Ixchel

 view release on metacpan or  search on metacpan

share/templates/suricata_outputs.tt  view on Meta::CPAN

14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
- eve-log:
    enabled: no
    filetype: syslog
    pcap-file: false
    community-id: false
    community-id-seed: 0
    xff:
      enabled: yes
      mode: extra-data
      deployment: reverse
      header: X-Forwarded-For
    types:
      - alert:
          payload: yes
          payload-buffer-size: 64kb
          packet: yes
          http-body: yes
          http-body-printable: no
          tagged-packets: yes
          metadata:
            app-layer: true

share/templates/suricata_outputs.tt  view on Meta::CPAN

93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
- eve-log:
    enabled: yes
    filetype: syslog
    identity: suricata-http
    facility: local5
    level: Info
    xff:
      enabled: yes
      mode: extra-data
      deployment: reverse
      header: X-Forwarded-For
    pcap-file: false
    community-id: false
    community-id-seed: 0
    types:
      - http:
          extended: yes
          dump-all-headers: both
- eve-log:
    enabled: yes
    filetype: syslog

share/templates/suricata_outputs.tt  view on Meta::CPAN

281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
      version: 2
      enabled: yes
      dir: /var/log/suricata/files
      write-fileinfo: yes
      stream-depth: 0
      force-hash: [sha1, md5]
      xff:
        enabled: no
        mode: extra-data
        deployment: reverse
        header: X-Forwarded-For
[% END %]
 
##
## regular files
##
  - eve-log:
      enabled: 'yes'
      filetype: regular
      filename: /var/log/suricata/alert[% vars.instance_part %].json
      pcap-file: false
      community-id: false
      community-id-seed: 0
      xff:
        enabled: yes
        mode: extra-data
        deployment: reverse
        header: X-Forwarded-For
      types:
        - alert:
            payload: yes
            payload-buffer-size: 64kb
            packet: 'yes'
            http-body: yes
            http-body-printable: no
            tagged-packets: yes
            metadata:
              app-layer: true

share/templates/suricata_outputs.tt  view on Meta::CPAN

370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
          force-magic: yes
          force-hash: [md5]
- eve-log:
    enabled: yes
    filetype: regular
    filename: /var/log/suricata/flows/current/http.json
    xff:
      enabled: yes
      mode: extra-data
      deployment: reverse
      header: X-Forwarded-For
    pcap-file: false
    community-id: false
    community-id-seed: 0
    types:
      - http:
          extended: yes
          dump-all-headers: both
- eve-log:
    enabled: yes
    filetype: regular



( run in 0.233 second using v1.01-cache-2.11-cpan-eab888a1d7d )