Bug #6458: eve/http: discrepancy in http events and http objects logged in alerts - Suricata - Open Information Security Foundation

Actions

Copy link

Bug #6458

open

eve/http: discrepancy in http events and http objects logged in alerts

Added by Jason Ish 12 months ago. Updated 12 months ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

TBD

Affected Versions:

Effort:

Difficulty:

Label:

Description

For example, the HTTP object in an HTTP record might be different than the HTTP object in an alert object.

The same has been seen in DNS and is likely to be seen in other protocols.

Related issues 3 (2 open — 1 closed)

Actions

Copy link

Updated by Jason Ish 12 months ago

Related to Feature #6456: output: binary logging added

Actions

Copy link

Updated by Jason Ish 12 months ago

Description updated (diff)

Actions

Copy link

Updated by Victor Julien 12 months ago

Related to Task #2167: tracking: eve enhancements added

Actions

Copy link

Updated by Philippe Antoine 10 months ago

Related to Bug #6281: dns: structure of query differs between "alert" and "dns" event types added

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Bug #6458

eve/http: discrepancy in http events and http objects logged in alerts

Updated by Jason Ish 12 months ago

Updated by Jason Ish 12 months ago

Updated by Victor Julien 12 months ago

Updated by Philippe Antoine 10 months ago

Related to Suricata - Feature #6456: output: binary logging	New	OISF Dev	Actions
Related to Suricata - Task #2167: tracking: eve enhancements	New	OISF Dev	Actions
Related to Suricata - Bug #6281: dns: structure of query differs between "alert" and "dns" event types	Closed	Jason Ish	Actions