suricata icon indicating copy to clipboard operation
suricata copied to clipboard

Published 20 hours ago verified publisher icon OISF

output: Add linktype description

Open jlucovsky opened this issue 1 month ago • 2 comments

Amend the linktype output with the linktype name (when available).

The linktype name is included alongside linktype when alert.packet is enabled. The name is retrieved from a new function that translates the DLT/linktypes recognized by Suricata into a string.

Issue: 6954

Link to ticket: https://redmine.openinfosecfoundation.org/issues/6954

Describe changes:

  • Include the linktype name alongside linktype
  • Update the schema with linktype_name

Provide values to any of the below to override the defaults.

  • To use an LibHTP, Suricata-Verify or Suricata-Update pull request, link to the pull request in the respective _BRANCH variable.
  • Leave unused overrides blank or remove.

SV_REPO= SV_BRANCH=https://github.com/OISF/suricata-verify/pull/1798 SU_REPO= SU_BRANCH= LIBHTP_REPO= LIBHTP_BRANCH=

jlucovsky avatar May 23 '24 12:05 jlucovsky