Task #4772: tracking: parity between fields logged and fields available for detection - Suricata - Open Information Security Foundation

Actions

Copy link

#1

Updated by Victor Julien over 1 year ago

Related to Feature #2021: doc: sha256 filesum extraction missing in documentation added

Actions

Copy link

#2

Updated by Victor Julien over 1 year ago

Related to deleted (Feature #2021: doc: sha256 filesum extraction missing in documentation)

Actions

Copy link

#3

Updated by Victor Julien over 1 year ago

Related to Task #4762: Suricon 2021 brainstorm added

Actions

Copy link

#4

Updated by Victor Julien 10 months ago

Related to Feature #4174: tracking: app-layer frame inspection support added

Actions

Copy link

#5

Updated by Jason Ish 3 months ago

Related to Feature #5642: DNS: parity between log fields and detection added

Actions

Copy link

#6

Updated by Philippe Antoine 3 months ago

My next thing here is to look into the schema.json for integers where there are no signature keywords, starting by the flow.nbpackets or such (as I did flow.age last)

Related to Task #4762: Suricon 2021 brainstorm	Assigned	Victor Julien	Actions
Related to Feature #4174: tracking: app-layer frame inspection support	In Progress	Victor Julien	Actions
Related to Feature #5642: DNS: parity between log fields and detection	New	OISF Dev	Actions

Project

General

Profile

Suricata

Custom queries

Task #4772

tracking: parity between fields logged and fields available for detection

Updated by Victor Julien over 1 year ago

Updated by Victor Julien over 1 year ago

Updated by Victor Julien over 1 year ago

Updated by Victor Julien 10 months ago

Updated by Jason Ish 3 months ago

Updated by Philippe Antoine 3 months ago