Task #4772: tracking: parity between fields logged and fields available for detection - Suricata - Open Information Security Foundation

Actions

Copy link

#1

Updated by Victor Julien over 2 years ago

Related to Feature #2021: doc: sha256 filesum extraction missing in documentation added

Actions

Copy link

#2

Updated by Victor Julien over 2 years ago

Related to deleted (Feature #2021: doc: sha256 filesum extraction missing in documentation)

Actions

Copy link

#3

Updated by Victor Julien over 2 years ago

Related to Task #4762: Suricon 2021 brainstorm added

Actions

Copy link

#4

Updated by Victor Julien about 2 years ago

Related to Feature #4174: tracking: app-layer frame inspection support added

Actions

Copy link

#5

Updated by Jason Ish over 1 year ago

Related to Feature #5642: DNS: parity between log fields and detection added

Actions

Copy link

#6

Updated by Philippe Antoine over 1 year ago

My next thing here is to look into the schema.json for integers where there are no signature keywords, starting by the flow.nbpackets or such (as I did flow.age last)

Actions

Copy link

#7

Updated by Philippe Antoine 10 months ago

Related to Feature #6164: detect: new keyword flow.pkts_toclient to server and bytes as well added

Actions

Copy link

#8

Updated by Juliana Fajardini Reichow 8 months ago

Related to Feature #5234: SSL/TLS Sticky Buffer for subjectAltName added

Actions

Copy link

#9

Updated by Juliana Fajardini Reichow 8 months ago

Added #5234 as related as it seems that we parse and log the info, but it's not accessible to the rule language.

Actions

Copy link

#10

Updated by Philippe Antoine 6 months ago

Related to Task #6443: Suricon 2023 brainstorm added

Actions

Copy link

#11

Updated by Juliana Fajardini Reichow 6 months ago

Related to Task #6473: detect: smtp keyword coverage added

Actions

Copy link

#12

Updated by Jason Ish 6 months ago

Subtask #6476 added

Actions

Copy link

#13

Updated by Juliana Fajardini Reichow 6 months ago

Related to Feature #4876: Additional FTP Buffers added

Actions

Copy link

#14

Updated by Juliana Fajardini Reichow 5 months ago

Related to Task #6463: eve/output: investigate how to track coverage / parity added

Actions

Copy link

#15

Updated by Juliana Fajardini Reichow 5 months ago

Related to Task #6597: rules keyword/output parity: improve added

Actions

Copy link

#16

Updated by Philippe Antoine 15 days ago

Target version set to TBD

Actions

Copy link

#17

Updated by Victor Julien 15 days ago

Target version changed from TBD to 8.0.0-beta1

Related to Suricata - Task #4762: Suricon 2021 brainstorm	Assigned	Victor Julien	Actions
Related to Suricata - Feature #4174: tracking: app-layer frame inspection support	In Progress	Victor Julien	Actions
Related to Suricata - Feature #5642: DNS: parity between log fields and detection	New	OISF Dev	Actions
Related to Suricata - Feature #6164: detect: new keyword flow.pkts_toclient to server and bytes as well	Closed	Philippe Antoine	Actions
Related to Suricata - Feature #5234: SSL/TLS Sticky Buffer for subjectAltName	In Review	Shivani Bhardwaj	Actions
Related to Suricata - Task #6443: Suricon 2023 brainstorm	Assigned	Victor Julien	Actions
Related to Suricata - Task #6473: detect: smtp keyword coverage	Assigned	Victor Julien	Actions
Related to Suricata - Feature #4876: Additional FTP Buffers	New	OISF Dev	Actions
Related to Suricata - Task #6463: eve/output: investigate how to track coverage / parity	New	OISF Dev	Actions
Related to Suricata - Task #6597: rules keyword/output parity: improve	In Progress	Hadiqa Alamdar Bukhari	Actions

Project

General

Profile

Suricata

Custom queries

Task #4772

tracking: parity between fields logged and fields available for detection

Updated by Victor Julien over 2 years ago

Updated by Victor Julien over 2 years ago

Updated by Victor Julien over 2 years ago

Updated by Victor Julien about 2 years ago

Updated by Jason Ish over 1 year ago

Updated by Philippe Antoine over 1 year ago

Updated by Philippe Antoine 10 months ago

Updated by Juliana Fajardini Reichow 8 months ago

Updated by Juliana Fajardini Reichow 8 months ago

Updated by Philippe Antoine 6 months ago

Updated by Juliana Fajardini Reichow 6 months ago

Updated by Jason Ish 6 months ago

Updated by Juliana Fajardini Reichow 6 months ago

Updated by Juliana Fajardini Reichow 5 months ago

Updated by Juliana Fajardini Reichow 5 months ago

Updated by Philippe Antoine 15 days ago

Updated by Victor Julien 15 days ago