]> git.ipfire.org Git - thirdparty/suricata.git/commit
projects / thirdparty / suricata.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 75fb352) | patch
detect: add ldap.responses.attribute_type 12980/head
authorAlice Akaki <akakialice@gmail.com>
Sun, 2 Mar 2025 23:41:26 +0000 (19:41 -0400)
committerJason Ish <jason.ish@oisf.net>
Mon, 7 Apr 2025 21:25:04 +0000 (15:25 -0600)
commitd4ec5b976560c73da404a2d4fbe632821fe3ec43
treee7ddc9224610bd8d15c86c7b680e9849755059edtree
parent75fb352bdefd7a7dc4f9ba73d1bf2b9c96922f59commit | diff
detect: add ldap.responses.attribute_type

ldap.responses.attribute_type matches on LDAP attribute type/description
This keyword maps the eve field ldap.responses[].search_result_entry.attributes[].type
It is a sticky buffer
Supports multiple buffer matching
Supports prefiltering

Ticket: #7533
doc/userguide/rules/ldap-keywords.rst diff | blob | blame | history
doc/userguide/rules/multi-buffer-matching.rst diff | blob | blame | history
rust/src/ldap/detect.rs diff | blob | blame | history
Mirror of https://github.com/OISF/suricata.git