Optimization #7189
closedhttp/conf: warn or error on invalid value in custom headers logging
Description
Like custom: [X-Powered-By] in suricata.yaml and running python3 ../suricata-verify/run.py base64-decode-5885 does not show X-Powered-By, but there is no warning in OutputHttpLogInitSub if the header is not defined
Updated by Juliana Fajardini Reichow 10 months ago
- Assignee changed from OISF Dev to Community Ticket
Updated by Juliana Fajardini Reichow 10 months ago
Hello, to confirm, this issue is related to a configuration option being passed in our suricata.yaml file to the http.custom section, but is not one of the allowed custom fields listed here, right? https://docs.suricata.io/en/latest/output/eve/eve-json-output.html#http
Updated by Philippe Antoine 10 months ago
Juliana Fajardini Reichow wrote in #note-3:
Hello, to confirm, this issue is related to a configuration option being passed in our suricata.yaml file to the http.custom section, but is not one of the allowed custom fields listed here, right? https://docs.suricata.io/en/latest/output/eve/eve-json-output.html#http
Correct
Updated by Philippe Antoine 21 days ago
- Related to Bug #2091: nonexistent/misspelled custom fields accepted during parsing of suricata.yaml added
Updated by Philippe Antoine 21 days ago
- Status changed from New to Rejected
Duplicate of #2091 which also includes SMTP custom