Feature #4751: dns/eve: add 'HTTPS' type logging - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #4751

closed

dns/eve: add 'HTTPS' type logging

Added by Victor Julien over 2 years ago. Updated 8 months ago.

Status:

Closed

Priority:

Normal

Assignee:

Haleema Khan

Target version:

7.0.0-rc1

Effort:

Difficulty:

Label:

Beginner, Needs backport to 6.0, Rust

Description

{"timestamp":"2021-10-12T10:17:37.702061+0200","flow_id":865976079988333,"pcap_cnt":1,"event_type":"dns","src_ip":"192.168.0.47","src_port":61954,"dest_ip":"192.168.0.1","dest_port":53,"proto":"UDP","dns":{"type":"query","id":4220,"rrname":"46-105-202-126.any.cdn.anycast.me","rrtype":"65","tx_id":0}}

rrtype: 65 instead of HTTPS

Files

Download all files

dns-in-rec.pcap (133 Bytes) dns-in-rec.pcap		Victor Julien, 10/12/2021 08:24 AM
Screenshot from 2021-10-12 10-25-04.png (78.8 KB) Screenshot from 2021-10-12 10-25-04.png		Victor Julien, 10/12/2021 08:25 AM

Subtasks 1 (0 open — 1 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #4751

dns/eve: add 'HTTPS' type logging

Updated by Victor Julien over 2 years ago

Updated by Victor Julien over 2 years ago

Updated by Victor Julien over 2 years ago

Updated by Haleema Khan over 1 year ago

Updated by Haleema Khan over 1 year ago

Updated by Haleema Khan over 1 year ago

Updated by Shivani Bhardwaj over 1 year ago

Updated by Haleema Khan over 1 year ago

Updated by Victor Julien over 1 year ago

Updated by Haleema Khan over 1 year ago

Updated by Jason Ish 8 months ago

Updated by Jason Ish 8 months ago

Updated by Jason Ish 8 months ago

Updated by Jason Ish 8 months ago