Actions
Task #6463
closed
JF
JI
eve/output: investigate how to track coverage / parity
Task #6463:
eve/output: investigate how to track coverage / parity
Effort:
Difficulty:
Label:
Outreachy
Description
We want to find a reliable and efficient way to track the outputs that we have on eve, to ensure they're
consistent and that we have everything represented in our JSON schema.
JF Updated by Juliana Fajardini Reichow over 2 years ago
- Related to Task #6443: Suricon 2023 brainstorm added
JF Updated by Juliana Fajardini Reichow over 2 years ago
- Subject changed from outputs: investigate how to track coverage / parity to eve/output: investigate how to track coverage / parity
This also relates to ensuring that for each protocol, there are no logging discrepancies when we log a field in an alert and in an event, for instance.
VJ Updated by Victor Julien over 2 years ago
- Related to Documentation #6478: schema: add missing fields added
JF Updated by Juliana Fajardini Reichow over 2 years ago
- Related to Task #4772: tracking: parity between fields logged and fields available for detection added
JF Updated by Juliana Fajardini Reichow over 1 year ago
- Blocks Story #6597: rules: improve rules keyword/output parity added
VJ Updated by Victor Julien about 1 year ago
- Status changed from New to In Progress
- Assignee changed from OISF Dev to Jason Ish
VJ Updated by Victor Julien 7 months ago
- Blocks deleted (Story #6597: rules: improve rules keyword/output parity)
VJ Updated by Victor Julien 7 months ago
- Related to Story #7901: 9.0.0: rules: improve rules keyword/output parity added
VJ Updated by Victor Julien 7 months ago
- Status changed from In Progress to Closed
- Target version deleted (
TBD)
Actions