'[Emerging-Sigs] Emerging Threats ETPro/ETOpen Changelog Storage Notification'

[prev in list] [next in list] [prev in thread] [next in thread] 

List: emerging-sigs
Subject: [Emerging-Sigs] Emerging Threats ETPro/ETOpen Changelog Storage Notification
From: Richard Gonzalez <rgonzalez () emergingthreats ! net>
Date: 2021-02-17 20:20:41
Message-ID: CAAKh5zL-J1rN1dcX3rmOPivksjAm6a_BBOimuM7BLi=J8=k_DA () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]

Dear Emerging Threats Community,

As part of our ongoing efforts to improve the performance of our download
servers, we have identified an issue related to storing the daily
changelogs in a single directory. Each day we create changelogs for each
IDS Engine/Version, ETPro, ET Open, GPL/Non-GPL, and we have been doing so
for over 10 years which has resulted in 46,000+ files in our changelog
directory. In order to improve the performance and availability, we are
making the following changes effective today:

   1. *ETPro and ET Open Changelogs:*
      1. We are separating the changelogs for ETPro and ET Open. ET Open
      changelogs will remain in the
*https://rules.emergingthreats.net/changelogs/
      <https://rules.emergingthreats.net/changelogs/>* directory, while
      ETPro will be moved under
*https://rules.emergingthreats.net/<OINK-CODE>/changelogs/
      <https://rules.emergingthreats.net/%3cOINK-CODE%3e/changelogs/>*
      directory
   2. *Archive Changelogs:*
      1. We will store 90 days of changelogs in the /changelog/ directory
      in clear text.
      2. Changelogs older than 90 days will be placed in the
      /changelog/archive/ directory as follows:

i. Once a year is complete and is older than 90 days, we will TAR full year
changelogs as year.tar, e.g. 2019.tar

ii. Conversely If a year is not yet complete because the changelogs are not
90 days old we will place it in a yearly directory and TAR the full months
until the full year is complete at which point we will TAR it. (e.g. 2020
until March 2021 when all 2020 logs are older than 90 days)

*Q&A:*

   - Is anything changing with the ET Open or ETPro rulesets?
      - No, nothing is changing for the rulesets themselves, the directory,
      the file structure, and formats will remain the exact same. We are only
      changing the changelog files structure which are historical
metadata files
      not used by Snort/Suricata.
   - Is anything changing in the changelog directory or format?
      - With the exception of separating the ETPro and ET Open files to
      conserve space, the files and formats will remain the same.
   - If I have questions where can I go for answers?
      - As always, you can reach out to *support@emergingthreats.net
      <support@emergingthreats.net>* for assistance.

Thanks,

Rich

[Attachment #5 (text/html)]

<div dir="ltr"><div style="box-sizing:border-box"><p style="font-size:14px"><span \
style="font-size:11pt"><font face="arial, sans-serif">Dear Emerging Threats \
Community,</font></span></p>

<p style="font-size:14px"><span style="font-size:11pt"><font face="arial, \
sans-serif"> </font></span></p>

As part of our ongoing efforts to improve the performance of our download \
servers, we have identified an issue related to storing the daily changelogs in a \
single directory. Each day we create changelogs for each IDS Engine/Version, ETPro, \
ET Open, GPL/Non-GPL, and we have been doing so for over 10 years which has resulted \
in 46,000+ files in our changelog directory. In order to improve the performance and \
availability, we are making the following changes effective today:

<p style="font-size:14px"><span style="font-size:11pt"><font face="arial, \
sans-serif"> </font></span></p>

<ol start="1" type="1" style="font-size:14px">

<li style="font-size:11pt"><font face="arial, sans-serif"><b>ETPro and ET Open \
Changelogs:</b>

</font><ol start="1" type="a">

<li style="font-size:11pt">We are separating the \
changelogs for ETPro and ET Open. ET Open changelogs will remain in the <a \
href="https://rules.emergingthreats.net/changelogs/" rel="noreferrer noopener" \
target="_blank" title="https://rules.emergingthreats.net/changelogs/" \
style="color:rgb(104,136,201)" \
tabindex="-1">https://rules.emergingthreats.net/changelogs/</a> directory, while \
ETPro will be moved under <a \
href="https://rules.emergingthreats.net/%3cOINK-CODE%3e/changelogs/" rel="noreferrer \
noopener" target="_blank" \
title="https://rules.emergingthreats.net/%3coink-code%3e/changelogs/" \
style="color:rgb(104,136,201)" \
tabindex="-1">https://rules.emergingthreats.net/&lt;OINK-CODE&gt;/changelogs/</a> \
directory </li></ol>

	</li><li style="font-size:11pt"><font face="arial, sans-serif"><b>Archive \
Changelogs:</b>  
</font><ol start="1" type="a">

<li style="font-size:11pt">We will store 90 days of \
changelogs in the /changelog/ directory in clear text. </li><li \
style="font-size:11pt">Changelogs older than 90 days \
will be placed in the /changelog/archive/ directory as follows: </li></ol>

</li></ol>

\
i. Once a year is complete and is older than 90 days, we will TAR full year \
changelogs as year.tar, e.g. 2019.tar

\
ii. Conversely If a year is not yet complete because the changelogs are not 90 \
days old we will place it in a yearly directory and TAR the full months until the \
full year is complete at which point we will TAR it. (e.g. 2020 until March 2021 when \
all 2020 logs are older than 90 days)

<p style="font-size:14px"><span style="font-size:11pt"><b><font face="arial, \
sans-serif">Q&amp;A:</font></b></span></p>

<p style="font-size:14px"><span style="font-size:11pt"><font face="arial, \
sans-serif"> </font></span></p>

<ul type="disc" style="">

<li style="font-size:11pt">Is anything changing with \
the ET Open or ETPro rulesets? 
<ul type="circle">

<li style="font-size:11pt">No, nothing is changing for \
the rulesets themselves, the directory, the file structure, and formats will remain \
the exact same. We are only changing the changelog files structure which are \
historical metadata files not used by Snort/Suricata. </li></ul>

	</li><li style="font-size:11pt"><font face="arial, sans-serif">Is anything changing \
in the changelog directory or format?  
</font><ul type="circle">

<li style="font-size:11pt">With the exception of \
separating the ETPro and ET Open files to conserve space, the files and formats will \
remain the same. </li></ul>

	</li><li style="font-size:11pt"><font face="arial, sans-serif">If I have questions \
where can I go for answers?  
</font></li><ul type="circle" style="font-size:14px">

<li style="font-size:11pt"><font face="arial, sans-serif">As always, you can reach \
out to <u><a href="mailto:support@emergingthreats.net" rel="noreferrer noopener" \
target="_blank" title="mailto:support@emergingthreats.net" \
style="color:rgb(104,136,201)" tabindex="-1">support@emergingthreats.net</a></u> for \
assistance.</font></li></ul></ul><div><span style="font-size:14.6667px"><font \
face="arial, sans-serif"><br></font></span></div><div><span \
style="font-size:14.6667px"><font face="arial, \
sans-serif">Thanks,</font></span></div><div><span style="font-size:14.6667px"><font \
face="arial, sans-serif"><br></font></span></div><div><span \
style="font-size:14.6667px"><font face="arial, \
sans-serif"><br></font></span></div><div><span style="font-size:14.6667px"><font \
face="arial, sans-serif">Rich</font></span></div></div></div>

[Attachment #6 (text/plain)]

_______________________________________________
Emerging-sigs mailing list
Emerging-sigs@lists.emergingthreats.net
https://lists.emergingthreats.net/mailman/listinfo/emerging-sigs

Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreats.net

[prev in list] [next in list] [prev in thread] [next in thread] 