Actions
Documentation #6495
open
JF
OD
userguide: add section on SMTP event type
Documentation #6495:
userguide: add section on SMTP event type
Affected Versions:
Effort:
Difficulty:
Label:
Description
Our guide has a section for SMTP for configuration (cf https://docs.suricata.io/en/latest/configuration/suricata-yaml.html#smtp),
but nothing to add more details on EVE output or format.
----
This is what we have in our yaml:
- smtp:
#extended: yes # enable this for extended logging information
# this includes: bcc, message-id, subject, x_mailer, user-agent
# custom fields logging from the list:
# reply-to, bcc, message-id, subject, x-mailer, user-agent, received,
# x-originating-ip, in-reply-to, references, importance, priority,
# sensitivity, organization, content-md5, date
#custom: [received, x-mailer, x-originating-ip, relays, reply-to, bcc]
# output md5 of fields: body, subject
# for the body you need to set app-layer.protocols.smtp.mime.body-md5
# to yes
#md5: [body, subject]VJ Updated by Victor Julien about 1 year ago
- Target version changed from 8.0.0-beta1 to 8.0.0-rc1
VJ Updated by Victor Julien 10 months ago
- Target version changed from 8.0.0-rc1 to 8.0.0
JF Updated by Juliana Fajardini Reichow 10 months ago
- Description updated (diff)
JF Updated by Juliana Fajardini Reichow 10 months ago
- Description updated (diff)
PA Updated by Philippe Antoine 9 months ago
- Target version changed from 8.0.0 to 8.0.1
VJ Updated by Victor Julien 6 months ago
- Target version changed from 8.0.2 to 9.0.0-beta1
- Label Needs backport to 8.0 added
OT Updated by OISF Ticketbot 6 months ago
- Subtask #7946 added
OT Updated by OISF Ticketbot 6 months ago
- Label deleted (
Needs backport to 8.0)
Actions