Output notx 6846 backport7 v3 #11126
Closed
Commits on May 23, 2024
-
output: do not use tx id 0 when there is no tx
Ticket: 6846 This led to packet rules logging irrelevant app-layer data (cherry picked from commit 910f6af)
-
output/alert: check flag before logging app-layer
Ticket: 6846 (cherry picked from commit 2b4e102)
-
detect: use direction-based tx for app-layer logging
When we only have stream matches. Ticket: 6846 This solves the case where another transaction was created by parsing data in the other direction, before running the detection. Like 1. get data in direction 1 2. acked data: parse it, but do not run detection in dir 1 3. other data in direction 2 4. other data acked : parse it and create new tx, then run detection for direction 1 with data from first packet (cherry picked from commit 7274ad5)
-
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.