Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

improved dumpy integration #21

Open
inliniac opened this issue Aug 28, 2016 · 2 comments
Open

improved dumpy integration #21

inliniac opened this issue Aug 28, 2016 · 2 comments
Labels
feature

Comments

@inliniac
Copy link

It would be nice to have a direct link to a dumpy generated pcap, instead of first opening the dumpy web page. Perhaps some sane defaults about the timerange can be used.

Additionally, if flow/netflow records are enabled perhaps it's possible to correlate them with the alert record, and pass the (net)flow start/end times to dumpy as the duration.
@jasonish
Copy link
Owner

Yes, I think I'll be adding first class support for dumpy. I once had it, but lost it in the rewrite to angular2.

I'm looking at adding a "Flow" panel to the event detail view that shows the flow for the particular event. From there, a quick link to download the entire flow.

@inliniac
Copy link
Author

If we implement this in Suricata it may also be useful: https://redmine.openinfosecfoundation.org/issues/1879

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jasonish @inliniac