Project

General

Profile

Actions

Bug #5189

closed

Suricata alerts pcap issue

Added by Chatak Kumar over 2 years ago. Updated over 1 year ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
-
Affected Versions:
Effort:
Difficulty:
low
Label:
Beginner

Description

Hi , I wanted to test suricata alert pcap , So I found 2 requests in github and tested them
Both of them generates pcap .
But issue is that when we open pcap , header of packets is truncated . It is some random unrecognizable text
Info filed should contain something like GET /url , etc but it contain only src_port -> dest_port ACK ,etc

https://github.com/OISF/suricata/pull/5345/
https://github.com/OISF/suricata/pull/6766/

These requests are closed

Any other versions which I can try.


Related issues 1 (0 open1 closed)

Related to Suricata - Feature #120: Capture full session on alertClosedScott JordanActions
Actions

Also available in: Atom PDF