]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d45bdb8)
doc/devguide: explain alert logging changes
authorVictor Julien <vjulien@oisf.net>
Tue, 4 Nov 2025 11:34:15 +0000 (12:34 +0100)
committerVictor Julien <vjulien@oisf.net>
Tue, 4 Nov 2025 16:33:07 +0000 (17:33 +0100)
doc/userguide/devguide/upgrading/index.rst patch | blob | blame | history

diff --git a/doc/userguide/devguide/upgrading/index.rst b/doc/userguide/devguide/upgrading/index.rst
index fb5d0c3e6ab189bc6dc4e053d27fc8cdb229f7b6..6c539e85d21cf76883724b4f0a0e38275c3c495f 100644 (file)
--- a/doc/userguide/devguide/upgrading/index.rst
+++ b/doc/userguide/devguide/upgrading/index.rst
@@ -1,6 +1,18 @@
 Upgrading
 =========
 
+Upgrading 8.0 to 9.0
+--------------------
+
+Alert Logging
+~~~~~~~~~~~~~
+
+Alert logging is done by iterating the `PacketAlert` entries in `Packet::alerts`. In 9.0
+it is important to check the `PacketAlert::action` field for the `ACTION_ALERT` flag. If
+this flag is not set, no alert should be generated. This is to support the `pass`-rule
+usecase better.
+
+
 Upgrading 7.0 to 8.0
 --------------------
 
Mirror of https://github.com/OISF/suricata.git