From ca437251769196bb80e082c1c968fcaa2b96deb6 Mon Sep 17 00:00:00 2001
From: jvoisin
Date: Mon, 4 Dec 2017 17:47:13 +0100
Subject: Improve the `.dump` filter

---
 doc/source/features.rst | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'doc/source')

diff --git a/doc/source/features.rst b/doc/source/features.rst
index 407c0c0..e560925 100644
--- a/doc/source/features.rst
+++ b/doc/source/features.rst
@@ -345,6 +345,11 @@ line number. By using the *right* set of restrictive rules (or by using the
 *overly* restrictives ones in ``simulation`` mode), you might be able
 to gather interesting vulnerabilities used against your website.
 
+Dumps are stored in the folder that you pass to the ``dump()`` filter,
+in files named ``sp_dump.SHA`` with ``SHA`` being the *sha256* of the
+rule that matched. This approach allows to mitigate denial of services attacks
+that could fill up your filesystem.
+
 
 Misc low-hanging fruits in the default configuration file
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
-- 
cgit v1.3