suricata

Commit Graph

Author	SHA1	Message	Date
Philippe Antoine	fcdd7f000a	detect: add options to app-layer-protocol keyword Ticket: 4921 app-layer-protocol keyword accept an optional mode to precise which protocol we want to match: toclient, toserver, final, or original	2 years ago
Philippe Antoine	715bf048ee	frames: rust API makes tx_id explicit And set it right for SIP and websocket, so that relevant tx app-layer metadata gets logged. Ticket: 6973	2 years ago
Shivani Bhardwaj	6d92596548	doc: add note about fast_pattern w base64_data Bug 5220	2 years ago
jason taylor	abb74245cc	doc: update normalization notes Ticket: #6781 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	5dacf4d92b	doc: add http.connection ref and fix location Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
Victor Julien	fcca5c7514	detect/iprep: update doc about 0 value A value of 0 was already allowed by the rule parser, but didn't actually work. Bug: #6834.	2 years ago
jason taylor	aa919f8081	doc: update flowbits information Ticket: #6991 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
Giuseppe Longo	4f1e71bb4e	doc: add sdp update	2 years ago
Juliana Fajardini	bb59124063	yaml: unify 0 stats counter config option terms When we added feature #5976 (`72146b969`), we overlook that we also have a config stats option for the human-readable stats logs to output 0 counters. Due to not seeing this before, we now have two different setting names for basically the same thing, but in different logs: - zero-valued-counters for EVE - null-values for stats.log This ensures we use the same terminology, and change the recently added one to `null-values`, as this one has been around for longer. Task #6962	2 years ago
Philippe Antoine	44b6aa5e4b	app-layer: websockets protocol support Ticket: 2695	2 years ago
Sascha Steinbiss	120313f4da	ja4: implement for TLS and QUIC Ticket: OISF#6379	2 years ago
Jeff Lucovsky	7a5a1e2560	doc: Describe noalert keyword Issue: 6685	2 years ago
Juliana Fajardini	72146b969c	eve/stats: allow hiding counters whose valued is 0 Some stats can be quite verbose if logging all zero valued-counters. This allows users to disable logging such counters. Default is still true, as that's the expected behavior for the engine. Task #5976	2 years ago
Juliana Fajardini	514e8b8b04	userguide: document exception policy stats Configuration options and defaults, existing counters etc. Related to Task #5816	2 years ago
Juliana Fajardini	94b111283d	userguide: highlight exception policy effects Some exception policies can only be applied to entire flows or individual packets, for some exception scenarios. Make this easier to read, in the documentation. Related to Task #5816	2 years ago
jason taylor	7de16809ef	doc: update http keyword listing order Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	8b3db3c3b5	doc: update file.name keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	49dba7bb94	doc: update file.data keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	bee3aa9709	doc: update http.response_header keyword Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	dcb548106e	doc: update http.request_header keyword Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	3f5d228b9e	doc: update http.host http.host.raw keyword Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	739dfe5e5e	doc: update http.location keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	9ddd8cf9e0	doc: update http.server keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	3af98f3b92	doc: update http.response_body keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	64760e2e75	doc: update http.response_line keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	566bc0d39c	doc: update http.stat_msg keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	271321249f	doc: update http.stat_code keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	71d8488cb5	doc: update http.request_body keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	c2783e9391	doc: update http.header_names keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	5eadbc2ff0	doc: update http.start keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	7e65554462	doc: update http.referer keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	876dfb99ca	doc: update http.content_len keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	8ff06c1bc0	doc: update http.content_type keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	b2854486dd	doc: update http.connection keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	75436dff9c	doc: update http.accept_lang keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	f6375e487e	doc: update http.accept_enc keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	7e3288f5a7	doc: update http keyword normalization notes Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	9e87d89d2e	doc: update http.accept keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	8307168ae7	doc: update http.user_agent keyword Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	75c4cdfa1c	doc: update http.cookie keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	7a28874c8d	doc: update http.header keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	b3af723486	doc: remove legacy description/duplicated data Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	292b3eb9b3	doc: update http.request_line keyword information Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	c7f351bd6e	doc: update http.protocol keyword documentation Ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	2d0ceedeba	doc: update urilen keyword documentation ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	ef118aa582	doc: remove legacy uricontent information ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	96e8c10276	doc: update http.uri and http.uri.raw keywords ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	bf192926a8	doc: update http.method keyword ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	0cce5ba447	doc: add http keyword links ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago
jason taylor	fd46175203	doc: update http primer information ticket: 3025 Signed-off-by: jason taylor <jtfas90@gmail.com>	2 years ago

1 2 3 4 5 ...

857 Commits (40b87bfd04cfafaa163b715fd5d0bb37b6100a9c)