Barnyard 0.2.0 Patch

[Colin Grady <colin.grady () gmail com>]

I've written a patch for Barnyard 0.2.0 that fixes some issues with
the op_sguil op_acid_db output plugins. The patch allows the Sguil
output plugin to properly log the signature revision numbers and the
signature generator ID. Prior to this patch, the signature generator
ID an revision numbers were always defaulted to 0. The signature
generator ID was never passed in the event INSERT statement,
defaulting it to 0 in the database. The signature revision number was
not properly set in the Sid structure because it populated the
structure based on the sid-msg.map which doesn't include the revision
information. To fix that the OpSguil_Log function now populates the
Sid->rev value from the UnifiedLogRecord information. The same thing
goes for the Alert and Log functions in op_acid_db.

The patch is available here:
http://pr00f.org/barnyard-0.2.0-cmg.patch

Enjoy,
Colin Grady


-------------------------------------------------------
This SF.Net email is sponsored by: NEC IT Guy Games.  How far can you shotput
a projector? How fast can you ride your desk chair down the office luge track?
If you want to score the big prize, get to know the little guy.
Play to win an NEC 61" plasma display: http://www.necitguy.com/?r 
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users