Jason Ish
- Login: jish
- Email: jason.ish@oisf.net, jason.ish@gmail.com
- Registered on: 11/09/2009
- Last sign in: 06/13/2025
Issues
open | closed | Total | |
---|---|---|---|
Assigned issues | 81 | 595 | 676 |
Reported issues | 117 | 360 | 477 |
Projects
Project | Roles | Registered on |
---|---|---|
Suricata | Developer, OISF Team, OISF Manager | 11/09/2009 |
Suricata-Update | Developer, OISF Team, OISF Manager | 10/31/2017 |
Activity
06/25/2025
- 02:48 PM Suricata Feature #7786: Enhance --pcap-file-delete to Conditionally Delete PCAPs Based on Alerts
- Ofer Dagan wrote in #note-3:
> What do you mean with integrating with our @pcap-log@? It should have no affect on th...
06/24/2025
- 04:10 PM Suricata Task #7788 (New): krb5: add failed_request keyword
- To provide parity for the @krb5.failed_request@ log field.
See TODO comments in the eve schema.
- 04:08 PM Suricata Task #7787 (New): krb5: add encryption keyword
- To provide parity for the @krb5.encryption@ eve field.
This should also include an option for @weak_encryption@.
... - 03:51 PM Suricata Feature #7786: Enhance --pcap-file-delete to Conditionally Delete PCAPs Based on Alerts
- Is this intended to integrate with our @pcap-log@ output? Also, what are your thoughts on how you would track whether...
06/22/2025
- 05:41 PM Suricata Task #6941 (Closed): lua: review and document lua rule return types
- 05:41 PM Suricata Documentation #6069 (Closed): userguide/install: move RPM distros to their own page
- 05:40 PM Suricata Documentation #6252 (Closed): userguide/install: move Ubuntu distros to their own page
- 05:40 PM Suricata Documentation #7749 (Closed): doc: update user manual seciton on RPMs
06/20/2025
- 06:29 PM Suricata Task #7784 (New): detect: list app-layer-event keywords
- Some EVE fields map to app-layer-event keywords, but there is no way to list app-layer-event keywords, for example: @...
- 06:24 PM Suricata Documentation #6288 (Closed): eve/schema: generate tables of data for app-layer protocols
- Closing. I think this was creating tables for the documentation, and we now have an EVE reference in 8.0:
https://...
Also available in: Atom