Project

General

Profile

Actions

Feature #3975

closed

Suricata-Verify: Add JSON schema validation to EVE output.

Added by Jason Ish over 4 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:

Description

Add a feature, or command that validates all eve.json through a JSON schema. This doesn't have to become part of each test, but is something that could be run after a full run of suricata-verify over all found eve.json files.

Something like this would have caught "fileinfo" being an array in alerts, while an object in "fileinfo" records by having a schema requiring that .fileinfo was an object.


Related issues 1 (0 open1 closed)

Related to Suricata - Feature #1369: eve: json schemaClosedJason IshActions
Actions #1

Updated by Shivani Bhardwaj over 4 years ago

  • Assignee set to Community Ticket
  • Target version set to QA
Actions #2

Updated by Jason Ish about 4 years ago

Actions #3

Updated by Philippe Antoine about 2 years ago

  • Status changed from New to Closed
Actions

Also available in: Atom PDF