Suricata
  • 1. What is Suricata
  • 2. Quickstart guide
  • 3. Installation
  • 4. Upgrading
  • 5. Security Considerations
  • 6. Support Status
  • 7. Command Line Options
  • 8. Suricata Rules
  • 9. Rule Management
  • 10. Making sense out of Alerts
  • 11. Performance
  • 12. Configuration
  • 13. Reputation
  • 14. Init Scripts
  • 15. Output
  • 16. Lua support
  • 17. File Extraction
  • 18. Public Datasets (PCAPs)
  • 19. Using Capture Hardware
  • 20. Interacting via Unix Socket
  • 21. Plugins
  • 22. IPS Mode
  • 23. Firewall Mode
  • 24. 3rd Party Integration
  • 25. Man Pages
  • 26. Acknowledgements
  • 27. Licenses
  • 28. Suricata Developer Guide
    • 28.1. Working with the Codebase
    • 28.2. Contributing
    • 28.3. Suricata Internals
    • 28.4. Extending Suricata
      • 28.4.1. Packet Capture
      • 28.4.2. Packet Decoder
      • 28.4.3. App-Layer
      • 28.4.4. Detection
      • 28.4.5. Exception Policies
      • 28.4.6. Output
      • 28.4.7. EVE Filetypes
      • 28.4.8. EVE Hooks
    • 28.5. LibSuricata and Plugins
    • 28.6. Upgrading
  • 29. Verifying Suricata Source Distribution Files
  • 30. Appendix
  • 31. Known Issues
Suricata
  • 28. Suricata Developer Guide
  • 28.4. Extending Suricata
  • View page source

28.4. Extending Suricata

  • 28.4.1. Packet Capture
  • 28.4.2. Packet Decoder
  • 28.4.3. App-Layer
    • 28.4.3.1. Application Layer Overview
    • 28.4.3.2. Application Layer Frame Support
    • 28.4.3.3. Parsers
    • 28.4.3.4. Transactions
  • 28.4.4. Detection
    • 28.4.4.1. Rate Filter Callback
  • 28.4.5. Exception Policies
    • 28.4.5.1. Extending
    • 28.4.5.2. Adding a New Policy
    • 28.4.5.3. Adding a New Exception Policy
    • 28.4.5.4. Testing
  • 28.4.6. Output
    • 28.4.6.1. Low Level Logging
  • 28.4.7. EVE Filetypes
    • 28.4.7.1. Introduction
    • 28.4.7.2. EVE Filetype Life Cycle
    • 28.4.7.3. Threading Considerations
    • 28.4.7.4. Write Considerations
    • 28.4.7.5. Registration
    • 28.4.7.6. Examples
  • 28.4.8. EVE Hooks
    • 28.4.8.1. Registration
    • 28.4.8.2. Callback
    • 28.4.8.3. Example
Previous Next

© Copyright 2016-2026, OISF.

Built with Sphinx using a theme provided by Read the Docs.