

Added by David Wharton over 12 years ago. Updated almost 12 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Target version:

Effort:

Difficulty:

Label:

Description

This is a feature request to add support to be able to log packets that trigger an alert in libpcap format. This should also include logging of packets that occur as the result of 'tag' directives.

History
Notes
Property changes

Actions

Copy link

Updated by Victor Julien over 12 years ago

We're trying to limit the outputs Suricata has itself and offload to Barnyard2 if feasible. I think barnyard2 does well at producing the output you seek.

Actions

Copy link

Updated by Victor Julien almost 12 years ago

Status changed from New to Closed
Priority changed from High to Normal

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #384

Add support for logging alert packets in libpcap format

Updated by Victor Julien over 12 years ago

Updated by Victor Julien almost 12 years ago