Added payload-buffer-size option to yaml configuration

diff --git a/suricata.yaml.in b/suricata.yaml.in
index f307b7a8d363379c78acd8bf1acf464345db4224..b5d292ca8a796ac16a3f505c12c32ce7ca65764d 100644 (file)
--- a/suricata.yaml.in
+++ b/suricata.yaml.in
@@ -118,13 +118,14 @@ outputs:
       #    batch-size: 10 ## number of entry to keep in buffer
       types:
         - alert:
-            # payload: yes           # enable dumping payload in Base64
-            # payload-printable: yes # enable dumping payload in printable (lossy) format
-            # packet: yes            # enable dumping of packet (without stream segments)
-            # http: yes              # enable dumping of http fields
-            # tls: yes               # enable dumping of tls fields
-            # ssh: yes               # enable dumping of ssh fields
-            # smtp: yes              # enable dumping of smtp fields
+            # payload: yes             # enable dumping payload in Base64
+            # payload-buffer-size: 4kb # max size of payload buffer to output in eve-log
+            # payload-printable: yes   # enable dumping payload in printable (lossy) format
+            # packet: yes              # enable dumping of packet (without stream segments)
+            # http: yes                # enable dumping of http fields
+            # tls: yes                 # enable dumping of tls fields
+            # ssh: yes                 # enable dumping of ssh fields
+            # smtp: yes                # enable dumping of smtp fields
 
             # HTTP X-Forwarded-For support by adding an extra field or overwriting
             # the source or destination IP address (depending on flow direction)