Feature #8425: ntp: add ntp transaction logging - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #8425

open

ntp: add ntp transaction logging

Added by Jason Ish 3 days ago. Updated 1 day ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

9.0.0-beta1

Effort:

Difficulty:

Label:

Description

NTP is missing a transaction logger. Due to the chattiness of NTP it should probably be disabled by default. The main use case would be for adding NTP metadata to an alert.

Related issues 3 (3 open — 0 closed)

History
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #8425

ntp: add ntp transaction logging

Updated by Victor Julien 1 day ago

Updated by Victor Julien 1 day ago

Updated by Victor Julien 1 day ago

Related to Suricata - Feature #8429: rules: add ntp.mode keyword	New	Actions
Related to Suricata - Feature #8430: rules: add ntp.version keyword	New	Actions
Related to Suricata - Feature #8431: rules: add ntp.stratum keyword	New	Actions