From: Philippe Antoine Date: Wed, 30 Oct 2019 08:12:42 +0000 (+0100) Subject: yaml: clarify comment about dump-all-headers X-Git-Tag: suricata-5.0.1~18 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4a2918e6b5d377fab04600aea4172a22a94e39c0;p=thirdparty%2Fsuricata.git yaml: clarify comment about dump-all-headers Logs a warning if the value is unknown Fixes #2810 --- diff --git a/src/output-json-http.c b/src/output-json-http.c index eb84e0b1ba..2e3a62ecf2 100644 --- a/src/output-json-http.c +++ b/src/output-json-http.c @@ -643,6 +643,10 @@ static OutputInitResult OutputHttpLogInit(ConfNode *conf) http_ctx->flags |= LOG_HTTP_REQ_HEADERS; } else if (strcmp(all_headers, "response") == 0) { http_ctx->flags |= LOG_HTTP_RES_HEADERS; + } else if (strcmp(all_headers, "none") != 0) { + SCLogWarning(SC_WARN_ANOMALY_CONFIG, + "unhandled value for dump-all-headers configuration : %s", + all_headers); } } } diff --git a/suricata.yaml.in b/suricata.yaml.in index d78ac70d3e..aacad7411d 100644 --- a/suricata.yaml.in +++ b/suricata.yaml.in @@ -194,9 +194,9 @@ outputs: # custom allows additional http fields to be included in eve-log # the example below adds three additional fields when uncommented #custom: [Accept-Encoding, Accept-Language, Authorization] - # set this value to one among {both, request, response} to dump all - # http headers for every http request and/or response - # dump-all-headers: [both, request, response] + # set this value to one and only one among {both, request, response} + # to dump all http headers for every http request and/or response + # dump-all-headers: none - dns: # This configuration uses the new DNS logging format, # the old configuration is still available: