[Oisf-users] extended logging of alerts?

[Ted Timmons]

I'm logging alerts to eve-log. I'd like to get extended information (such
as tls.fingerprint or dns.rrname) in an alert entry. It seems they don't
show up unless I log all DNS or TLS traffic.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160203/da7cfbb8/attachment.html>