Open Information Security Foundation

03/13/2019

07:56 PM Suricata Feature #2695: websocket support

I have a Lua script I've developed to unmask websockets. I can add this to the git repo while a rust parser is being... Bryant Smith

03/05/2019

02:56 PM Suricata Feature #2082 (Closed): document byte_jump

Bryant Smith

02:55 PM Suricata Feature #2082: document byte_jump

https://github.com/OISF/suricata/pull/3703 Bryant Smith

02:55 PM Suricata Feature #2081 (Closed): document byte_test

https://github.com/OISF/suricata/pull/3703 Bryant Smith

02:55 PM Suricata Feature #2083 (Closed): document byte_extract

https://github.com/OISF/suricata/pull/3703 Bryant Smith

02/27/2019

04:26 PM Suricata Support #2660: structing fast.log and store to elasticsearch

If you are still looking for a solution here, splitting out the alert might be helpful. the eve.json will be much ea... Bryant Smith

01/23/2019

05:55 PM Suricata Support #2790: rule_perf.log repeating the same results

Well I'm an idiot. All I had to do was read the next few lines in the yaml file. Sorry about that and thanks for po... Bryant Smith

05:13 PM Suricata Support #2790 (Closed): rule_perf.log repeating the same results

I just recently notice that the rule_perf.log file has been repeating the exact same results for a rule alert. I h... Bryant Smith

08/07/2018

06:59 PM Suricata Bug #2570 (Closed): Signature affecting another's ability to detect and alert

While creating some signatures I stumbled across an odd issue where when the first signature below doesn't allow the ... Bryant Smith

07/18/2018

06:59 PM Suricata Support #2546 (Closed): Suricata 4.0.x blocking issues

I was told about an issue with trying to block exe file downloaded via http. Upon doing some testing I installed 4.0... Bryant Smith