Project

General

Profile

Actions

Bug #2206

closed

eve log integration or socket output for file extraction details

Added by Robert Haist over 7 years ago. Updated over 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
Affected Versions:
Effort:
Difficulty:
Label:

Description

To ease integration for file analysis attached to suricata it would be great to include the content of the .meta files from extracted files in either eve.json or allow an additional unix socket instead of a logfile for "file-log" in the config.

Actions #1

Updated by Victor Julien over 7 years ago

I'm not sure I understand. The fileinfo records provide this info in eve, right?

Actions #2

Updated by Robert Haist over 7 years ago

Victor Julien wrote:

I'm not sure I understand. The fileinfo records provide this info in eve, right?

We investigated this further. You are right. Please excuse the spam. Issue can be closed.

Actions #3

Updated by Peter Manev over 7 years ago

  • Status changed from New to Closed

Closing as updated/requested

Actions

Also available in: Atom PDF