From: Eric Leblond <eric@regit.org>
Date: Tue, 12 May 2015 14:53:20 +0000 (+0200)
Subject: email-json: add 'date' field extraction
X-Git-Tag: suricata-3.0RC1~99
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f81f353d1f75a790dc84a200aa25a2fe38e142bc;p=thirdparty%2Fsuricata.git

email-json: add 'date' field extraction
---

diff --git a/src/output-json-email-common.c b/src/output-json-email-common.c
index 7af0b70bbd..30b8c62fa7 100644
--- a/src/output-json-email-common.c
+++ b/src/output-json-email-common.c
@@ -83,6 +83,7 @@ struct {
     { "sensitivity",  "sensitivity", LOG_EMAIL_DEFAULT },
     { "organization",  "organization", LOG_EMAIL_DEFAULT },
     { "content_md5",  "content-md5", LOG_EMAIL_DEFAULT },
+    { "date", "date", LOG_EMAIL_DEFAULT },
     { NULL, NULL, LOG_EMAIL_DEFAULT},
 };
 
diff --git a/suricata.yaml.in b/suricata.yaml.in
index 3833a973f2..07a7d7947b 100644
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -144,7 +144,7 @@ outputs:
             # custom fields logging from the list:
             #  reply-to, bcc, message-id, subject, x-mailer, user-agent, received,
             #  x-originating-ip, in-reply-to, references, importance, priority,
-            #  sensitivity, organization, content-md5
+            #  sensitivity, organization, content-md5, date
             #custom: [received, x-mailer, x-originating-ip, relays, reply-to, bcc]
             # output md5 of fields: body, subject
             # for the body you need to set app-layer.protocols.smtp.mime.body-md5