Project

General

Profile

Actions
Copy link

Feature #6457

open
PA OD

eve: configurable list of fields in output

Feature #6457: eve: configurable list of fields in output

Added by Philippe Antoine over 2 years ago. Updated about 2 months ago.

Status:
Assigned
Priority:
Low
Assignee:
OISF Dev
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Suricata should be able to get a schema.json as input :
This schema.json has a reduced number of fields compared to what Suricata can output.
The fields that are absent should not be output by Suricata (for instance we could have everything but dnp3.application.objects)

Related issues 1 (1 open0 closed)

Related to Suricata - Task #6443: Suricon 2023 brainstormAssignedVictor JulienActions

PA Updated by Philippe Antoine over 2 years ago Actions
Copy link
 #1

  • Related to Task #6443: Suricon 2023 brainstorm added

VJ Updated by Victor Julien over 2 years ago Actions
Copy link
 #2

  • Tracker changed from Optimization to Feature
  • Subject changed from Configurable list of fields in output to eve: configurable list of fields in output

PA Updated by Philippe Antoine about 2 months ago Actions
Copy link
 #3

  • Priority changed from Normal to Low

Wondering if we want this feature indeed...

PA Updated by Philippe Antoine about 2 months ago Actions
Copy link
 #4

  • Status changed from New to Assigned
Actions
Copy link

Also available in: PDF Atom