Project

General

Profile

Actions

Feature #5826

open

Feature #4174: tracking: app-layer frame inspection support

Feature #4988: frames: logging improvements

frames: logging of events set on frames

Added by Jason Ish over 2 years ago. Updated 5 days ago.

Status:
Assigned
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Description

Suricata 7.0.0 added frame support with the ability to set events on frames, which is useful for app-layer events when no transaction has been created. However the events are not logged even though the API is seeing some use (for example: https://github.com/OISF/suricata/blob/suricata-7.0.0-beta1/rust/src/smb/smb.rs#L1420),

Actions

Also available in: Atom PDF