Project

General

Profile

Actions

Bug #236

closed

fast log xrefs should be removed.

Added by Will Metcalf over 14 years ago. Updated over 14 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Currently the suricata fast.log doesn't match the snort fast log. xrefs should be removed from fast log.

Example snort fast logs (ip addy's have been changed)
12/26-06:44:10.148430 [**] [1:2002750:23] ET POLICY Reserved IP Space Traffic - Bogon Nets 2 [**] [Classification: Potentially Bad Traffic] [Priority: 2] {PROTO:007} 10.1.1.1 -> 10.1.1.2
12/26-11:11:11.012275 [**] [1:2009022:3] ET VIRUS Zlob User Agent - Likely Zlob (securityinternet) [**] [Classification: A Network Trojan was detected] [Priority: 1] {TCP} 10.1.1.1:1033 -> 10.1.1.2:80
12/29-11:11:11.592820 [**] [1:2002750:23] ET POLICY Reserved IP Space Traffic - Bogon Nets 2 [**] [Classification: Potentially Bad Traffic] [Priority: 2] {MANET} 10.1.1.1 -> 10.1.1.2


Files

Actions

Also available in: Atom PDF