[Snort-users] announcing a new spo_xml

Roman Danyliw roman at ...438...
Wed May 14 12:21:01 EDT 2003


A new, re-written version of the XML plugin has been added to CVS.  Updated
documentation can be found in docs/README.xml or at
<http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/snort/snort/doc/README.xml>.

A couple of things to note from the previous version:

- configuration options have been changed

- a new DTD is being used (see contrib/snml-0.3.dtd)

- there are external dependencies: libIH and libairutil
    - http://aircert.sourceforge.net/libih/
    - http://aircert.sourceforge.net/libairutil

- spo_xml will not build by default: use ./configure --with-libih --with-libairutil

- the logging behavior (i.e., flushing) have changed a bit

- the code is currently not Windows portable (i.e., the underlying libraries
have no VS project files)

Cheers,
Roman




More information about the Snort-users mailing list