Project

General

Profile

Actions
Copy link

Feature #5826

open

Feature #4174: tracking: app-layer frame inspection support

Feature #4988: frames: logging improvements

frames: logging of events set on frames

Added by Jason Ish about 1 year ago. Updated 5 months ago.

Status:
New
Priority:
Normal
Assignee:
OISF Dev
Target version:
8.0.0-beta1
Effort:
Difficulty:
Label:

Description

Suricata 7.0.0 added frame support with the ability to set events on frames, which is useful for app-layer events when no transaction has been created. However the events are not logged even though the API is seeing some use (for example: https://github.com/OISF/suricata/blob/suricata-7.0.0-beta1/rust/src/smb/smb.rs#L1420),

Actions
Copy link
 #1

Updated by Victor Julien about 1 year ago

  • Parent task set to #4988
Actions
Copy link
 #3

Updated by Juliana Fajardini Reichow 5 months ago

Also mentioned at https://github.com/OISF/suricata/pull/9404#discussion_r1311764591
- to remember we should take care of this for PGSQL, when adding frame support.

Actions
Copy link
 #4

Updated by Juliana Fajardini Reichow 5 months ago

  • Target version changed from TBD to 8.0.0-beta1

Setting a version so it won't fall off our radar.

Actions
Copy link

Also available in: Atom PDF