Feature #4974: Log references to Eve - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #4974

open

Log references to Eve

Added by Jason Ish over 2 years ago. Updated 2 months ago.

Status:

In Review

Priority:

Normal

Assignee:

Jeff Lucovsky

Target version:

8.0.0-beta1

Effort:

Difficulty:

Label:

Description

Its been discussed a few time of references should be logged to eve. This would give alerts more context without access to the rule. However, logging the rule is also an option.

The reference logged should probably be the fully expanded reference.

History
Notes
Property changes

Actions

Copy link

Updated by Philippe Antoine over 2 years ago

See https://github.com/OISF/suricata/pull/6677 : Remove unused (for now) references from signature

Actions

Copy link

Updated by Jeff Lucovsky 3 months ago

Status changed from New to In Review
Assignee changed from OISF Dev to Jeff Lucovsky

https://github.com/OISF/suricata/pull/10988

Actions

Copy link

Updated by Juliana Fajardini Reichow 2 months ago

Target version changed from TBD to 8.0.0-beta1

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #4974

Log references to Eve

Updated by Philippe Antoine over 2 years ago

Updated by Jeff Lucovsky 3 months ago

Updated by Juliana Fajardini Reichow 2 months ago