Jason Ish
Jason Ish
Currently SQLite does not support reports. Ideally it should support the same reports that Elastic Search can, or at least a subset of them. Related to issue #93
Related comment: https://github.com/jasonish/evebox/issues/51#issuecomment-308870202 Provide a way to auto-archive (mute) alerts probably matching a filter. Most likely SID, SID/src-ip, or SID/src-ip/dest-ip as thats the aggregation that EveBox uses. Events matching this...
When bundled with Suricata, Suricata-Update will not be installed with distutils/setuptools and will be installed in a custom location. Update the search path for these changes. This will still work...
Before 6.0.6 if hex content was incomplete, Suricata didn't error out. With 6.0.6 incomplete hex was detected and errored on which is a breaking change in a release branch. Instead,...
Parses and logs the bittorrent-dht protocol. Feature: https://redmine.openinfosecfoundation.org/issues/3086 Previous PR: https://github.com/OISF/suricata/pull/7731 Changes since last PR: - parse value lists into a list of peer data structures - add nodes6 parsing...
We have an application that is part Rust, part C. We use `extern "C" {` to define C functions to Rust. However, `cbindgen` appears to re-export these back out. Short...
Just wanted to drop a note that while 0.14.1 builds find on Rust 1.34.0 (actually 1.32 and newer), 0.14.2 requires Rust 1.37.0 due to: ``` error: enum variants on type...
This is to address the cargo audit issues around time and the RustSec advisory https://rustsec.org/advisories/RUSTSEC-2020-0071.html. Migrate from time 0.1 to time 0.3. Due to issues parsing YYMM formatted years with...
Many rules have a reference, add a link much like is done on https://rules.evebox.org.