[Oisf-users] ICMPv4 vs ICMPv6 reporting
Brad Kingsbury
bradkingsbury at gmail.com
Tue May 30 22:57:00 UTC 2017
I'm trying to get JSON outputs for ICMPv4 and ICMPv6 flows.
When I have Suricata process a simple ping (request/reply -- 2 packets) for
both ICMPv4 and ICMPv6, they generate different outputs in the EVE.JSON
file.
ICMPv6 displays the details, including the ICMP code/type, about the
flow/netflow, but for ICMPv4, no flow info is displayed whatsoever. The
ICMPv4 packets are detected as ICMPv4 packets, based upon the summary line,
but I can't see the code/type.
Anyway to see the code/type from the ICMPv4 flows/netflows?
Thanks,
Brad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20170530/5b1a49ab/attachment.html>
More information about the Oisf-users
mailing list