<div dir="ltr"><div><div><div><div>Hi Stefan,<br></div><br></div>Yes - at the moment it is only files-json. The other JSON format outputs are coming soon to dev I believe.(DNS,TLS,ALERT, HTTP).<br><br></div>The http logs that you see in files-json is the http related stuff that the particular file that was transferred to/from, as explained in more detail here:<br>
<a href="https://redmine.openinfosecfoundation.org/projects/suricata/wiki/MD5">https://redmine.openinfosecfoundation.org/projects/suricata/wiki/MD5</a><br><br></div>Thanks<br><div><br></div></div><div class="gmail_extra">
<br><br><div class="gmail_quote">On Thu, Nov 21, 2013 at 11:55 AM, Stefan Sabolowitsch <span dir="ltr"><<a href="mailto:Stefan.Sabolowitsch@felten-group.com" target="_blank">Stefan.Sabolowitsch@felten-group.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi all,<br>
actually i play a little with v2.0.dev latest git rev.<br>
I see in files-json only http events and not example DNS, is this correct ?<br>
<br>
thx<br>
Stefan<br>
<br>
_______________________________________________<br>
Suricata IDS Users mailing list: <a href="mailto:oisf-users@openinfosecfoundation.org">oisf-users@openinfosecfoundation.org</a><br>
Site: <a href="http://suricata-ids.org" target="_blank">http://suricata-ids.org</a> | Support: <a href="http://suricata-ids.org/support/" target="_blank">http://suricata-ids.org/support/</a><br>
List: <a href="https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users" target="_blank">https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users</a><br>
OISF: <a href="http://www.openinfosecfoundation.org/" target="_blank">http://www.openinfosecfoundation.org/</a><br>
</blockquote></div><br><br clear="all"><br>-- <br><div>Regards,</div>
<div>Peter Manev</div>
</div>