aiden
/
suricata
mirror of https://github.com/OISF/suricata
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
6,099 Commits
7 Branches
161 Tags
204 MiB
main-7.0.x
master
master-6.0.x
master-5.0.x
master-4.1.x
master-4.0.x
master-3.2.x
suricata-8.0.0
suricata-7.0.11
suricata-8.0.0-rc1
suricata-8.0.0-beta1
suricata-7.0.10
suricata-7.0.9
suricata-7.0.8
suricata-7.0.7
suricata-7.0.6
suricata-6.0.20
suricata-7.0.5
suricata-6.0.19
suricata-6.0.18
suricata-7.0.4
suricata-6.0.17
suricata-7.0.3
suricata-6.0.16
suricata-7.0.2
suricata-6.0.15
suricata-7.0.1
suricata-6.0.14
suricata-7.0.0
suricata-7.0.0-rc2
suricata-6.0.13
suricata-6.0.12
suricata-6.0.11
suricata-7.0.0-rc1
suricata-6.0.10
suricata-6.0.9
suricata-7.0.0-beta1
suricata-6.0.8
suricata-6.0.7
suricata-6.0.6
suricata-5.0.10
suricata-6.0.5
suricata-5.0.9
suricata-6.0.4
suricata-5.0.8
suricata-6.0.3
suricata-5.0.7
suricata-6.0.2
suricata-5.0.6
suricata-6.0.1
suricata-5.0.5
suricata-4.1.10
suricata-4.1.9
suricata-5.0.4
suricata-6.0.0
suricata-6.0.0-rc1
suricata-6.0.0-beta1
suricata-5.0.3
suricata-4.1.8
suricata-4.1.7
suricata-5.0.2
suricata-4.1.6
suricata-5.0.1
suricata-5.0.0
suricata-5.0.0-rc1
suricata-4.1.5
suricata-5.0.0-beta1
suricata-4.1.4
suricata-4.1.3
suricata-4.0.7
suricata-4.1.2
suricata-4.1.1
suricata-4.1.0
suricata-4.0.6
suricata-4.1.0-rc2
suricata-4.1.0-rc1
suricata-4.0.5
suricata-4.1.0-beta1
suricata-4.0.4
suricata-4.0.3
suricata-4.0.2
suricata-3.2.5
suricata-4.0.1
suricata-3.2.4
suricata-4.0.0
suricata-4.0.0-rc2
suricata-3.2.3
suricata-4.0.0-rc1
suricata-4.0.0-beta1
suricata-3.2.2
suricata-3.1.4
suricata-3.2.1
suricata-3.2
suricata-3.2RC1
suricata-3.1.3
suricata-3.2beta1
suricata-3.1.2
suricata-3.1.1
suricata-3.1
suricata-3.0.2
suricata-3.1RC1
suricata-3.0.1
suricata-3.0.1RC1
suricata-3.0
suricata-2.0.11
suricata-3.0RC3
suricata-3.0RC2
suricata-3.0RC1
suricata-2.0.10
suricata-2.0.9
suricata-2.1beta4
suricata-2.0.8
suricata-2.0.7
suricata-2.1beta3
suricata-2.0.6
suricata-2.0.5
suricata-2.1beta2
suricata-2.0.4
suricata-2.1beta1
suricata-2.0.3
suricata-2.0.2
suricata-2.0.1
suricata-2.0.1rc1
suricata-2.0
suricata-2.0rc3
suricata-2.0rc2
suricata-2.0rc1
suricata-2.0beta2
suricata-1.4.7
suricata-1.4.6
suricata-1.4.5
suricata-2.0beta1
suricata-1.4.4
suricata-1.4.3
suricata-1.4.2
suricata-1.4.1
suricata-1.3.6
suricata-1.4
suricata-1.3.5
suricata-1.4rc1
suricata-1.3.4
suricata-1.4beta3
suricata-1.3.3
suricata-1.4beta2
suricata-1.3.2
suricata-1.4beta1
suricata-1.3.1
suricata-1.3
suricata-1.3rc1
suricata-1.3beta2
suricata-1.3beta1
suricata-1.2.1
suricata-1.2
suricata-1.2rc1
suricata-1.2beta1
suricata-1.1.1
suricata-0.8.2
suricata-1.0.0
suricata-1.0.1
suricata-1.0.2
suricata-1.0.3
suricata-1.0.4
suricata-1.0.5
suricata-1.1
suricata-1.1beta1
suricata-1.1beta2
suricata-1.1beta3
suricata-1.1rc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'dad1f85edb'
${ noResults }
Commit Graph

22 Commits (dad1f85edb59406a00164e6533c31ca12253b790)

Author SHA1 Message Date
Eric Leblond dad1f85edb email-json: add author 
Add myself as author and change the copyright date.
 10 years ago
Eric Leblond caa8982b43 email-json: add some fields 
This patch adds some fields to the list of extracted fields.
 10 years ago
Eric Leblond ca52fa91dd email-json: body md5 logging is optional 10 years ago
Eric Leblond a719ea3c92 email-json: add capa to display subject md5 
To be able to identify mails with identical subjects without
using the subject itself as a key, it is possible to use the md5
hash of the subjet string. This allows to limit the privacy impact.
 10 years ago
Eric Leblond 881aa3efce email-json: don't log subject by default 
It seems to be a bit too intrusive for the privacy so this patch
adds this field to the extended logging only.
 10 years ago
Eric Leblond 431dc155aa email-json: delete white space from "from" 
The From field is handled separatly and it could also starts by
white spaces.
 10 years ago
Eric Leblond abcaf46193 email-json: delete leading white spaces 
Some mail clients are using tabulation and/or space for comma
separated list. This patch removes them so the event will contain
only significative characters.
 10 years ago
Eric Leblond 4c0f8803e7 email-json: factorize the code 10 years ago
Eric Leblond a7ef0c05ba email-json: add LOG_EMAIL_COMMA type 
extract these data types by treating them as a comma separated list.
 10 years ago
Eric Leblond 3456ec467f email-json: add custom fields support 
This patch adds a way to specify which MIME fields to log via
the custom keyword in the EVE configuration. it also adds an
extended logging where some fields are added. The logging support
mono value fields as well as multivalue fields via the use of
JSON array.
 10 years ago
Eric Leblond ab941305d5 email-json: add function to export data 10 years ago
Eric Leblond d7e13c2c03 email-json: output MIME parsing status 
If the status is not PARSE_DONE then in that case we may have
imcomplete information. Increasing the stream reassemly depth
in that case would be a good idea.
 10 years ago
Eric Leblond ea311c1594 email-json: export md5sum of body 
The body_md5 has been added and contain the value of the md5sum
of the body.

This patch is using the state PARSE_DONE on the MIME state to
detect when a message has been completely parsed.
 10 years ago
Eric Leblond 5c26a2f2c8 email-json: move email fields to email section 
This patch changes the way smtp message are written. It is using
the "email" key to store the email related fields. This will
allow to do the same search through SMTP and IMAP if we implement
this last one.
 10 years ago
Victor Julien bd73553027 smtp json: fix potential crash on malloc failure 
** CID 1298888:    (FORWARD_NULL)
/src/output-json-email-common.c: 117 in JsonEmailLogJson()
/src/output-json-email-common.c: 140 in JsonEmailLogJson()
 10 years ago
Eric Leblond 0376b60da9 email-json: free temporary 'cc' string 10 years ago
Eric Leblond bd67000b69 email-json: free temporary 'to' string 10 years ago
Victor Julien 27007cc7d5 Fix Coverity issue in SMTP output 
** CID 1250327:  Uninitialized pointer read  (UNINIT)
/src/output-json-email-common.c: 117 in JsonEmailLogJson()
/src/output-json-email-common.c: 139 in JsonEmailLogJson()
 11 years ago
Victor Julien 2b9ef87527 smtp: convert logger to tx logger 
Move from packet logger to tx logger.
 11 years ago
Victor Julien 106bbc78e1 mime: refactor buffer use 
Turn all buffers into uint8_t (from char) and no longer use the
string functions like strncpy/strncasecmp on them.

Store url and field names as lowercase, and also search/compare
them as lowercase. This allows us to use SCMemcmp.
 11 years ago
Tom DeCanio 746da75615 eve-log: catch and log URLs in basic text emails without mime encapsulation. 
expand pointer walk protection.
 11 years ago
Tom DeCanio 31f8f5cf20 eve-log: SMTP JSON logger 11 years ago