Hello. Is there a way to have suricata include the ‘short name’ of a classtype (from classification.config) in the all-eve.log? Suricata includes the classification description but not the ‘short name’.
For example, config classification: successful-admin,Successful Administrator Privilege Gain,1 I’d like to include successful-admin
Thanks.
Hi, Did you find a solution to this ? I’d like to do the same thing.
Overlooked this back in June. There is no way to do this currently, but it probably wouldn’t be hard. Feel free to open a feature ticket for it.
Hi,
Thanks. I hate to ask such a ‘stupid’ question … but it is not obvious to me where to submit a feature ticket.
Thanks,
Michael
Its not a stupid question. Its perfectly alright to ask. 
Please do so on https://redmine.openinfosecfoundation.org
Thanks, Victor and Shivani. I ended up using the classification description for our needs, but I will definitely submit a feature request for this, too.