Project

General

Profile

Feature #260

IDMEF XML View in Prewikka

Added by about 12 years ago. Updated over 10 years ago.

Status:
New
Priority:
Normal
Target version:
-
Start date:
Due date:
% Done:

0%

Resolution:

Description

Hey there,

I would suggest the following feature for prewikka: In the detailed alert view

/?view=alert_summary&origin=alert_listing&messageid=$alert.messageid

there should be the possibility to view this event in pure IDMEF XML, too. This would make it easier to get an IDMEF overview and indepth view, as well as it makes it easier to create rules/filters on IDMEF criteria, i.e. if using the smtp plugin or just some other custom filters

History

#1 Updated by Yoann VANDOORSELAERE over 10 years ago

  • Project changed from PRELUDE SIEM to Prewikka
  • Category deleted (5)

Also available in: Atom PDF