Project

General

Profile

Actions
Copy link

Bug #7569

closed

logging: Mac addresses are not logged for pkt_src detect/log or flow timeout

Added by Philippe Antoine about 1 month ago. Updated about 1 month ago.

Status:
Rejected
Priority:
Normal
Assignee:
OISF Dev
Target version:
8.0.0-beta1
Affected Versions:
Effort:
Difficulty:
Label:

Description

Cf https://forum.suricata.io/t/some-mac-addresses-are-missing-in-the-http-logs/5389/2

Not sure if we will want to backport this

Check with jq 'select(.ether == null)' log/eve.json and having ethernet: yes in suricata.yaml

Actions
Copy link

Also available in: Atom PDF