[prev in list] [next in list] [prev in thread] [next in thread]
List: oisf-users
Subject: Re: [Oisf-users] question to v2.0b1 json log file with DNS content
From: Peter Manev <petermanev () gmail ! com>
Date: 2013-11-21 11:17:18
Message-ID: CAMhe82LS=xSja+o51+nAvfbUJRpJFyvKfrdWhaLNfBp_i3xj-g () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
Hi Stefan,
Yes - at the moment it is only files-json. The other JSON format outputs
are coming soon to dev I believe.(DNS,TLS,ALERT, HTTP).
The http logs that you see in files-json is the http related stuff that the
particular file that was transferred to/from, as explained in more detail
here:
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/MD5
Thanks
On Thu, Nov 21, 2013 at 11:55 AM, Stefan Sabolowitsch <
Stefan.Sabolowitsch@felten-group.com> wrote:
> Hi all,
> actually i play a little with v2.0.dev latest git rev.
> I see in files-json only http events and not example DNS, is this correct ?
>
> thx
> Stefan
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users@openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> OISF: http://www.openinfosecfoundation.org/
>
--
Regards,
Peter Manev
[Attachment #5 (text/html)]
<div dir="ltr"><div><div><div><div>Hi Stefan,<br></div><br></div>Yes - at the moment \
it is only files-json. The other JSON format outputs are coming soon to dev I \
believe.(DNS,TLS,ALERT, HTTP).<br><br></div>The http logs that you see in files-json \
is the http related stuff that the particular file that was transferred to/from, as \
explained in more detail here:<br> <a \
href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/MD5">https://re \
dmine.openinfosecfoundation.org/projects/suricata/wiki/MD5</a><br><br></div>Thanks<br><div><br></div></div><div \
class="gmail_extra"> <br><br><div class="gmail_quote">On Thu, Nov 21, 2013 at 11:55 \
AM, Stefan Sabolowitsch <span dir="ltr"><<a \
href="mailto:Stefan.Sabolowitsch@felten-group.com" \
target="_blank">Stefan.Sabolowitsch@felten-group.com</a>></span> wrote:<br> \
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex">Hi all,<br> actually i play a little with v2.0.dev latest git \
rev.<br> I see in files-json only http events and not example DNS, is this correct \
?<br> <br>
thx<br>
Stefan<br>
<br>
_______________________________________________<br>
Suricata IDS Users mailing list: <a \
href="mailto:oisf-users@openinfosecfoundation.org">oisf-users@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" target="_blank">http://suricata-ids.org</a> | \
Support: <a href="http://suricata-ids.org/support/" \
target="_blank">http://suricata-ids.org/support/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" \
target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
OISF: <a href="http://www.openinfosecfoundation.org/" \
target="_blank">http://www.openinfosecfoundation.org/</a><br> \
</blockquote></div><br><br clear="all"><br>-- <br><div>Regards,</div> <div>Peter \
Manev</div> </div>
_______________________________________________
Suricata IDS Users mailing list: oisf-users@openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
OISF: http://www.openinfosecfoundation.org/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic