Project

General

Profile

Actions

Feature #4241

closed

Protocol support: PostgreSQL (pgsql)

Added by Jason Ish about 3 years ago. Updated almost 2 years ago.

Status:
Closed
Priority:
Normal
Target version:
Effort:
Difficulty:
Label:
Protocol

Description

Add support for the PostgreSQL protocol. Not only will this add support for PostgreSQL but other databases that use the PostgreSQL wire format like CockroachDB, and I believe there are others.

The protocol is documented here: https://www.postgresql.org/docs/13/protocol.html

Initial basics should include support for:
- connection username and database
- queries

Thought should be given to what could be normalized in terms of detection keywords and logging with other database protocols, such as MySQL.


Subtasks 1 (0 open1 closed)

Optimization #4991: pgsql: convert parser to nom7 functionsClosedPierre ChifflierActions

Related issues 2 (2 open0 closed)

Related to Suricata - Feature #4566: pgsql: add subprotocol-statesNewJuliana Fajardini ReichowActions
Related to Suricata - Feature #4986: postgresql: support framesIn ProgressJuliana Fajardini ReichowActions
Actions

Also available in: Atom PDF