[Oisf-users] Appending, modifying key/values eve.log?
Victor Julien
lists at inliniac.net
Wed Dec 14 22:09:50 UTC 2016
On 08-12-16 23:14, John Daly wrote:
> Curious if there is a configuration option to add or modify key, value
> pairs in the eve log?
>
> The goal is to add a key called "tool_name" with the value "suricata".
> Or change the event_type value from "alert" to "suricata_alert".
Not at this time. I'm working on something closely related, so maybe
this could be added as well.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-users
mailing list