Task #6084
closed
output/alert: enable logging `PASS` alerts
Added by Juliana Fajardini Reichow over 1 year ago.
Updated 4 months ago.
Description
This should be part of the `alert` event, but allowing to log `pass` rules that triggered.
Will likely involve work related to the alerts queue.
- Related to Bug #5464: eve: if alert and drop rules match for a packet, "alert.action" is ambigious added
- Priority changed from Low to Normal
- Target version changed from 7.0.0 to 8.0.0-beta1
- Status changed from Assigned to Closed
- Assignee deleted (
Juliana Fajardini Reichow)
- Target version deleted (
8.0.0-beta1)
I think is implemented as alert then pass in #5466, so closing this.
Also available in: Atom
PDF