Project

General

Profile

Actions
Copy link

Feature #6457

open

eve: configurable list of fields in output

Added by Philippe Antoine over 2 years ago. Updated 12 days ago.

Status:
Assigned
Priority:
Low
Assignee:
OISF Dev
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Suricata should be able to get a schema.json as input :
This schema.json has a reduced number of fields compared to what Suricata can output.
The fields that are absent should not be output by Suricata (for instance we could have everything but dnp3.application.objects)

Related issues 1 (1 open0 closed)

Related to Suricata - Task #6443: Suricon 2023 brainstormAssignedVictor JulienActions
Actions
Copy link
 #1

Updated by Philippe Antoine over 2 years ago

  • Related to Task #6443: Suricon 2023 brainstorm added
Actions
Copy link
 #2

Updated by Victor Julien over 2 years ago

  • Tracker changed from Optimization to Feature
  • Subject changed from Configurable list of fields in output to eve: configurable list of fields in output
Actions
Copy link
 #3

Updated by Philippe Antoine 12 days ago

  • Priority changed from Normal to Low

Wondering if we want this feature indeed...

Actions
Copy link
 #4

Updated by Philippe Antoine 12 days ago

  • Status changed from New to Assigned
Actions
Copy link

Also available in: Atom PDF