Actions
Bug #6973
closed
JF
PA
detect: log relevant frames app-layer metdata
Bug #6973:
detect: log relevant frames app-layer metdata
Affected Versions:
Effort:
Difficulty:
Label:
Description
Proposed patch already exists (cf https://github.com/OISF/suricata/pull/10924), but was suggested that it had its own ticket
JF Updated by Juliana Fajardini Reichow almost 2 years ago
- Related to Bug #6846: eve/alerts: wrongly using tx id 0 when there is no tx added
OT Updated by OISF Ticketbot almost 2 years ago
- Subtask #6974 added
OT Updated by OISF Ticketbot almost 2 years ago
- Label deleted (
Needs backport to 6.0)
OT Updated by OISF Ticketbot almost 2 years ago
- Subtask #6975 added
OT Updated by OISF Ticketbot almost 2 years ago
- Label deleted (
Needs backport to 7.0)
PA Updated by Philippe Antoine almost 2 years ago
Current master situation :
app-layer data does not get logged for frames, since commit 2b4e10224eaebb613352e9b82556b60035d032a1
Before that, and in main7, app-layer data gets logged, but we log tx id 0 if no specific tx was specified.
Also, the lack of tests suggest that there are many protocols which do not set the tx id for their frames...
Which may be due to the unfriendliness of the rust API to create anew frame with a known tx id...
PA Updated by Philippe Antoine almost 2 years ago
- Status changed from New to In Progress
PA Updated by Philippe Antoine almost 2 years ago
- Status changed from In Progress to In Review
PA Updated by Philippe Antoine almost 2 years ago
- Related to Security #6900: http2: timeout logging headers added
PA Updated by Philippe Antoine almost 2 years ago
- Status changed from In Review to Resolved
PA Updated by Philippe Antoine almost 2 years ago
- Status changed from Resolved to Closed
VJ Updated by Victor Julien almost 2 years ago
- Private changed from Yes to No
Actions