Project

General

Profile

Actions
Copy link

Feature #6457

open

eve: configurable list of fields in output

Added by Philippe Antoine 6 months ago. Updated 6 months ago.

Status:
New
Priority:
Normal
Assignee:
OISF Dev
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Suricata should be able to get a schema.json as input :
This schema.json has a reduced number of fields compared to what Suricata can output.
The fields that are absent should not be output by Suricata (for instance we could have everything but dnp3.application.objects)

Related issues 1 (1 open0 closed)

Related to Suricata - Task #6443: Suricon 2023 brainstormAssignedVictor JulienActions
Actions
Copy link
 #1

Updated by Philippe Antoine 6 months ago

  • Related to Task #6443: Suricon 2023 brainstorm added
Actions
Copy link
 #2

Updated by Victor Julien 6 months ago

  • Tracker changed from Optimization to Feature
  • Subject changed from Configurable list of fields in output to eve: configurable list of fields in output
Actions
Copy link

Also available in: Atom PDF