Optimization #7189
openhttp/conf: warn or error on invalid value in custom headers logging
Description
Like custom: [X-Powered-By]
in suricata.yaml and running python3 ../suricata-verify/run.py base64-decode-5885
does not show X-Powered-By, but there is no warning in OutputHttpLogInitSub
if the header is not defined
Updated by Juliana Fajardini Reichow about 2 months ago
- Assignee changed from OISF Dev to Community Ticket
Updated by Juliana Fajardini Reichow about 2 months ago
Hello, to confirm, this issue is related to a configuration option being passed in our suricata.yaml file to the http.custom section, but is not one of the allowed custom fields listed here, right? https://docs.suricata.io/en/latest/output/eve/eve-json-output.html#http
Updated by Philippe Antoine about 2 months ago
Juliana Fajardini Reichow wrote in #note-3:
Hello, to confirm, this issue is related to a configuration option being passed in our suricata.yaml file to the http.custom section, but is not one of the allowed custom fields listed here, right? https://docs.suricata.io/en/latest/output/eve/eve-json-output.html#http
Correct