Feature #7894: output: log http2.window when needed - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #7894

open

output: log http2.window when needed

Added by Philippe Antoine 25 days ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

9.0.0-beta1

Effort:

Difficulty:

Label:

Description

Some keywords like http2.window do not have a log field to match.
A rule using http2.window: >100; will not have in the alert the precise value seen on the wire.

There is also tcp.wscale and other keywords see https://github.com/OISF/suricata/pull/13816

Related issues 1 (1 open — 0 closed)

History
Property changes

Actions

Copy link

Updated by Philippe Antoine 12 days ago

Related to Task #6644: tracking: detect: integer as first-class support added

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #7894

output: log http2.window when needed

Updated by Philippe Antoine 12 days ago