AH Andreas Herz
- Login: norg
- Email: oisf@herzandreas.de
- Registered on: 03/28/2014
- Last sign in: 04/01/2026
Issues
| open | closed | Total | |
|---|---|---|---|
| Assigned issues | 10 | 54 | 64 |
| Reported issues | 33 | 65 | 98 |
Projects
| Project | Roles | Registered on |
|---|---|---|
| Suricata | Developer, OISF Team, OISF Manager | 12/02/2015 |
| Suricata-Update | Developer, OISF Team, OISF Manager | 10/31/2017 |
Activity
07/01/2025
- AH 03:56 PM Suricata Bug #6173: http: loss of backward compatibility in HTTP logs from v6 to v7
- Philippe Antoine wrote in #note-12:
> Is there anything to do here @regit ? Now that 6 is EOL...
It is still an issue that it's a breaking change and that the new way still present in v8 doesn't work for all people using Elasticsearc...
06/10/2025
- AH 04:13 PM Suricata Optimization #7083 (In Review): detect/dataset: skip adding localstatedir if fullpath is provided
03/14/2025
- AH 04:08 PM Suricata Bug #7611: eve: segv in stats.totals output
- could you add the full yaml file so it's easier to reproduce?
Also add `suricata --build-info` - AH 04:05 PM Suricata Bug #7612 (Assigned): modbus: regression from Suricata 6 to 7
- There seems to be a regression in the modbus parser between Suricata 6 and 7 when replaying https://github.com/ITI/ICS-Security-Tools/blob/master/pcaps/bro/modbus/modbus.pcap as a source.
Output with Suricata 6.0.20 where we have 4 fl...
03/11/2025
- AH 02:27 PM Suricata Bug #7346 (Closed): eve/fileinfo: sha256 should not be logged on incomplete file
12/18/2024
- AH 11:10 AM Suricata Feature #6004: Add retry option to redis outputs using a socket instead of IP
- Looks like in src/util-log-redis.c we have to update SCLogRedisWriteAsync to not directly return -1 but run some tries, like the later function SCLogAsyncRedisSendEcho does in using SCRedisAsyncEchoCommandCallback
09/16/2024
- AH 07:31 PM Suricata Bug #6963: rule-reload: potential memory leak in multiple rule reloads
- I had some time to play around with the suggestion from Victor to see if it's related to threshold, classification and/or reference. I tried a ET ruleset where I removed all metadata (except sid/rev/msg) and all thresholds. The "leak" is...
06/12/2024
- AH 07:06 AM Suricata Bug #7091 (Feedback): Segfault on 7.0.5 with generated live traffic
- Victor Julien wrote in #note-1:
> Duplicate of #6782?
Yes very likely, with the fixes from master 7.0.x there was no segfault so far
06/11/2024
- AH 09:22 AM Suricata Bug #7091 (Closed): Segfault on 7.0.5 with generated live traffic
- With 7.0.5 I can reproduce a segfault on Cisco T-Rex generated live traffic that occurs after a few hours of runtime.
06/10/2024
- AH 02:09 PM Suricata Optimization #7083: detect/dataset: skip adding localstatedir if fullpath is provided
- https://github.com/OISF/suricata/pull/11280 (might need adjustments on the S-V test, discussion pending)