]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 84605db) | patch
detect: add ldap.responses.message
authorAlice Akaki <akakialice@gmail.com>
Tue, 11 Feb 2025 08:20:33 +0000 (04:20 -0400)
committerVictor Julien <victor@inliniac.net>
Wed, 5 Mar 2025 14:59:53 +0000 (15:59 +0100)
commit137f7fe6528543cf2e23c60fa438978d62a53b66
treeee75e77ff4fff70cf5917401b1298c8bab876f93tree | snapshot
parent84605db01d21de421836c98addb3109bd2ea3e4bcommit | diff
detect: add ldap.responses.message

ldap.responses.message matches on LDAPResult error message
This keyword maps the following eve fields:
ldap.responses[].bind_response.message
ldap.responses[].search_result_done.message
ldap.responses[].modify_response.message
ldap.responses[].add_response.message
ldap.responses[].del_response.message
ldap.responses[].mod_dn_response.message
ldap.responses[].compare_response.message
ldap.responses[].extended_response.message
It is a sticky buffer
Supports prefiltering

Ticket: #7532
doc/userguide/rules/ldap-keywords.rst diff | blob | blame | history
rust/src/ldap/detect.rs diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git