Project

General

Profile

Actions
Copy link

Feature #5413

closed
EL EL

DCERPC logging is not easy to use in analysis

Feature #5413: DCERPC logging is not easy to use in analysis

Added by Eric Leblond almost 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Eric Leblond
Target version:
7.0.0-beta1
Effort:
Difficulty:
Label:

Description

The dcerpc part of smb events have the dcerpc uudi in one event and the opnum in another event. This is not convenient as a full understanding of the dcerpc request needs to be build upon 2 events.

Related issues 2 (1 open1 closed)

Related to Suricata - Feature #4175: dcerpc: higher level loggingNewCommunity TicketActions
Related to Suricata - Bug #5814: smb: duplicate interface fields loggedClosedJason IshActions

VJ Updated by Victor Julien almost 4 years ago Actions
Copy link
 #1

VJ Updated by Victor Julien over 3 years ago Actions
Copy link
 #2

  • Status changed from In Progress to Closed
  • Target version changed from TBD to 7.0.0-beta1

JI Updated by Jason Ish about 3 years ago Actions
Copy link
 #3

  • Related to Bug #5814: smb: duplicate interface fields logged added
Actions
Copy link

Also available in: PDF Atom