From: Jason Ish Date: Sat, 12 Oct 2019 15:59:46 +0000 (-0600) Subject: suricata.yaml/dns: small cleanups, not that default is v2 X-Git-Tag: suricata-5.0.0~4 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=16221c0b33f1b83277ccc9c7e1ddacc2f6d497a6;p=thirdparty%2Fsuricata.git suricata.yaml/dns: small cleanups, not that default is v2 Note that the eve dns log format is version 2 by default. Make the value of commented out values their default. Update the comment on the types to better reflect what it does. --- diff --git a/suricata.yaml.in b/suricata.yaml.in index decefaed80..d78ac70d3e 100644 --- a/suricata.yaml.in +++ b/suricata.yaml.in @@ -200,16 +200,14 @@ outputs: - dns: # This configuration uses the new DNS logging format, # the old configuration is still available: - # http://suricata.readthedocs.io/en/latest/configuration/suricata-yaml.html#eve-extensible-event-format - # Use version 2 logging with the new format: - # DNS answers will be logged in one single event - # rather than an event for each of it. - # Without setting a version the version - # will fallback to 1 for backwards compatibility. - version: 2 + # https://suricata.readthedocs.io/en/latest/output/eve/eve-json-output.html#dns-v1-format + + # As of Suricata 5.0, version 2 of the eve dns output + # format is the default. + #version: 2 # Enable/disable this logger. Default: enabled. - #enabled: no + #enabled: yes # Control logging of requests and responses: # - requests: enable logging of DNS queries @@ -224,8 +222,8 @@ outputs: # Default: all #formats: [detailed, grouped] - # Answer types to log. - # Default: all + # Types to log, based on the query type. + # Default: all. #types: [a, aaaa, cname, mx, ns, ptr, txt] - tls: extended: yes # enable this for extended logging information