Parse ndpi confidence from suricata

2026-04-30 07:59:35 +00:00 · 2024-11-06 12:22:21 +01:00 · 2024-11-06 12:22:21 +01:00 · 57fb25a60d
commit 57fb25a60d
parent 3d87347f4c
2 changed files with 7 additions and 0 deletions
--- a/scripts/lua/modules/check_definitions/syslog/suricata.lua
+++ b/scripts/lua/modules/check_definitions/syslog/suricata.lua
@ -93,6 +93,11 @@ local function parsenDPIMetadata(event_ndpi, flow)
      else
         flow.app_protocol = tonumber(event_ndpi.proto_id)
      end
+      if event_ndpi.confidence then
+         for id, label in pairs(event_ndpi.confidence) do
+            flow.confidence = tonumber(id)
+         end
+      end
   end
 end