aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,986 Commits
8 Branches
163 Tags
199 MiB
main
main-8.0.x
main-7.0.x
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.1
suricata-7.0.12
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '877e5214b8'
${ noResults }
Commit Graph

573 Commits (877e5214b856820bf24971b79e0883aa28639b13)

Author SHA1 Message Date
frank honza ab59ef0d79 ikev1: add documentation for ikev1 5 years ago
frank honza ecdf9f6b0b ikev1: rename ikev2 to common ike 
Renaming was done with shell commands, git mv for moving the files and content like
find -iname '*.c' | xargs sed -i 's/ikev1/ike/g' respecting the different mixes of upper/lower case.
 5 years ago
Shivani Bhardwaj d708744f2b doc: fix ubuntu pkg name for tcmalloc 5 years ago
Jason Ish 560974b2db doc/quickstart: use new test url that works 
Replace http://testmyids.org with http://testmynids.org/uid/index.html,
as testmyids.org now always redirects to https.
 5 years ago
Josh Stroschein 7ece0ac31f doc: update installation documentation for CentOS and Fedora 5 years ago
Philippe Antoine a04b5566a6 http: makes decompression time limit configurable 5 years ago
Jeff Lucovsky 25e9483168 doc/lua: Lua API name consistency 
This commit updates the documentation of the SCFlow* function names
available to Lua scripts.

Formerly, they used the prefix "Sc"; now they use "SC".
 5 years ago
Jason Ish 547afcb983 doc/userguide/transforms: remove not about libnss being required 5 years ago
Jason Ish 41591af48b doc/userguide/install: remove libnss 5 years ago
Jason Ish 4b9af8d2ce doc/userguide: document --disable-hashing 5 years ago
Jason Ish c0ddad8e7e doc/ja3: libnss support no longer required 5 years ago
Kirby Kuehl 5499a6f7cd doc: fix URL for unix-socket python example 5 years ago
Sascha Steinbiss f78f444a5e doc: build all manpages 5 years ago
Carl Smith 9b840104bd lua: Make the rule action available to output scripts 
Useful for those that want to do custom logging from lua
 5 years ago
Justin Ossevoort 320de5f43d eve: Log tenant_id for all eve-json messages 5 years ago
Victor Julien 372fc26739 ci: buildbot is decommissioned, so remove prscript refs 5 years ago
Sascha Steinbiss 15c42e0d83 doc: add documentation for SRV DNS JSON structure 5 years ago
Philippe Antoine 096dce4bba http2: allow filestore to work with HTTP2 5 years ago
Philippe Antoine 4e242645be doc: explicit header normalization further 
And their concatenation as described in RFC 2616
 5 years ago
Philippe Antoine 6b30890de9 doc: http.uri.raw has no spaces 
as they are in the protocol

cf bug #2881
 5 years ago
Victor Julien 7b4ac8dbab doc/userguide: update http keywords 5 years ago
Victor Julien ca47d75c80 doc/userguide: explain --strict-rule-keywords 5 years ago
Jeff Lucovsky a18a9d3046 doc: New sticky buffer icmpv4.hdr 5 years ago
Phil Young 76de981574 napatech: Added comment indicating that hba will be deprecated 
HBA will be deprecated in Suricata 7
 5 years ago
Jason Ish 3030a3da18 doc: provide eve 1 deprecation date 5 years ago
Victor Julien c95850c6ce doc/rules: document config rule option 5 years ago
Jeff Lucovsky 6f9b7e052a doc/eve: Update threaded filename examples 5 years ago
Jason Ish f70e1f571e doc/userguide: add info about --set and lists 5 years ago
Jason Ish 69fffb2dc4 doc/userguide: include man page even when not including pdf 
Fix a mistake in Makefile.am where the man page was only being
added to the distribution if the PDF was also created. It should
be included even if the PDF cannot be included.
 5 years ago
Shivani Bhardwaj 87617b200c doc/datasets: add info about memcap and hashsize 5 years ago
Jason Ish 7d44e80a50 doc: document removal of unified2 
And suggest an alternate tool, Meer if compatibility with
Barnyard2 style databases is required.

Redmine ticket:
https://redmine.openinfosecfoundation.org/issues/3497
 5 years ago
Jason Ish e71f2b22fa doc: add removal of individual json loggers 
Add link to multiple eve instances as a replacement for this
feature.
 5 years ago
Philippe Antoine 9b5c923327 http: disables lzma by default for HTTP 5 years ago
Victor Julien e1ecb7dc41 doc/datasets: explain reloads, general improvements 5 years ago
Simon Dugas 48da18b081 doc: dns - document additional fields in eve event 
Documentation of additional fields for soa and sshfp. Also some minor
doc fixes and updates.
 5 years ago
Jeff Lucovsky 06f41f608c doc: Improve grammar, spelling and clarifications 
This commit improves the overall documentation's grammar, spelling, and
adds clarifications  where needed.
 5 years ago
jason taylor b21160a6e3 doc: http.host keyword note for matching on port 
Signed-off-by: jason taylor <jtfas90@gmail.com>
 5 years ago
Roland Fischer de7c7eeff0 doc: Add dev code-style 5 years ago
Odin Jenseg 4549505418 doc/userguide: fix outdated xdp info 5 years ago
Philippe Antoine 999af4f62a http2: adds documentation 5 years ago
James Dutrisac 8d5e54c046 pcap: recusively reading pcaps / documentation 
Changes to doc/userguide/partials/options.rst for feature 2363
   (reading pcaps recursively)
 5 years ago
Sascha Steinbiss 4e1a41a17d output-json: add MAC address output 
This commit adds MAC address output to the EVE-JSON format. We follow the
remarks made in Redmine ticket #962: for packets, log MAC src/dst as a
scalar field in EVE; for flows, log MAC src/dst as lists in EVE. Field names
are different between flow and packet context to avoid type confusion
(src_mac vs. src_macs). Configuration approach and JSON representation is
taken from previous GitHub PR #2700.
 5 years ago
Sascha Steinbiss c31360070b rust/mqtt: add MQTT parser 5 years ago
Jeff Lucovsky a5d30a3220 doc/output: Document multithreaded eve option 5 years ago
Philippe Antoine 1569f3e349 transform: adds url_decode keyword 
Fixes https://redmine.openinfosecfoundation.org/issues/2689

Adds a new source file to handle this keyword.
And modifies documentation, Makefile, and registration accordingly.

url_decode decodes url-encoded data, ie replacing '+' with space
and '%HH' with its value.
 5 years ago
Victor Julien 00cc3c7374 eve/ssh: change hassh logging format 
Elastic search didn't accept the 'hassh' and 'hassh.string'. It would
see the first 'hassh' as a string and split the second key into a
object 'hassh' with a string member 'string'. So two different types
for 'hassh', so it rejected it.

This patch mimics the ja3(s) logging by creating a 'hassh' object
with 2 members: 'hash', which holds the md5 representation, and
'string' which holds the string representation.
 5 years ago
Tristan Fletcher 6cbb4d4909 doc: fix spelling in flowbits image 5 years ago
Victor Julien e04d48c8c8 doc/userguide: fix outdated mpm info 5 years ago
Victor Julien 04d88e7012 doc/suricata-update: fix typo and do minor cleanups 
Thanks to showipintbri PR 4465.
 5 years ago
Jeff Lucovsky 901fbae7b9 doc: Add byte_math documentation 5 years ago