doc: state that payload-length includes the gaps

author Philippe Antoine <pantoine@oisf.net>

Mon, 24 Jun 2024 20:13:55 +0000 (22:13 +0200)

committer Victor Julien <victor@inliniac.net>

Tue, 9 Jul 2024 10:15:25 +0000 (12:15 +0200)
author Philippe Antoine <pantoine@oisf.net>
Mon, 24 Jun 2024 20:13:55 +0000 (22:13 +0200)
committer Victor Julien <victor@inliniac.net>
Tue, 9 Jul 2024 10:15:25 +0000 (12:15 +0200)
diff --git a/doc/userguide/output/eve/eve-json-output.rst b/doc/userguide/output/eve/eve-json-output.rst

index 0f7191cc233d0e538304fe2f758e3dd0f3fb67b3..4e0694cdb501abdf74e07c172114da1e355645e2 100644 (file)
--- a/doc/userguide/output/eve/eve-json-output.rst
+++ b/doc/userguide/output/eve/eve-json-output.rst
@@ -68,7 +68,7 @@ Metadata::
              #payload: yes             # enable dumping payload in Base64
              #payload-buffer-size: 4kb # max size of payload buffer to output in eve-log
              #payload-printable: yes   # enable dumping payload in printable (lossy) format
-            #payload-length: yes      # enable dumping payload length
+            #payload-length: yes      # enable dumping payload length, including the gaps
              #packet: yes              # enable dumping of packet (without stream segments)
              #http-body: yes           # Requires metadata; enable dumping of http body in Base64
              #http-body-printable: yes # Requires metadata; enable dumping of http body in printable format
diff --git a/doc/userguide/partials/eve-log.yaml b/doc/userguide/partials/eve-log.yaml

index b0104e9a48320a25bb64b189d69c02de1ca50a4d..a96bc90e8a1b4cde0ef76b91578c6aaf3d413c95 100644 (file)
--- a/doc/userguide/partials/eve-log.yaml
+++ b/doc/userguide/partials/eve-log.yaml
@@ -72,7 +72,7 @@ outputs:
              # payload: yes             # enable dumping payload in Base64
              # payload-buffer-size: 4kb # max size of payload buffer to output in eve-log
              # payload-printable: yes   # enable dumping payload in printable (lossy) format
-            # payload-length: yes      # enable dumping payload length
+            # payload-length: yes      # enable dumping payload length, including the gaps
              # packet: yes              # enable dumping of packet (without stream segments)
              # metadata: no             # enable inclusion of app layer metadata with alert. Default yes
              # http-body: yes           # Requires metadata; enable dumping of HTTP body in Base64
diff --git a/suricata.yaml.in b/suricata.yaml.in

index 002f0a5044fd85419b9036c7c757de405a50b2e4..05f5a52aec163d1216cb0f4ba8923c2a6a93d1b7 100644 (file)
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -164,7 +164,7 @@ outputs:
              # payload: yes             # enable dumping payload in Base64
              # payload-buffer-size: 4kb # max size of payload buffer to output in eve-log
              # payload-printable: yes   # enable dumping payload in printable (lossy) format
-            # payload-length: yes      # enable dumping payload length
+            # payload-length: yes      # enable dumping payload length, including the gaps
              # packet: yes              # enable dumping of packet (without stream segments)
              # metadata: no             # enable inclusion of app layer metadata with alert. Default yes
              # http-body: yes           # Requires metadata; enable dumping of HTTP body in Base64
author	Philippe Antoine <pantoine@oisf.net>
	Mon, 24 Jun 2024 20:13:55 +0000 (22:13 +0200)
committer	Victor Julien <victor@inliniac.net>
	Tue, 9 Jul 2024 10:15:25 +0000 (12:15 +0200)
doc/userguide/output/eve/eve-json-output.rst		patch \| blob \| blame \| history
doc/userguide/partials/eve-log.yaml		patch \| blob \| blame \| history
suricata.yaml.in		patch \| blob \| blame \| history