Feature #7894: output: log http2.window when needed - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #7894

open

output: log http2.window when needed

Added by Philippe Antoine 4 days ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

9.0.0-beta1

Effort:

Difficulty:

Label:

Description

Some keywords like http2.window do not have a log field to match.
A rule using http2.window: >100; will not have in the alert the precise value seen on the wire.

There is also tcp.wscale and other keywords see https://github.com/OISF/suricata/pull/13816

No data to display

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #7894

output: log http2.window when needed