Project

General

Profile

Actions
Copy link

Feature #3975

closed

Suricata-Verify: Add JSON schema validation to EVE output.

Added by Jason Ish about 4 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Community Ticket
Target version:
QA
Effort:
Difficulty:
Label:

Description

Add a feature, or command that validates all eve.json through a JSON schema. This doesn't have to become part of each test, but is something that could be run after a full run of suricata-verify over all found eve.json files.

Something like this would have caught "fileinfo" being an array in alerts, while an object in "fileinfo" records by having a schema requiring that .fileinfo was an object.

Related issues 1 (0 open1 closed)

Related to Suricata - Feature #1369: eve: json schemaClosedJason IshActions
Actions
Copy link
 #1

Updated by Shivani Bhardwaj about 4 years ago

  • Assignee set to Community Ticket
  • Target version set to QA
Actions
Copy link
 #2

Updated by Jason Ish almost 4 years ago

Actions
Copy link
 #3

Updated by Philippe Antoine about 2 years ago

  • Status changed from New to Closed
Actions
Copy link

Also available in: Atom PDF