suricata

Author	SHA1	Message	Date
Victor Julien	00cc3c7374	eve/ssh: change hassh logging format Elastic search didn't accept the 'hassh' and 'hassh.string'. It would see the first 'hassh' as a string and split the second key into a object 'hassh' with a string member 'string'. So two different types for 'hassh', so it rejected it. This patch mimics the ja3(s) logging by creating a 'hassh' object with 2 members: 'hash', which holds the md5 representation, and 'string' which holds the string representation.	5 years ago
Vadym Malakhatko	126597144c	eve: add Hassh fields to SSH JSON logger and add ssh log condition	5 years ago
Philippe Antoine	baf5f52f22	ssh/eve: convert to jsonbuilder	5 years ago
Philippe Antoine	69b4fffdae	parse: move SSH parser from C to Rust	5 years ago