upstream/suricata
1
0
Fork 0
mirror of https://github.com/OISF/suricata.git synced 2026-02-16 09:08:05 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 8
suricata/rules/pgsql-events.rules
Juliana Fajardini 1b6f4da23b pgsql: add events 
Events for:
- parsing error when parsing pgsql packet length
- parsing error for pgsql requests (post length parsing)
- parsing error for pgsql responses (post length parsing)
- too many transactions

Include `pgsql-events.rules` file, and PGSQL events SID range definition

Task #5566
2025-02-19 09:21:37 +01:00

8 lines
658 B
Text
Raw Blame History

# PGSQL app-layer event rules
#
# SID range start: 2241000
# SID range end: 2241999
alert pgsql any any -> any any (msg:"SURICATA PGSQL Too many transactions"; app-layer-event:pgsql.too_many_transactions; sid:2241000; rev:1;)
alert pgsql any any -> any any (msg:"SURICATA PGSQL Malformed request"; app-layer-event:pgsql.malformed_request; flow:to_server; sid:2241001; rev:1;)
alert pgsql any any -> any any (msg:"SURICATA PGSQL Malformed response"; app-layer-event:pgsql.malformed_response; flow:to_client; sid:2241002; rev:1;)
alert pgsql any any -> any any (msg:"SURICATA PGSQL Invalid length"; app-layer-event:pgsql.invalid_length; sid:2241003; rev:1;)
Reference in a new issue View git blame Copy permalink