Project

General

Profile

Actions

Optimization #4749

closed

app-layer: track changed txs for detect and logging

Added by Victor Julien about 3 years ago. Updated 5 months ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Effort:
Difficulty:
Label:

Description

When a parser runs it "knows" which txs have been created and/or updated. So it should communicate this to detect/output somehow so that these subsystems don't need to iterate all of them.


Related issues 1 (0 open1 closed)

Related to Suricata - Security #6299: mqtt pcap with anomalies takes too long to process because of app-layer-event detectionClosedPhilippe AntoineActions
Actions

Also available in: Atom PDF