Feature #7099: Addition of total bytes to the flow logs - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #7099

open

Addition of total bytes to the flow logs

Added by Peter Manev 3 months ago. Updated 3 months ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Effort:

Difficulty:

Label:

Description

We currently have to server,to client bytes in the flow logs.
It is very useful to have a total bytes filed that has the total for that flow in the flow log.
It makes it easier for aggregations and searches based on the event_type flow that Suricata has in a SIEM.

History
Notes

Actions

Copy link

Updated by Philippe Antoine 3 months ago

Is not that for post processing tools ? (and not be too verbose with duplicate info)

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #7099

Addition of total bytes to the flow logs

Updated by Philippe Antoine 3 months ago