Bug #6458: eve/http: discrepancy in http events and http objects logged in alerts - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #6458

open

eve/http: discrepancy in http events and http objects logged in alerts

Added by Jason Ish 6 months ago. Updated 6 months ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Affected Versions:

Effort:

Difficulty:

Label:

Description

For example, the HTTP object in an HTTP record might be different than the HTTP object in an alert object.

The same has been seen in DNS and is likely to be seen in other protocols.

Related issues 3 (3 open — 0 closed)

History
Property changes

Actions

Copy link

Updated by Jason Ish 6 months ago

Related to Feature #6456: output: binary logging added

Actions

Copy link

Updated by Jason Ish 6 months ago

Description updated (diff)

Actions

Copy link

Updated by Victor Julien 6 months ago

Related to Feature #2167: eve-ng added

Actions

Copy link

Updated by Philippe Antoine 4 months ago

Related to Bug #6281: dns: structure of query differs between "alert" and "dns" event types added

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #6458

eve/http: discrepancy in http events and http objects logged in alerts

Updated by Jason Ish 6 months ago

Updated by Jason Ish 6 months ago

Updated by Victor Julien 6 months ago

Updated by Philippe Antoine 4 months ago

Related to Suricata - Feature #6456: output: binary logging	New	OISF Dev	Actions
Related to Suricata - Feature #2167: eve-ng	Assigned	Jason Ish	Actions
Related to Suricata - Bug #6281: dns: structure of query differs between "alert" and "dns" event types	In Progress	Jason Ish	Actions