[Oisf-users] A few questions / issues about the last 2 0dev. version
Stefan Sabolowitsch
Stefan.Sabolowitsch at felten-group.com
Thu Dec 5 13:46:27 UTC 2013
Sorry the first (noise) E-Mail i was a little too fast, here my questions:
If i enable dns, http and files-json logfile, a fast.log will never generated (OK ?).
I checked the files-json logfile and would like to suggest the following.
Wouldn't it be better to use these field names
src_ip, dst_ip, src_port, dst_port (instead srcip etc.)
A lot of logger collectors use this naming (logstash, slpunk etc.) .
thx
Stefan
-#-#-#-#-#-#-#-#-#-#
Hi all,
i see a lot of this in the latest git Version v2.0 (rev eaff01a)
If i enable dns, http and files-json logfile, a fast.log will never generated (OK ?).
I checked the files-json logfile and would like to suggest the following.
Wouldn't it be better to use these field names
src_ip, dst_ip, src_port, dst_port (instead srcip etc.)
A lot of logger collectors use this naming (logstash, slpunk etc.) .
Thanks for this good tool suricata.
Stefan
More information about the Oisf-users
mailing list