Actions
Feature #2095
closedeve: http body in alert event
Effort:
Difficulty:
Label:
Description
If a signature triggers an alert, currently there is no readable information about the content.
Would be interesting to output the http body in base64 and printable formt in the alert event.
Updated by Jason Ish over 7 years ago
Please see https://redmine.openinfosecfoundation.org/issues/2069.
So right now I'm thinking a list of buffers (in addition to the payload, packet) that can be optionally logged with all the buffers that matched. Needs to be generic though, not specific to http.
I'm hoping to mock some events up sooner than later for a format that is friendly to data stores.
Updated by Victor Julien over 7 years ago
- Subject changed from Add http body in alert event to eve: http body in alert event
- Status changed from New to Assigned
- Target version set to 70
Updated by Victor Julien over 7 years ago
- Status changed from Assigned to Closed
- Target version changed from 70 to 4.0rc1
Actions