Project

General

Profile

Actions
Copy link

Feature #7508

open

rules: ftp.reply keyword

Added by Victor Julien 1 day ago.

Status:
New
Priority:
Normal
Assignee:
Jeff Lucovsky
Target version:
8.0.0-beta1
Effort:
Difficulty:
Label:

Description

Match on the tracked replies (eve's ftp.reply). Since there can be more than 1, it's probably a multi-buffer.

Related issues 2 (2 open0 closed)

Blocks Suricata - Task #6476: ftp: parity of logging and detection buffersNewOISF DevActions
Copied from Suricata - Feature #7507: rules: ftp.completion_code keywordNewJeff LucovskyActions
Actions
Copy link
 #1

Updated by Victor Julien 1 day ago

  • Copied from Feature #7507: rules: ftp.completion_code keyword added
Actions
Copy link
 #2

Updated by Victor Julien 1 day ago

  • Blocks Task #6476: ftp: parity of logging and detection buffers added
Actions
Copy link

Also available in: Atom PDF