Project

General

Profile

Actions
Copy link

Bug #3854

closed

Suricata applayer anomaly eve-log

Added by Jeff Lucovsky almost 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Jeff Lucovsky
Target version:
5.0.4
Affected Versions:
5.0.3
Effort:
Difficulty:
Label:

Description

When Suricata has configured more than one eve-log output with applayer anomaly, then only the first output gets applayer messages.

Confirmed here
https://forum.suricata.io/t/applayer-anomaly-bug/422/2

Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #3835: Suricata applayer anomaly eve-logClosedJeff LucovskyActions
Actions
Copy link

Also available in: Atom PDF