17 commits

Author	SHA1	Message	Date
Alfredo Cardigliano	b7d459dd2b	Moved strdup for JSON/TLV strings from Flow to Parser to handle non-null-terminated strings	2019-09-13 12:36:19 +02:00
Alfredo Cardigliano	9bd00fa0ee	Support for encoding additional fields to TLV	2019-09-10 20:50:34 +02:00
Alfredo Cardigliano	2c81afd678	Setting severity for IDS alerts	2019-08-28 03:38:01 +02:00
Alfredo Cardigliano	f8af84df2d	SyslogParserInterface now supports the companion interface for delivering Suricata alerts to a packet interface (#1928)	2019-08-27 17:53:34 +02:00
Simone Mainardi	115378f8fc	Fixes ja3s_hash initialization in copy constructor	2019-07-30 15:54:08 +02:00
Alfredo Cardigliano	babab56394	Handling http ret code, dns query type and ret code from the ZMQ parser	2019-07-26 16:12:35 +00:00
Alfredo Cardigliano	dc435fd7a3	Parsing missing IE from the default cento/nprobe template to avoid using 'additional fields' (performance boost +35% - 195Kfps)	2019-07-26 15:30:35 +00:00
Alfredo Cardigliano	289e787da7	Creating the flow additional fields json object only when required	2019-07-26 12:54:40 +00:00
Simone Mainardi	f2b90f5c48	Fixes flows direction when receiving eBPF events	2019-06-17 15:02:36 +02:00
Simone Mainardi	9cbd7caabe	Additional fixes for eBPF client/server processes	2019-06-14 17:33:53 +02:00
Simone Mainardi	ae8d1b828e	Fixes eBPF client/server processes	2019-06-14 16:04:15 +02:00
Simone Mainardi	ace94bd786	Prevents eBPF events from being set for standard nProbe flows	2019-05-15 17:59:52 +02:00
Simone Mainardi	7eedde24e3	Dispatches eBPF events using class ParsedFlow	2019-05-13 13:04:06 +02:00
Simone Mainardi	c95bdc7aa4	Implements class ParsedeBPF to handle eBPF events	2019-05-13 11:56:24 +02:00
Simone Mainardi	16c4772c03	Code cleanup	2019-05-10 19:51:52 +02:00
Simone Mainardi	12d8d1147b	Uses class destructor to free json object mem	2019-05-10 19:40:41 +02:00
Simone Mainardi	ab92ee7926	Converts ZMQ PODs to classes	2019-05-10 19:32:34 +02:00