[Oisf-devel] Log data are recorded wrongly
Hwang In Chan
neogeoss1 at gmail.com
Mon Jun 18 15:15:26 UTC 2018
I am extracting files from Suricata file-store 1.0 and 2.0.
Because of my role, I am sticking to file-store v1.0. However, whereas logs
in JSON(file-store v2) are stored correctly,
logs in filestore v1.0 does not record original file names.
As you see in the code
https://github.com/CPP-CProgramming/suricata4Dev/
blob/master/src/log-filestore.c#L392
for filestore v1.0
https://github.com/CPP-CProgramming/suricata4Dev/
blob/master/src/output-json-file.c#L148
for filsstore v2.0
I do not see any difference in code. There must be another way of making a
correct file name.
Can any of you tell me about it where to change the code so that I will be
able to display a correct filename
with Ver 1.0 file store?
Or convert JSON text log into a non JSON text format?
Lots of love
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-devel/attachments/20180619/73ecee8b/attachment.html>
More information about the Oisf-devel
mailing list