From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Sat, 28 Sep 2019 12:57:29 +0000 (-0400)
Subject: logging/alert: Expand alert logging description
X-Git-Tag: suricata-5.0.0~46
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=af615baaf700506476a168d57d26f1367c4907d4;p=thirdparty%2Fsuricata.git

logging/alert: Expand alert logging description

Clarify the configuration requirements for alerts and http-body logging.
---

diff --git a/suricata.yaml.in b/suricata.yaml.in
index 20e512b1be..c9852c010e 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -148,9 +148,9 @@ outputs:
             # payload-buffer-size: 4kb # max size of payload buffer to output in eve-log
             # payload-printable: yes   # enable dumping payload in printable (lossy) format
             # packet: yes              # enable dumping of packet (without stream segments)
-            # http-body: yes           # enable dumping of http body in Base64
-            # http-body-printable: yes # enable dumping of http body in printable format
             # metadata: no             # enable inclusion of app layer metadata with alert. Default yes
+            # http-body: yes           # Requires metadata; enable dumping of http body in Base64
+            # http-body-printable: yes # Requires metadata; enable dumping of http body in printable format
 
             # Enable the logging of tagged packets for rules using the
             # "tag" keyword.