Feature #3975: Suricata-Verify: Add JSON schema validation to EVE output. - Suricata - Open Information Security Foundation

Actions

Copy link

Feature #3975

closed

Suricata-Verify: Add JSON schema validation to EVE output.

Added by Jason Ish about 4 years ago. Updated about 2 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Community Ticket

Target version:

Effort:

Difficulty:

Label:

Description

Add a feature, or command that validates all eve.json through a JSON schema. This doesn't have to become part of each test, but is something that could be run after a full run of suricata-verify over all found eve.json files.

Something like this would have caught "fileinfo" being an array in alerts, while an object in "fileinfo" records by having a schema requiring that .fileinfo was an object.

Related issues 1 (0 open — 1 closed)

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Feature #3975

Suricata-Verify: Add JSON schema validation to EVE output.

Updated by Shivani Bhardwaj about 4 years ago

Updated by Jason Ish almost 4 years ago

Updated by Philippe Antoine about 2 years ago