[Oisf-users] eve.json packet field not matching traffic

[erik clark]

The content in eve.json for the packet field matches neither the payload
nor the payload_printable, nor what I assume to be the other side of the
transaction...

Wat?

Is this expected behavior? Also, the packet appears to be highly truncated.
This is on suri 3.2. I believe I see the same behavior on suri 3.1.3 as
well.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170228/56e5fdae/attachment.html>