Project

General

Profile

Actions
Copy link

Feature #6164

closed

Task #5645: tracking: elephant flow detection

rules: allow matching on flow pkts and bytes

Added by Philippe Antoine over 1 year ago. Updated 2 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
8.0.0-beta1
Effort:
Difficulty:
Label:

Related issues 3 (2 open1 closed)

Related to Suricata - Task #4772: tracking: parity between fields logged and fields available for detectionAssignedVictor JulienActions
Related to Suricata - Feature #294: Limit inspection of a stream and/or rule...ClosedCommunity TicketActions
Related to Suricata - Feature #5646: rules: allow matching on flow pkts and bytes in either directionIn ReviewShivani BhardwajActions
Actions
Copy link
 #1

Updated by Philippe Antoine over 1 year ago

  • Related to Task #4772: tracking: parity between fields logged and fields available for detection added
Actions
Copy link
 #2

Updated by Philippe Antoine over 1 year ago

  • Status changed from New to In Review
Actions
Copy link
 #3

Updated by Philippe Antoine over 1 year ago

  • Subject changed from detect: new keyword flow.pkts_toclient to detect: new keyword flow.pkts_toclient to server and bytes as well
Actions
Copy link
 #4

Updated by Philippe Antoine over 1 year ago

  • Related to Feature #294: Limit inspection of a stream and/or rule... added
Actions
Copy link
 #5

Updated by Philippe Antoine 12 months ago

  • Related to Feature #5646: rules: allow matching on flow pkts and bytes in either direction added
Actions
Copy link
 #6

Updated by Philippe Antoine 12 months ago

  • Status changed from In Review to Closed
Actions
Copy link
 #7

Updated by Shivani Bhardwaj 2 months ago

  • Parent task set to #5645
Actions
Copy link
 #8

Updated by Shivani Bhardwaj 2 months ago

  • Subject changed from detect: new keyword flow.pkts_toclient to server and bytes as well to rules: allow matching on flow pkts and bytes
Actions
Copy link
 #9

Updated by Philippe Antoine 2 months ago

This is not a subtask of elephant flow detection in #5645
This exists also on its own ;-)

Actions
Copy link
 #10

Updated by Shivani Bhardwaj 2 months ago

Philippe Antoine wrote in #note-9:

This is not a subtask of elephant flow detection in #5645
This exists also on its own ;-)

ah ok. I changed it because its duplicate (#5646) was marked a subtask of #5645. Please change as seems fit to you.

Actions
Copy link
 #11

Updated by Philippe Antoine 2 months ago

Ok for me, no big deal

Actions
Copy link

Also available in: Atom PDF