Update Sguil output plugin (spo_sguil.c) to pull ip information from the event data if a packet does not exist for the event #45

Closed
wants to merge 2 commits into
from

Conversation

Projects
None yet
3 participants
Contributor

bradvoth commented Sep 24, 2012

... event data if a packet does not exist for the event

@bradvoth bradvoth Update Sguil output plugin (spo_sguil.c) to pull ip information from …
…the event data if a packet does not exist for the event
4ad78c0
Collaborator

binf commented Sep 24, 2012

But beside that it seem's all good.

Contributor

bradvoth commented Sep 24, 2012

Seems reasonable, my only use case only hits on UNIFIED2_IDS_EVENT_VLAN, that's why it's like that.

Collaborator

binf commented Sep 24, 2012

I unserstand but technically it could also occur for those other cases. So i think its worth expending the condition if you want to generalize your patch.

btw can you send me an e-mail beenphgmail

Owner

firnsy commented Nov 4, 2012

@bradvoth: thanks, i joined this as one commit and manually merged in as 701ccc1

firnsy closed this Nov 4, 2012

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment