[Snort-devel] New output processor

Paul Poh paul at ...1481...
Thu Nov 14 22:43:04 EST 2002


Enclosed is a patch against snort 1.9.0 for the output processor that I 
mentioned earlier today.

The unified output server provides a similar format as the unified 
format except that it is available as a server where any client using 
SSL for authentication and encrpytion may connect to snort to receive 
the alerting and logging information.

The output processor is currently of limited usefulness since no clients 
are available. However, I do intend to continue work on it.

The idea behind the output processor is to allow for centralized 
collation of snort data.

The diff also contains some minor config changes which allow snort to be 
built as a smaller binary by conditionally compiling in only selected 
output processors. I wanted to look at a smaller binary because I wanted 
to be able to build snort for a floppy system.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: snort.patch.gz
Type: application/x-gzip
Size: 16247 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20021114/3b5388d8/attachment.bin>


More information about the Snort-devel mailing list