[Snort-devel] Database and XML plug-in updates

roman at ...49... roman at ...49...
Mon Jun 18 09:28:02 EDT 2001


ACID does not yet support classification or
priorities.  The process is iterative: first the
DB plugin (and XML plugin), then ACID.

Support for v103 is coming.

Roman

> What about ACID? looks like it does not support v103 by now, or do I
> miss something?
> 
> regards,
> Vitaly.
> 
> roman at ...49... wrote:
> > 
> > A number of changes have been made to the database
> > and XML output plug-ins.
> > 
> > Database plug-in
> > ==============================
> > + introduce schema v103
> > + removed support for schema v0, v100-v102 in database plug-in
> > + removed duplicate logging of IP addresses as 4-byte octets
> > + removed classification level priorities
> > + removed classification description from schema
> > + removed hard-coded classifications from the create_* scripts.
> >    Classification information is now logged like a reference;
> >    on the first instance of a rule, log its classification
> > + added support for the 'priority', 'rev', 'sid' rule options
> > 
> > Note: In order to maintain sanity and clean-up code, Snort
> > v.1.8 will no longer support older database schemas.  All
> > databases will need to be upgrade to v103.
> > 
> > XML plug-in
> > ================================
> > + support for classification, priority, rev, sid rule options
> > 
> > cheers,
> > Roman
> > 
> > ---------------------------------------------
> > This message was sent using Voicenet WebMail.
> >       http://www.voicenet.com/webmail/
> > 
> > _______________________________________________
> > Snort-devel mailing list
> > Snort-devel at lists.sourceforge.net
> > http://lists.sourceforge.net/lists/listinfo/snort-devel
> 
> 



---------------------------------------------
This message was sent using Voicenet WebMail.
      http://www.voicenet.com/webmail/






More information about the Snort-devel mailing list