[Oisf-devel] [PATCH] Added request length to custom HTTP logging
I. Sanchez
sanchezmartin.ji at gmail.com
Mon May 27 18:33:16 UTC 2013
I received the code from Vincent Fang in a pull request to my repo.
https://github.com/owlsec/suricata/pull/1
so I mentioned vinfang as the source for the patch in the PR
* "Added %b for request size (vinfang patch)"*
I don't know if Vincent Fang implemented it himself (3 lines) or took it
from Mat's patch, but it implements the same functionality this is why I
mentioned it was included in the PR #377
Cheers,
Ignacio
On Mon, May 27, 2013 at 3:22 PM, Victor Julien <victor at inliniac.net> wrote:
> On 05/26/2013 12:03 PM, I. Sanchez wrote:
> > Hi,
> >
> > The patch is included in the Pull Request 377 regarding feature #602
> >
> > https://github.com/inliniac/suricata/pull/377
> > https://redmine.openinfosecfoundation.org/issues/602
>
> I don't see Mathews commit in the PR, how did you merge it?
>
> Or did you mean that you already implemented the same thing yourself?
>
> Cheers,
> Victor
>
> >
> > Cheers,
> >
> > Ignacio
> >
> >
> >
> >
> > On Sun, May 26, 2013 at 6:26 AM, <mathewm at sdf.lonestar.org
> > <mailto:mathewm at sdf.lonestar.org>> wrote:
> >
> > On Thu, 28 Mar 2013 10:37:10 +0100, Victor Julien
> > <victor at inliniac.net <mailto:victor at inliniac.net>> wrote:
> >
> > On 03/23/2013 10:46 AM, mathewm at sdf.lonestar.org
> > <mailto:mathewm at sdf.lonestar.org> wrote:
> >
> > Added request length to custom HTTP logging
> >
> > Custom HTTP logging currently provides access to the HTTP
> > response
> > length (via %B in the custom log format string), but not the
> > request
> > length. The request length can be very valuable.
> >
> > I've modified log-httplog.c to provide access to libhtp's
> > request_message_len, via %b in the custom log format.
> >
> >
> > Interesting addition. Was going to apply it, but my git rejects
> > it. Can
> > you retry sending it against the current master, or attach a "git
> > format-patch -1" file? A github pr works as well.
> >
> > Cheers,
> > Victor
> >
> >
> > Sorry for the delay, I need to pay more attention to my email!
> >
> > A corrected patch file is attached, which I managed to successfully
> > test locally so with any luck this one will be OK.
> >
> > Cheers
> >
> > Mat
> > _______________________________________________
> > Suricata IDS Devel mailing list:
> > oisf-devel at openinfosecfoundation.org
> > <mailto:oisf-devel at openinfosecfoundation.org>
> > Site: http://suricata-ids.org | Participate:
> > http://suricata-ids.org/participate/
> > List:
> > https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
> > Redmine: https://redmine.openinfosecfoundation.org/
> >
> >
> >
> >
> > _______________________________________________
> > Suricata IDS Devel mailing list: oisf-devel at openinfosecfoundation.org
> > Site: http://suricata-ids.org | Participate:
> http://suricata-ids.org/participate/
> > List:
> https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
> > Redmine: https://redmine.openinfosecfoundation.org/
> >
>
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Suricata IDS Devel mailing list: oisf-devel at openinfosecfoundation.org
> Site: http://suricata-ids.org | Participate:
> http://suricata-ids.org/participate/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-devel
> Redmine: https://redmine.openinfosecfoundation.org/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20130527/69bbafe7/attachment-0002.html>
More information about the Oisf-devel
mailing list