[Oisf-users] extended logging of alerts?

Ted Timmons ted at perljam.net
Wed Feb 3 01:05:34 UTC 2016


I'm logging alerts to eve-log. I'd like to get extended information (such
as tls.fingerprint or dns.rrname) in an alert entry. It seems they don't
show up unless I log all DNS or TLS traffic.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160203/da7cfbb8/attachment.html>


More information about the Oisf-users mailing list