27.4.5.1. EVE JSON Output

Extensive Event Format (EVE) JSON logs are the main log format for Suricata, used to output alerts, anomalies, metadata, fileinfo, protocol specific records and more through JSON. (Read more: Eve JSON Output)

For application layer protocols supported by Suricata, there is native EVE logging output. To extend Suricata's EVE output, it is possible to use our EVE output plugin.