Describe new unified2-alert "payload" option

author Alessandro Guido <ag@alessandroguido.name>

Tue, 8 Sep 2015 09:39:20 +0000 (11:39 +0200)

committer Victor Julien <victor@inliniac.net>

Thu, 8 Oct 2015 08:53:45 +0000 (10:53 +0200)
author Alessandro Guido <ag@alessandroguido.name>
Tue, 8 Sep 2015 09:39:20 +0000 (11:39 +0200)
committer Victor Julien <victor@inliniac.net>
Thu, 8 Oct 2015 08:53:45 +0000 (10:53 +0200)
diff --git a/suricata.yaml.in b/suricata.yaml.in

index e0b5538c4e861dbdb858cc7d6c39aa949af3289e..9ab40098fdba72b416543ab1baab58e7d20f6a36 100644 (file)
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -175,6 +175,10 @@ outputs:
        # Sensor ID field of unified2 alerts.
        #sensor-id: 0
  
+      # Include payload of packets related to alerts. Defaults to true, set to
+      # false if payload is not required.
+      #payload: yes
+
        # HTTP X-Forwarded-For support by adding the unified2 extra header or
        # overwriting the source or destination IP address (depending on flow
        # direction) with the one reported in the X-Forwarded-For HTTP header.
author	Alessandro Guido <ag@alessandroguido.name>
	Tue, 8 Sep 2015 09:39:20 +0000 (11:39 +0200)
committer	Victor Julien <victor@inliniac.net>
	Thu, 8 Oct 2015 08:53:45 +0000 (10:53 +0200)