Task #8123
openTask #4763: tracking: Suricon brainstorms
Suricon 2025 Brainstorm
Added by Juliana Fajardini Reichow 25 days ago. Updated 23 days ago.
Updated by Juliana Fajardini Reichow 25 days ago
- Related to Feature #6831: rules: support extraction of bytes of non-numeric values added
Updated by Juliana Fajardini Reichow 25 days ago
- Related to Feature #2487: rules: buffers for field/value pairs in http.uri and http.client_body added
Updated by Jason Ish 25 days ago
- Related to Feature #2301: netflow: dump records at interval added
Updated by Juliana Fajardini Reichow 25 days ago
- Related to Feature #473: pcap log: alert log with packet indexes added
Updated by Juliana Fajardini Reichow 25 days ago
- Related to Feature #7401: yaml: add schema added
Updated by Jason Ish 25 days ago
- Related to Feature #3316: unix-socket: support dumping flow table added
Updated by Juliana Fajardini Reichow 25 days ago
- Tracker changed from Bug to Task
Updated by Juliana Fajardini Reichow 25 days ago
- Related to Feature #8124: datasets: support subnets added
Updated by Juliana Fajardini Reichow 25 days ago
- Related to Optimization #8125: profiling: help investigating memory consumption added
Updated by Philippe Antoine 25 days ago
- Related to Feature #8130: http: http.uri should normalize the + into space as per RFC 1886 added
Updated by Philippe Antoine 25 days ago
- Related to Feature #8128: rules/transform: add json_decode transform added
Updated by Juliana Fajardini Reichow 25 days ago
- Related to Feature #4840: stats: distinguish between observational stats and performance stats added
Updated by Juliana Fajardini Reichow 25 days ago
- Status changed from New to Assigned
Updated by Philippe Antoine 24 days ago
- Related to Task #8131: modbus: add detection keywords to match logging values added
Updated by Juliana Fajardini Reichow 23 days ago
- Related to Feature #8117: rules: flow.elephant keyword added
Updated by Philippe Antoine 23 days ago
- Related to Task #3299: tracking: Add support for industrial protocol added
Updated by Jason Ish 23 days ago
- Related to Feature #6461: ics protocol: bacnet added
Updated by Jason Ish 23 days ago
- Related to Feature #4249: ics protocol: SS7 Protocol Support added
Updated by Philippe Antoine 23 days ago
- Related to Task #4251: protocol: SCTP support added
Updated by Philippe Antoine 23 days ago
add more features to the supported protocols for Enhanced application protocol logs, Would be helpful - example - RDP, DHCP,MQTT, SMTP, Websockets, SMBCmd, FTP
Updated by Jason Ish 23 days ago
- Related to Task #4122: tracking: handle various TLS decrypt headers in proxies and decryption tools added
Updated by Philippe Antoine 23 days ago
- Related to Feature #6462: ics protocol: IEC104 Protocol Support added
Updated by Philippe Antoine 23 days ago
Would it be possible to have exception policies config options (and more configuration options) updated in real time, without requiring suricata restarts?
like unix-socket
Updated by Philippe Antoine 23 days ago
dataset expiration somehow, maybe it could have a TTL-like thing
Updated by Philippe Antoine 23 days ago
- Related to Task #5678: tracking: improve handling of non-IP protocols added
Updated by Philippe Antoine 23 days ago
More metrics for half-open connections would be useful
Updated by Jason Ish 23 days ago
- Related to Task #3301: Research: Failover support within the current IPS implementation added
Updated by Philippe Antoine 23 days ago
A preliminary list of configs that would be nice to be able to configure with unix socket.
exception policies.
Address groups (HOME_NET etc)
flow-timeouts settings
logging type configurations
elephant flow configurations
Updated by Philippe Antoine 23 days ago
Recognize RTP (to bypass it) a bit like FTP expectation : SIP to initialize communication and then go to random selected ports (from SIP) for RTP
Updated by Juliana Fajardini Reichow 23 days ago
- Related to Feature #5705: protocol: Wireguard parser added
Updated by Philippe Antoine 23 days ago
xposing smb.status, smb.command fields in the smb preprocessor would help write some better detections for things