email-json: add 'date' field extraction

author Eric Leblond <eric@regit.org>

Tue, 12 May 2015 14:53:20 +0000 (16:53 +0200)

committer Eric Leblond <eric@regit.org>

Tue, 6 Oct 2015 21:30:45 +0000 (23:30 +0200)
author Eric Leblond <eric@regit.org>
Tue, 12 May 2015 14:53:20 +0000 (16:53 +0200)
committer Eric Leblond <eric@regit.org>
Tue, 6 Oct 2015 21:30:45 +0000 (23:30 +0200)
diff --git a/src/output-json-email-common.c b/src/output-json-email-common.c

index 7af0b70bbd04915cb7908a3cb45694e1f4291d8d..30b8c62fa756495d85f096fd6a63cda275ba9214 100644 (file)
--- a/src/output-json-email-common.c
+++ b/src/output-json-email-common.c
@@ -83,6 +83,7 @@ struct {
      { "sensitivity",  "sensitivity", LOG_EMAIL_DEFAULT },
      { "organization",  "organization", LOG_EMAIL_DEFAULT },
      { "content_md5",  "content-md5", LOG_EMAIL_DEFAULT },
+    { "date", "date", LOG_EMAIL_DEFAULT },
      { NULL, NULL, LOG_EMAIL_DEFAULT},
  };
  
diff --git a/suricata.yaml.in b/suricata.yaml.in

index 3833a973f2a4c5f79f59bd3cc02cc70fe5f8996c..07a7d7947bb18f8dfbff5576f5e4e7ee5bbfd625 100644 (file)
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -144,7 +144,7 @@ outputs:
              # custom fields logging from the list:
              #  reply-to, bcc, message-id, subject, x-mailer, user-agent, received,
              #  x-originating-ip, in-reply-to, references, importance, priority,
-            #  sensitivity, organization, content-md5
+            #  sensitivity, organization, content-md5, date
              #custom: [received, x-mailer, x-originating-ip, relays, reply-to, bcc]
              # output md5 of fields: body, subject
              # for the body you need to set app-layer.protocols.smtp.mime.body-md5
author	Eric Leblond <eric@regit.org>
	Tue, 12 May 2015 14:53:20 +0000 (16:53 +0200)
committer	Eric Leblond <eric@regit.org>
	Tue, 6 Oct 2015 21:30:45 +0000 (23:30 +0200)
src/output-json-email-common.c		patch \| blob \| blame \| history
suricata.yaml.in		patch \| blob \| blame \| history