Respected Forum Members
I have custom protocol parsers which I am using to parse custom protocols. we get output as json from these parsers.
Now i want to use suricata to perform rules based analysis on this json. what all options i have to perform ids operation on this json data.
also while performing ids operation we need to consider previous packets as well more like a batch processing