git.ipfire.org Git - thirdparty/suricata.git/commit

author	Alice Akaki <akakialice@gmail.com>
	Thu, 6 Feb 2025 06:07:05 +0000 (02:07 -0400)
committer	Victor Julien <victor@inliniac.net>
	Wed, 5 Mar 2025 14:59:53 +0000 (15:59 +0100)
commit	84605db01d21de421836c98addb3109bd2ea3e4b
tree	3274201e851f6f577de4007ddcf35ae3841dcdbd	tree
parent	d827728661696f64ff378f682165ba00bff84be9	commit \| diff

detect: add ldap.responses.result_code

ldap.responses.result_code matches on LDAP result code
This keyword maps the following eve fields:
ldap.responses[].bind_response.result_code
ldap.responses[].search_result_done.result_code
ldap.responses[].modify_response.result_code
ldap.responses[].add_response.result_code
ldap.responses[].del_response.result_code
ldap.responses[].mod_dn_response.result_code
ldap.responses[].compare_response.result_code
ldap.responses[].extended_response.result_code
It is an unsigned 32-bit integer
Doesn't support prefiltering

Ticket: #7532

doc/userguide/rules/ldap-keywords.rst		diff \| blob \| blame \| history
rust/src/ldap/detect.rs		diff \| blob \| blame \| history
rust/src/ldap/logger.rs		diff \| blob \| blame \| history
rust/src/ldap/types.rs		diff \| blob \| blame \| history