Project

General

Profile

Actions
Copy link

Documentation #6096

open

eve/app-layer: generate example eve-log for each protocol

Added by Jason Ish 11 months ago. Updated 11 months ago.

Status:
New
Priority:
Normal
Assignee:
OISF Dev
Target version:
TBD
Affected Versions:
Effort:
Difficulty:
Label:

Description

Instead of hard-coding in output examples for each protocol, we should generate from Suricata-Verify.

A possible way to do this is:

- Tag SV tests in such a way as examples, also provide their protocol name. This could allow existing tests be used.
- Periodically a script is run that runs SV and gathers sample output from tests and copies distinct records into files in the userguide.
- The userguide can then include these files.

Ideally SV tests that are tagged as examples are as complete as possible, containing all documented fields, however this might not always be possible.
Also allow for more than one example per protocol, as often multiple examples are needed to see request and response, or different message types.

Subtasks 2 (2 open0 closed)

Documentation #6097: eve/dhcp: generate example dhcp outputNewJason IshActions
Documentation #6098: eve/dns: generate example dns outputNewJason IshActions
Actions
Copy link
 #1

Updated by Jason Ish 11 months ago

  • Subtask #6097 added
Actions
Copy link
 #2

Updated by Jason Ish 11 months ago

  • Subtask #6098 added
Actions
Copy link
 #3

Updated by Jason Ish 11 months ago

  • Subject changed from app-layer: generate example eve-log for each protocol to eve/app-layer: generate example eve-log for each protocol
Actions
Copy link

Also available in: Atom PDF