Project

General

Profile

Actions
Copy link

Feature #8425

open
JI JI

ntp: add ntp transaction logging

Feature #8425: ntp: add ntp transaction logging

Added by Jason Ish 29 days ago. Updated 7 days ago.

Status:
In Review
Priority:
Normal
Assignee:
Jason Ish
Target version:
9.0.0-beta1
Effort:
Difficulty:
Label:

Description

NTP is missing a transaction logger. Due to the chattiness of NTP it should probably be disabled by default. The main use case would be for adding NTP metadata to an alert.

Related issues 5 (5 open0 closed)

Related to Suricata - Feature #8429: rules: add ntp.mode keywordIn ReviewJason IshActions
Related to Suricata - Feature #8430: rules: add ntp.version keywordIn ReviewJason IshActions
Related to Suricata - Feature #8431: rules: add ntp.stratum keywordIn ReviewJason IshActions
Related to Suricata - Feature #8394: firewall: support NTP hook states for firewall rule evaluationIn ReviewJason IshActions
Related to Suricata - Feature #8488: ntp: use a buffer for reference id, not a u32In ReviewJason IshActions
Actions
Copy link

Also available in: PDF Atom