Actions
Bug #7347
openeve/alert: log file_data
Affected Versions:
Effort:
Difficulty:
Label:
Description
As transformation occurs on stream data when it becomes file data, it may not be trivial for the analyst to understand why an alert did fire on some file content. To address this problem, we can log the file data in the events to allow an easy analysis.
As file data is mostly binary, logging to base64 should be enough.
Updated by Victor Julien 4 days ago
- Subject changed from Log file_data in alert events to eve/alert: log file_data
Actions