Project

General

Profile

Actions
Copy link

Feature #7894

open

output: log http2.window when needed

Added by Philippe Antoine 25 days ago.

Status:
New
Priority:
Normal
Assignee:
OISF Dev
Target version:
9.0.0-beta1
Effort:
Difficulty:
Label:

Description

Some keywords like http2.window do not have a log field to match.
A rule using http2.window: >100; will not have in the alert the precise value seen on the wire.

There is also tcp.wscale and other keywords see https://github.com/OISF/suricata/pull/13816

Related issues 1 (1 open0 closed)

Related to Suricata - Task #6644: tracking: detect: integer as first-class supportIn ProgressPhilippe AntoineActions
Actions
Copy link

Also available in: Atom PDF