[Oisf-users] suri4 suricata.yaml
Peter Manev
petermanev at gmail.com
Fri Jun 30 13:00:12 UTC 2017
On Fri, Jun 30, 2017 at 2:37 PM, erik clark <philosnef at gmail.com> wrote:
> Are there a list of notable changes in suricata.yaml documented somewhere so
> that we can try and merge our existing yaml file with the new changes? I am
> unsure if there were stream changes or the like. Our goal is primarily to
> get http-body-printable into our yaml, but if there are other key additions
> we would like to know about those as well.
>
Most notable in terms of json/alerting would be (alongside http_body) -
http://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html?highlight=metadata#alerts
--
Regards,
Peter Manev
More information about the Oisf-users
mailing list