[Oisf-users] Suricata's http-log
Martin Holste
mcholste at gmail.com
Fri Mar 30 15:05:38 UTC 2012
Please use wc -l to count lines instead of file sizes when comparing.
On Fri, Mar 30, 2012 at 9:49 AM, Victor Julien <victor at inliniac.net> wrote:
> On 03/30/2012 04:48 PM, Peter Manev wrote:
>> Please have in mind that Suricata actually logs only properly terminated
>> connections in terms of http (FA received, proper tcp teardown).
>
> TCP sessions that time out (no RST or FIN sequence) will be logged as well.
>
> --
> ---------------------------------------------
> Victor Julien
> http://www.inliniac.net/
> PGP: http://www.inliniac.net/victorjulien.asc
> ---------------------------------------------
>
> _______________________________________________
> Oisf-users mailing list
> Oisf-users at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
More information about the Oisf-users
mailing list