Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

http: move xff logging to alert object #7148

Closed
wants to merge 1 commit into from
Closed

http: move xff logging to alert object #7148

wants to merge 1 commit into from

Conversation

catenacyber
Copy link
Contributor

@catenacyber catenacyber commented Mar 17, 2022
edited
Loading

Link to redmine ticket:
https://redmine.openinfosecfoundation.org/issues/4860
but also https://redmine.openinfosecfoundation.org/issues/1369

Describe changes:

  • http : move logged field xff from root to alert.xff

suricata-verify-pr: 796
OISF/suricata-verify#796

Replaces #7051 with moving into alert instead of taking care of http stuff

@catenacyber
http: move xff logging to alert object
463555f 
Ticket: 4860

instead of root field
@catenacyber catenacyber requested review from norg and a team as code owners March 17, 2022 20:45
@catenacyber catenacyber mentioned this pull request Mar 17, 2022
Closed
@catenacyber
Copy link
Contributor Author

I need to update the S-V test...

@suricata-qa
Copy link

Information: QA ran without warnings.

Pipeline 6590

@codecov
Copy link

codecov bot commented Mar 18, 2022
edited
Loading

Codecov Report

Merging #7148 (463555f) into master (3a490fb) will increase coverage by 0.07%.
The diff coverage is 90.00%.

@@            Coverage Diff             @@
##           master    #7148      +/-   ##
==========================================
+ Coverage   78.06%   78.14%   +0.07%     
==========================================
  Files         628      628              
  Lines      185266   185272       +6     
==========================================
+ Hits       144635   144783     +148     
+ Misses      40631    40489     -142
Flag Coverage Δ
fuzzcorpus 60.27% <70.00%> (+0.28%) ⬆️
suricata-verify 54.58% <80.00%> (-0.02%) ⬇️
unittests 63.12% <0.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

jasonish
jasonish approved these changes Mar 24, 2022
View reviewed changes
Copy link
Member

@jasonish jasonish left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. I think the SV PR should be split so this can be merged without the schema stuff.

@catenacyber catenacyber mentioned this pull request Mar 25, 2022
Merged
@catenacyber
Copy link
Contributor Author

Looks good to me. I think the SV PR should be split so this can be merged without the schema stuff.

Done cf OISF/suricata-verify#797 and OISF/suricata-verify#796

This was referenced Mar 29, 2022
Merged
Merged
@victorjulien
Copy link
Member

Merged in #7187, thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasonish jasonish jasonish approved these changes

@norg norg Awaiting requested review from norg

Assignees

@jasonish jasonish

Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@catenacyber @suricata-qa @victorjulien @jasonish