Actions
Bug #7347
openeve/alert: log file_data
Affected Versions:
Effort:
Difficulty:
Label:
Description
As transformation occurs on stream data when it becomes file data, it may not be trivial for the analyst to understand why an alert did fire on some file content. To address this problem, we can log the file data in the events to allow an easy analysis.
As file data is mostly binary, logging to base64 should be enough.
Updated by Victor Julien about 2 months ago
- Subject changed from Log file_data in alert events to eve/alert: log file_data
Updated by Philippe Antoine about 1 month ago
- Status changed from In Progress to In Review
Updated by Philippe Antoine about 1 month ago
Looks like a feature rather than a bug to me...
Actions