[Oisf-users] http transaction not logged if http post body > 2KB
Delta Yeh
delta.yeh at gmail.com
Mon Jul 9 13:55:39 UTC 2012
Hi,
I'm testing suricata 1.3 and I run into this problem.
The setup is :
1. suricata 1.3 , default suricata.yaml
2. no rule loaded
3. enabled http log
I use wget to do the tests,
If I send GET request, the http transaction is logged.
If I send POST request with small body(<1KB), the request is also logged.
If I send POST with body > 2KB, the request is not always logged.
The test lab is clean, I do the request manually, so there is not
performance issue.
Anyone has idea on this?
BR,
DeltaY
More information about the Oisf-users
mailing list