Project

General

Profile

Actions

Task #4772

open

tracking: parity between fields logged and fields available for detection

Added by Victor Julien about 3 years ago. Updated 4 months ago.

Status:
Assigned
Priority:
Normal
Assignee:
Target version:
Effort:
Difficulty:
Label:

Subtasks 7 (5 open2 closed)

Feature #4153: app-layer: rust derive style macros to generate common codeAssignedJason IshActions
Optimization #4154: Rust Parsers: Abstract AppLayer events to a derive macroClosedJason IshActions
Feature #5642: DNS: parity between log fields and detectionAssignedJason IshActions
Feature #6621: dns: add keyword for dns rcode: dns.rcodeResolvedHadiqa Alamdar BukhariActions
Feature #6666: dns: add keyword for dns rrtype: dns.rrtypeClosedHadiqa Alamdar BukhariActions
Task #6476: ftp: parity of logging and detection buffersNewOISF DevActions
Story #6597: rules: improve rules keyword/output parityNewVictor JulienActions

Related issues 9 (7 open2 closed)

Related to Suricata - Task #4762: Suricon 2021 brainstormAssignedVictor JulienActions
Related to Suricata - Feature #4174: tracking: app-layer frame inspection supportIn ProgressVictor JulienActions
Related to Suricata - Feature #6164: rules: allow matching on flow pkts and bytesClosedPhilippe AntoineActions
Related to Suricata - Feature #5234: SSL/TLS Sticky Buffer for subjectAltNameClosedShivani BhardwajActions
Related to Suricata - Task #6443: Suricon 2023 brainstormAssignedVictor JulienActions
Related to Suricata - Task #6473: detect: smtp keyword coverageAssignedVictor JulienActions
Related to Suricata - Feature #4876: Additional FTP BuffersNewOISF DevActions
Related to Suricata - Task #6463: eve/output: investigate how to track coverage / parityNewOISF DevActions
Related to Suricata - Feature #7100: smb: additional keywordsNewOISF DevActions
Actions

Also available in: Atom PDF