Actions
Support #4694
closedIs suricata detect http request when http traffic not finished possible?
Affected Versions:
Label:
Description
I'm writing an Express server to show if the current HTTP Reuqest will cause Suricata to issue an alert.The whole process is in realtime.
The process is:
HTTP-malicious-request -> express -> read alert from eve.json -> send to client
But suricata have no alert when HTTP-malicious-request is arrived express server until http traffic finished or server responce to client.
Is something method available? Thanks :)
Actions