Project

General

Profile

Actions
Copy link

Feature #7533

closed
AD AD

detect/ldap: add ldap.request.attribute_type and ldap.request.attribute keywords, and same for responses

Feature #7533: detect/ldap: add ldap.request.attribute_type and ldap.request.attribute keywords, and same for responses

Added by Alice da Silva Akaki about 1 year ago. Updated about 1 year ago.

Status:
Closed
Priority:
High
Assignee:
Alice da Silva Akaki
Target version:
8.0.0-beta1
Effort:
Difficulty:
Label:

Description

Add keywords to match on AttributeType and AttributeValue

Eve fields to match:
ldap.request.search_request.attributes[]
ldap.request.modify_request.changes[].modification.attribute_type
ldap.request.add_request.attributes[].name
ldap.request.compare_request.attribute_value_assertion.description
ldap.responses[].search_result_entry.attributes[].type

ldap.request.modify_request.changes[].modification.attribute_values[]
ldap.request.add_request.attributes[].values[]
ldap.responses[].search_result_entry.attributes[].values[]
ldap.request.compare_request.attribute_value_assertion.value

Related issues 1 (1 open0 closed)

Blocks Suricata - Task #7452: ldap: add keywords to match outputIn ProgressOISF DevActions

PA Updated by Philippe Antoine about 1 year ago Actions
Copy link
 #1

  • Subject changed from detect: add ldap.request.attribute and ldap.responses.attribute keywords to detect: add ldap.request.attribute_type and ldap.request.attribute keywords, and same for responses

PA Updated by Philippe Antoine about 1 year ago Actions
Copy link
 #2

  • Blocks Task #7452: ldap: add keywords to match output added

AD Updated by Alice da Silva Akaki about 1 year ago Actions
Copy link
 #3

  • Description updated (diff)

AD Updated by Alice da Silva Akaki about 1 year ago Actions
Copy link
 #4

  • Assignee changed from OISF Dev to Alice da Silva Akaki

AD Updated by Alice da Silva Akaki about 1 year ago Actions
Copy link
 #5

  • Subject changed from detect: add ldap.request.attribute_type and ldap.request.attribute keywords, and same for responses to detect/ldap: add ldap.request.attribute_type and ldap.request.attribute keywords, and same for responses

AD Updated by Alice da Silva Akaki about 1 year ago Actions
Copy link
 #6

  • Status changed from New to In Review

PA Updated by Philippe Antoine about 1 year ago Actions
Copy link
 #7

  • Target version changed from 8.0.0 to 8.0.0-beta1

SB Updated by Shivani Bhardwaj about 1 year ago Actions
Copy link
 #8

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: PDF Atom