Project

General

Profile

Actions
Copy link

Feature #7508

closed
VJ JL

rules: ftp.reply keyword

Feature #7508: rules: ftp.reply keyword

Added by Victor Julien about 1 year ago. Updated 12 months ago.

Status:
Closed
Priority:
High
Assignee:
Jeff Lucovsky
Target version:
8.0.0-beta1
Effort:
Difficulty:
Label:

Description

Match on the tracked replies (eve's ftp.reply). Since there can be more than 1, it's probably a multi-buffer.

Related issues 2 (1 open1 closed)

Blocks Suricata - Task #6476: ftp: parity of logging and detection buffersIn ProgressJeff LucovskyActions
Copied from Suricata - Feature #7507: rules: ftp.completion_code keywordClosedJeff LucovskyActions

VJ Updated by Victor Julien about 1 year ago Actions
Copy link
 #1

  • Copied from Feature #7507: rules: ftp.completion_code keyword added

VJ Updated by Victor Julien about 1 year ago Actions
Copy link
 #2

  • Blocks Task #6476: ftp: parity of logging and detection buffers added

VJ Updated by Victor Julien about 1 year ago Actions
Copy link
 #3

  • Priority changed from Normal to High

JL Updated by Jeff Lucovsky about 1 year ago Actions
Copy link
 #4

  • Status changed from New to In Review

SB Updated by Shivani Bhardwaj 12 months ago Actions
Copy link
 #5

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: PDF Atom