Project

General

Profile

Actions
Copy link

Optimization #4753

open

Fix inconsistency in Lua functions for the "needs" key

Added by Juliana Fajardini Reichow over 2 years ago. Updated 4 months ago.

Status:
New
Priority:
Normal
Assignee:
Jo Johnson
Target version:
8.0.0-beta1
Effort:
Difficulty:
Label:

Description

In Suricata, there's a difference in the usage of needs key, depending on whether one is writing a match or a log function in the lua scripts.
It is better to have the same behavior for both use cases.

Current behavior:
If one wants to use the log ability, the usage is:

function init (args)
    local needs = {}
    needs["protocol"] = "tls" 
    return needs
end

If one wants to write a match function in Lua scripts, then it must be:

function init(args)
    local needs = {}
    needs["tls"] = "true" 
    return needs
end

Real-life examples:
Example for match: https://github.com/OISF/suricata-verify/blob/master/tests/dns-lua-rules/test-rrname.lua Example for log: https://github.com/OISF/suricata-verify/blob/master/tests/lua-output-dns/test.lua

Expected behavior:
regardless of what function is being written, users should be able to use needs in the same way.

Related issues 1 (0 open1 closed)

Related to Suricata - Documentation #4725: Inconsistent "needs" key documentation for Lua functionsClosedJuliana Fajardini ReichowActions
Actions
Copy link

Also available in: Atom PDF