Andrew,
It does require changes to support the _logging_ of the generator ID,
though it functions just fine without the support. The acid_db output
plugin, with both log and alert, didn't have a database field to log
that information to until 2.6 introduced schema 107. Most of the other
output plugins, including CSV, console and the syslog plugins, support
and log the generator ID without patching.
Again, I've written a couple patches, all available on my web site,
that provide patches against Barnyard 0.2.0 to help remedy this and
more:
http://colin.grady.us/
Hope this helps,
Colin Grady
On 5/10/06, Andrew R. Baker <andrewb@xxxxxxxxx> wrote:
Barnyard shouldn't need any changes to work with Snort 2.6. It has
always supported generator IDs. The only difference will be that non
gen 1 messages will need to be added to gen-msg.map. Are you seeing any
problems with it?
-A
sekure wrote:
> Will Barnyard be updated to take advantage of snort 2.6 new ability to
> log generator ids?
>
> I'd love to test out the betas but in my setup I am using barnyard so
> I don't think it's an option for me yet, until barnyard is updated.
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Barnyard-users mailing list
Barnyard-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/barnyard-users
-------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid�0709&bid&3057&dat�1642
|
