Jason Ish

Ooops, didn't mean to close.

> Just to give you an idea on the impact, we did some performance testing with that feature compared to file-magic: > > 34 Gbit/s Traffic on 40G with baseline...

> I noticed that the newly added files have the copyright year as 2021, though... Yeah, the PR is from 2021, its been in review for a long time.

Rebased: https://github.com/OISF/suricata/pull/8102

That is correct. At this time the evebox agent only connects to the evebox server, where the evebox server will add the events to Elasticsearch, but in a log stash...

It would be useful if you could isolate the issue to Evebox or Elasticsearch. One issue is that you cannot paginate aggregate queries from Elastic, or at least you couldn't...

> Can you annotate them on the source with `/// cbindgen:ignore`? This works on the module level, but not just on an `extern "C" {}` block which would be more...

I don't get the same error. But I get this error on versions of rustc < 1.41.0. ``` error[E0599]: no method named `as_deref` found for type `std::option::Option` in the current...

> In the `todos` example, once the request has gotten through the filters and arrived to the `handler` function, it chooses to return responses with the correct status codes instead...

Closing for now. Working on a new version that uses `serde`.