Feature #5826: frames: logging of events set on frames - Suricata - Open Information Security Foundation

Actions

Feature #5826

open

Feature #4174: tracking: app-layer frame inspection support

Feature #4988: frames: logging improvements

frames: logging of events set on frames

Added by Jason Ish 8 months ago. Updated 8 months ago.

Status:

New

Priority:

Normal

Assignee:

Target version:

Effort:

Difficulty:

Label:

Description

Suricata 7.0.0 added frame support with the ability to set events on frames, which is useful for app-layer events when no transaction has been created. However the events are not logged even though the API is seeing some use (for example: https://github.com/OISF/suricata/blob/suricata-7.0.0-beta1/rust/src/smb/smb.rs#L1420),

Actions

#1

Updated by Victor Julien 8 months ago

Parent task set to #4988

Actions

#2

Updated by Philippe Antoine 8 months ago

See https://github.com/OISF/suricata-verify/pull/768

Actions

Also available in: Atom PDF