[Snort-devel] Database and XML plug-in updates

roman at ...49... roman at ...49...
Fri Jun 15 16:32:05 EDT 2001


A number of changes have been made to the database
and XML output plug-ins.

Database plug-in
==============================
+ introduce schema v103
+ removed support for schema v0, v100-v102 in database plug-in
+ removed duplicate logging of IP addresses as 4-byte octets
+ removed classification level priorities
+ removed classification description from schema
+ removed hard-coded classifications from the create_* scripts.
   Classification information is now logged like a reference;
   on the first instance of a rule, log its classification
+ added support for the 'priority', 'rev', 'sid' rule options

Note: In order to maintain sanity and clean-up code, Snort
v.1.8 will no longer support older database schemas.  All
databases will need to be upgrade to v103. 

XML plug-in
================================
+ support for classification, priority, rev, sid rule options

cheers,
Roman


---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/






More information about the Snort-devel mailing list