suricata

Commit Graph

Author	SHA1	Message	Date
Jeff Lucovsky	1e0d3435db	doc: add napatech plugin upgrade notes Issue: 7165	9 months ago
Philippe Antoine	7ab833471e	doc/rfb: mention accidental fix for security_result log Ticket: 7198	10 months ago
Giuseppe Longo	036b68b0a9	doc: add new sip keywords	10 months ago
Jason Ish	15fe844ae7	syslog: deprecate The standalone syslog output is now deprecated for Suricata 8. Display a warning on use and add notes to the userguide. Ticket: #6544	11 months ago
Jason Ish	5853fb922d	tls-log: deprecate tls-log is now deprecated and will be removed in Suricata 9.0. Display a deprecation notice on use, and add notes to the user guide. Ticket: #6542	11 months ago
Jason Ish	ab26323a96	http-log: deprecate http-log is now deprecated and will be removed in Suricata 9.0. Display a deprecation notice on use, and add notes to the userguide. Issue: #6543	11 months ago
Victor Julien	fa9cae3899	doc/userguide: document logging changes from 6 to 7 Minor other logging related improvements like clarifying language and improving formatting for pdf output.	11 months ago
Giuseppe Longo	70ed9f91d8	doc: add ldap protocol	1 year ago
Philippe Antoine	bce8f4b853	detect/ssh: remove deprecated keywords Ticket: 2377	1 year ago
Jason Ish	5f516c5896	doc: add pf-ring plugin upgrade notes Ticket: #7162	1 year ago
Jason Ish	d3c08b9643	doc: upgrade guide for dns logging changes Bug: #6281	1 year ago
Shivani Bhardwaj	c66f1f4488	doc: add note about datasets string memcaps Bug 3910	1 year ago
Jeff Lucovsky	d205ff82d0	doc/transform: Describe the from_base64 transform Issue: 6487 Document the new transform and indicate that it's the preferred way to perform base64 decoding (preferred over base64_decode)	1 year ago
Juliana Fajardini	43b998aa73	userguide/upgrade: add note about alerts' increase With triggering stream reassembly early, since for certain types of rules there may be more alerts triggered - even in IPS mode, make this clear in the upgrading section. Bug #7026	1 year ago
Philippe Antoine	7582b18a9f	http: configures libhtp to allow spaces in uri Ticket: #2881	1 year ago
Giuseppe Longo	8a171c9d74	doc: add arp changes	1 year ago
Giuseppe Longo	4f1e71bb4e	doc: add sdp update	1 year ago
Juliana Fajardini	72146b969c	eve/stats: allow hiding counters whose valued is 0 Some stats can be quite verbose if logging all zero valued-counters. This allows users to disable logging such counters. Default is still true, as that's the expected behavior for the engine. Task #5976	1 year ago
Giuseppe Longo	3dc24a967a	doc: add upgrade section for 8	1 year ago
Victor Julien	3456dea276	doc/userguide: update guidance on 5 to 6 upgrading TCP memory use can be higher than expected in certain configs. Ticket: #6552.	2 years ago
Shivani Bhardwaj	2b73a17bb0	detect: rename whitelist to score The term "whitelist" is actually used to store a list of DetectPort type items for tcp and udp in detect.h. Using the same term for also keeping the score that affects the grouping of rules is confusing. So, rename the variable to "score".	2 years ago
Juliana Fajardini	f16d428fd1	userguide/upgrade: link to exception policy FAQ With the release of 7, people are starting to have issues with traffic being blocked. While we don't add a more expansive documentation for this, add a link to the FAQ covering possible fixes for drops caused by the fail closed default behavior of the exception policies.	2 years ago
Andreas Herz	24bcaf07ae	doc/upgrade: add more 6 to 7 changes and minor improvements Issue: #5473	2 years ago
Jason Ish	0b5dc58e15	doc/userguide: more eve http upgrade notes Add more information with a examples of how the changes to EVE HTTP logging may affect users.	2 years ago
Jeff Lucovsky	ac8f91f44f	config: Document cluster_rollover deprecation Issue: 6128 cluster_rollover is no longer permitted; using it will generate a warning message and it'll be replaced with cluster_flow	2 years ago
Jeff Lucovsky	29621c7f0d	doc/afpacket: Document rollover deprecation	2 years ago
Jason Ish	14daa42e0b	doc/userguide: dataset upgrade notes	2 years ago
Philippe Antoine	656554f293	http2: rename http2.header to http.request_header Or http.response_header based on the direction http2.header had a different behavior than http.header and this was confusing. Ticket: #5780	2 years ago
Philippe Antoine	5c419b79b7	doc: upgrade guide for logging http custom headers Ticket: #5320	2 years ago
Jason Ish	5af73b3879	doc/userguide: document include files Document how to use include files, plus add a deprecation notice on the use of multiple "include" statements.	2 years ago
Jason Ish	a71dee5516	doc/userguide: merge logging changes in 7.0 upgrade notes Two "Logging changes" sections existed, merge.	2 years ago
Victor Julien	0903536fd6	doc: spelling Thanks to Josh Soref.	2 years ago
Philippe Antoine	8f9cd8ff1a	doc: security.limit-noproc upgrade note Ticket: #5621	2 years ago
Victor Julien	f4fa51986e	doc: warn IPS users on new exception policy default	2 years ago
Juliana Fajardini	0d9289014b	exceptions: add master switch config option This allows all traffic Exception Policies to be set from one configuration point. All exception policy options are available in IPS mode. Bypass, pass and auto (disabled) are also available in iDS mode Exception Policies set up individually will overwrite this setup for the given traffic exception. Task #5219	3 years ago
Todd Mortimer	15c77be937	swf-decompression: Disable by default. Add an entry to the upgrade guide noting the change. Ticket: #5632	3 years ago
Philippe Antoine	a003640ecf	security: prevents process creation with setrlimit NPROC. So that, if Suricata wants to execve or such to create a new process the OS will forbid it so that RCE exploits are more painful to write. Ticket: #5373	3 years ago
Jason Ish	6ceeb08351	doc/userguide: updates for eve dns v1 removal Ticket: #4157	3 years ago
Jason Ish	7d6bc60abb	doc/userguide: document ftp max-line-length	3 years ago
Philippe Antoine	cfcade58ad	http: move xff logging to alert object Ticket: 4860 instead of root field	3 years ago
Jason Ish	cda11b8d97	doc/update: mention change of default rule path	4 years ago
Juliana Fajardini	de0ce26e3f	userguide: update references to Suricata website Many places were still referencing the old Suricata page. Used git grep with replace to update them. Checked that new links work. Left old references when they were only documentation examples (for output or unittests). Task#4915	4 years ago
Philippe Antoine	27dd0c6b3d	eve/ftp-data: log alert metadata in ftp-data object Ticket: 4860 instead of directly in root	4 years ago
Philippe Antoine	fae7389ae2	pcre2: document the behavioral changes	4 years ago
Jason Ish	2cff811609	doc: remove prelude and document as removed	4 years ago
Jason Ish	3e9d1e813a	doc/upgrade: move ike logging changes to 7.0 changes Was mistakenly put in 6.0 changes.	4 years ago
Jason Ish	f56634ac46	doc/upgrade: mention that nss is no longer required	4 years ago
Jeff Lucovsky	fcd1ae3bf1	doc: Protocol name/case change for upgrade doc This commit adds a one-liner to the upgrade document for 7.0 stating that protocol names/values are now builtin to Suricata and that names and their casing may change.	4 years ago
frank honza	ab59ef0d79	ikev1: add documentation for ikev1	4 years ago
Jason Ish	7d44e80a50	doc: document removal of unified2 And suggest an alternate tool, Meer if compatibility with Barnyard2 style databases is required. Redmine ticket: https://redmine.openinfosecfoundation.org/issues/3497	5 years ago

1 2

57 Commits (ae10fc3de4ed9eb30822291731190b66e23318dd)