Project

General

Profile

Actions
Copy link

Task #6084

open

output/alert: enable logging `PASS` alerts

Added by Juliana Fajardini Reichow 12 months ago. Updated 10 months ago.

Status:
Assigned
Priority:
Normal
Assignee:
Juliana Fajardini Reichow
Target version:
8.0.0-beta1
Effort:
Difficulty:
Label:

Description

This should be part of the `alert` event, but allowing to log `pass` rules that triggered.

Will likely involve work related to the alerts queue.

Related issues 1 (0 open1 closed)

Related to Suricata - Bug #5464: eve: if alert and drop rules match for a packet, "alert.action" is ambigiousClosedJuliana Fajardini ReichowActions
Actions
Copy link

Also available in: Atom PDF