[Oisf-users] Suricata 1.4, ability to specify a new custom log or see a log of DNS and ARP requests?

Vincent Fang vincent.y.fang at gmail.com
Mon Feb 25 19:49:52 UTC 2013

So I see there are a bunch of preset logs like one for tcp pcap and one for
the alerts, fast.log, and one for http custom logging.

One of the things I want to see is a log of DNS and ARP requests and
responses, and I'm wondering if this is currently possible or should I just
examine the tcp.pcap logs instead.

But then I started thinking that different users will only care about
different things so maybe it would be more modular to allow a way for
Suricata.yaml to let users specify the number of logs they want Suricata to
produce each with a custom format of data they care about? Is this possible
with Suricata or will this need to be a feature request? Also does it make
sense to add this kind of feature?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20130225/2e751465/attachment.html>

More information about the Oisf-users mailing list