<div dir="ltr">Hi Andreas,<div><br></div><div>Thanks for the link. I currently want to work on the following.</div><div><br></div><div>1) HASSH detection and extraction.</div><div>2) Store payload data(if payload data exist) when alert is triggered.</div><div><br></div><div>I would your suggestions on how to find the best way to understand the flow of a session in Suricata i.e., from the detection of the protocol to generation of an alert. </div><div><br></div><div>Murali</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Jun 30, 2019 at 2:49 PM Andreas Herz <<a href="mailto:aherz@oisf.net">aherz@oisf.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi Murali,<br>
<br>
On 26/06/19 at 10:11, Murali Kandula wrote:<br>
> I am looking for steps to setup Suricata for development purposes and also<br>
> looking for the best way to understand the code.<br>
<br>
Did you look into this documentation?<br>
<br>
<a href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricata_Developers_Guide" rel="noreferrer" target="_blank">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricata_Developers_Guide</a><br>
<br>
Do you have specific parts you want to work on?<br>
<br>
-- <br>
Andreas Herz<br>
_______________________________________________<br>
Suricata IDS Devel mailing list: <a href="mailto:oisf-devel@openinfosecfoundation.org" target="_blank">oisf-devel@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" rel="noreferrer" target="_blank">http://suricata-ids.org</a> | Participate: <a href="http://suricata-ids.org/participate/" rel="noreferrer" target="_blank">http://suricata-ids.org/participate/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel" rel="noreferrer" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel</a><br>
Redmine: <a href="https://redmine.openinfosecfoundation.org/" rel="noreferrer" target="_blank">https://redmine.openinfosecfoundation.org/</a><br>
<br>
</blockquote></div>