[Snort-devel] Snort.org Blog: Snort 2.9.1 beta coming soon!

Randal T. Rioux randy at ...3004...
Thu Jun 16 00:15:52 EDT 2011


Joel - I don't have the time right now to check, but can you verify that
the schemas on the BY2 git site are the most recent from SF:

https://github.com/firnsy/barnyard2/tree/master/schemas

We'll start hacking those once we talk internally about the road forward.

Thanks!
Randy


On 6/15/2011 10:44 PM, Joel Esler wrote:
> I'll put out a blog post closer to the next release targeting what
> output methods will remain and which ones will be depreciated.
> 
> Firnsy -- For now, the sql files are in the contrib/ directory of the
> Snort tarball if you want to go ahead and grab those.
> 
> Joel
> 
> 
> On Jun 15, 2011, at 10:26 PM, Steven Sturges wrote:
> 
>> To allow users time to transition, we'll add some warnings about 
>> the database output plugin in Snort being deprecated in a future 
>> release, just as we've done with other deprecated features before 
>> they are removed.  From there, we'd plan to fully remove support 
>> with the following (3 digit) release.
>> 
>> The schema files (mysql, MS SQL, Oracle, Postgres, DB2) will be 
>> maintained external to Snort.
>> 
>> The idea is to make unified2 the primary logging mechanism for 
>> binary data.  We would still keep tcpdump/pcap.
>> 
>> This will simplify the build process for Snort for everyone, as 
>> well as minimizing our required testing coverage.
>> 
>> Cheers. -steve
>> 
>> On 6/15/11 2:20 PM, Joel Esler wrote:
>>> Steve -- Can you chime in here with what we discussed yesterday
>>> in your office?
>>> 
>>> Joel
>>> 
>>> On Jun 15, 2011, at 8:54 AM, firnsy wrote:
>>> 
>>>> On 15/06/11 07:07, Joel Esler wrote:
>>>>> On Jun 14, 2011, at 2:59 PM, Randal T. Rioux wrote:
>>>>>> On 6/14/2011 11:19 AM, Joel Esler wrote:
>>>>>>> So is the barnyard2 project willing to take over
>>>>>>> maintenance of the sql schema totally?  We'd like to
>>>>>>> remove it from the Snort tarball along with the
>>>>>>> direct-to-db output method.
>>>>>> 
>>>>>> I'll chime in and say yes - whether it be firnsy, myself,
>>>>>> etc.
>>>>>> 
>>>>>> I started this for my own project a couple years ago and
>>>>>> have wanted to do this for a while!
>>>>> 
>>>> 
>>>> I'll second Randy here and say yes the barnyard2 project is
>>>> willing to take over maintenance of the schema in its
>>>> entirety.
>>>> 
>>>>> Roger.  Let us talk over some things internally about how we
>>>>> are going to handle this, and in what versions.  I'll ping
>>>>> you back.
>>>>> 
>>>> 
>>>> Sure, we can discuss this further offline when you have more
>>>> details of how you want to handover.
>>>> 
>>>> Regards, firnsy





More information about the Snort-devel mailing list