Project

General

Profile

Actions
Copy link

Bug #6458

open
JI OD

eve/http: discrepancy in http events and http objects logged in alerts

Bug #6458: eve/http: discrepancy in http events and http objects logged in alerts

Added by Jason Ish over 2 years ago. Updated 8 months ago.

Status:
New
Priority:
Normal
Assignee:
OISF Dev
Target version:
TBD
Affected Versions:
8.0.0
Effort:
Difficulty:
Label:

Description

For example, the HTTP object in an HTTP record might be different than the HTTP object in an alert object.

The same has been seen in DNS and is likely to be seen in other protocols.

Related issues 3 (2 open1 closed)

Related to Suricata - Feature #6456: output: binary loggingAssignedOISF DevActions
Related to Suricata - Task #2167: tracking: eve enhancementsNewOISF DevActions
Related to Suricata - Bug #6281: dns: structure of query differs between "alert" and "dns" event typesClosedJason IshActions

JI Updated by Jason Ish over 2 years ago Actions
Copy link
 #1

JI Updated by Jason Ish over 2 years ago Actions
Copy link
 #2

  • Description updated (diff)

VJ Updated by Victor Julien over 2 years ago Actions
Copy link
 #3

  • Related to Task #2167: tracking: eve enhancements added

PA Updated by Philippe Antoine over 2 years ago Actions
Copy link
 #4

  • Related to Bug #6281: dns: structure of query differs between "alert" and "dns" event types added

PA Updated by Philippe Antoine 8 months ago Actions
Copy link
 #5

  • Affected Versions 8.0.0 added
Actions
Copy link

Also available in: PDF Atom