[prev in list] [next in list] [prev in thread] [next in thread]
List: snort-devel
Subject: [Snort-devel] barnyard2 beta supports all Snort output plugins,
From: "firnsy" <firnsy () securixlive ! com>
Date: 2009-05-02 8:42:46
Message-ID: 034601c9cb00$4a8aaad0$dfa00070$ () com
[Download RAW message or body]
This is a multipart message in MIME format.
[Attachment #2 (multipart/alternative)]
This is a multipart message in MIME format.
G'day All,
We've just released a beta of barnyard2-1.5 which should cover a lot more
setups than previously possible.
What does that mean? Well given the large amount of refactoring that has
occurred in the spooler it is now MUCH easier to maintain and convert Snort
output plugins to work with barnyard2. Now all snort plugins but one
(alert_sf_socket) are integrated.
The new plugins are:
1. spo_alert_arrubaaction
2. spo_alert_full
3. spo_alert_prelude
4. spo_alert_unixsock
5. spo_csv
6. spo_log_ascii
7. spo_log_null
8. spo_log_tcpdump
Not all plugins have been tested as we don't have enough test environments
to give them a good soaking. All feedback (good or bad) is welcome :)
- firnsy
[Attachment #5 (text/html)]
<html xmlns:v="urn:schemas-microsoft-com:vml" \
xmlns:o="urn:schemas-microsoft-com:office:office" \
xmlns:w="urn:schemas-microsoft-com:office:word" \
xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" \
xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 12 (filtered medium)">
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page Section1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal>G’day All,<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>We’ve just released a beta of barnyard2-1.5 which should
cover a lot more setups than previously possible.<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>What does that mean? Well given the large amount of
refactoring that has occurred in the spooler it is now MUCH easier to maintain
and convert Snort output plugins to work with barnyard2. Now all snort plugins but
one (alert_sf_socket) are integrated. <o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>The new plugins are: <o:p></o:p></p>
<p class=MsoNormal> 1. spo_alert_arrubaaction<o:p></o:p></p>
<p class=MsoNormal> 2. spo_alert_full<o:p></o:p></p>
<p class=MsoNormal> 3. spo_alert_prelude<o:p></o:p></p>
<p class=MsoNormal> 4. spo_alert_unixsock<o:p></o:p></p>
<p class=MsoNormal> 5. spo_csv<o:p></o:p></p>
<p class=MsoNormal> 6. spo_log_ascii<o:p></o:p></p>
<p class=MsoNormal> 7. spo_log_null<o:p></o:p></p>
<p class=MsoNormal> 8. spo_log_tcpdump<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>Not all plugins have been tested as we don’t have
enough test environments to give them a good soaking. All feedback (good or
bad) is welcome :)<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal>- firnsy<o:p></o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
<p class=MsoNormal><o:p> </o:p></p>
</div>
</body>
</html>
------------------------------------------------------------------------------
Register Now & Save for Velocity, the Web Performance & Operations
Conference from O'Reilly Media. Velocity features a full day of
expert-led, hands-on workshops and two days of sessions from industry
leaders in dedicated Performance & Operations tracks. Use code vel09scf
and Save an extra 15% before 5/3. http://p.sf.net/sfu/velocityconf
_______________________________________________
Snort-devel mailing list
Snort-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic