Hi Suricata Community,
I am currently working on a project where I need to capture the full HTTP request data (including headers and bodies, if possible) in the logs generated by Suricata. I have reviewed some of the documentation and configuration options but am still unsure about the best approach to achieve this.
Could anyone provide guidance on:
- The specific Suricata configuration changes or options required to capture full HTTP request data.
- Whether there are any performance considerations or limitations I should be aware of when enabling this level of detail in the logs.
- Any tools or methods to easily parse and analyze these logs after they are captured.
Any advice, examples, or references to relevant documentation would be greatly appreciated.