Jeff Lucovsky
Jeff Lucovsky
Amend the linktype output with the linktype name (when available). The linktype name is included alongside linktype when `alert.packet` is enabled. The name is retrieved from a new function that...
Continuation of #11048 Backport JA4 changes Link to [redmine](https://redmine.openinfosecfoundation.org/projects/suricata/issues) ticket: [7010](https://redmine.openinfosecfoundation.org/issues/7010) Describe changes: - Backport of [6379](https://redmine.openinfosecfoundation.org/issues/6379) Updates: - Rebase to get Rust-related CI updates. ### Provide values to any...
Continuation of #11089 When configured, include the reference value in the alert. The configuration value is in the `alert` section: types.alert.reference. The default value is off/no. Set to yes to...
Continuation of #11344 Convert the byte_extract option parser from C to Rust. Link to [redmine](https://redmine.openinfosecfoundation.org/projects/suricata/issues) ticket: [6873](https://redmine.openinfosecfoundation.org/issues/6873) Describe changes: - Refactor code in rust/src/detect to support re-usability - Implement the...
Continuation of #11277 Issue: 6954 This commit adds the linktype name to the output stream. The name is determined from the pcap utility function pcap_datalink_val_to_name Link to ticket: https://redmine.openinfosecfoundation.org/issues/6954 Describe...
Continuation of #1853 Issue: 6954 Ensure that the linktype_name is included in the alerts. Updates: - Modify existing test cases to expand the range of linktype name values. ## Ticket...
Issue: 7129 ## Ticket If your pull request is related to a Suricata ticket, please provide the full URL to the ticket here so this pull request can monitor changes...
Continuation of #11564 Issue: 6954 This commit adds the linktype name to the output stream. The name is determined from the pcap utility function pcap_datalink_val_to_name Link to ticket: https://redmine.openinfosecfoundation.org/issues/6954 Describe...
Continuation of #11557 Issue: 7129 Create a decode/engine event if unknown ethertypes are observed. Link to ticket: https://redmine.openinfosecfoundation.org/issues/7129 Describe changes: - Add an event created when unknown ethertypes are observed...
Continuation of #11652 When configured, include the reference value in the alert. The configuration value is in the `alert` section: types.alert.reference. The default value is off/no. Set to yes to...