Re: Snort.org Blog: Snort 2.9.1 beta coming soon!

[Joel Esler <jesler () sourcefire com>]

I'll put out a blog post closer to the next release targeting what output methods will remain and which ones will be 
depreciated.  

Firnsy -- For now, the sql files are in the contrib/ directory of the Snort tarball if you want to go ahead and grab 
those.  

Joel


On Jun 15, 2011, at 10:26 PM, Steven Sturges wrote:

> To allow users time to transition, we'll add some warnings about
> the database output plugin in Snort being deprecated in a future
> release, just as we've done with other deprecated features before
> they are removed.  From there, we'd plan to fully remove support
> with the following (3 digit) release.
>
> The schema files (mysql, MS SQL, Oracle, Postgres, DB2) will be
> maintained external to Snort.
>
> The idea is to make unified2 the primary logging mechanism for
> binary data.  We would still keep tcpdump/pcap.
>
> This will simplify the build process for Snort for everyone, as
> well as minimizing our required testing coverage.
>
> Cheers.
> -steve
>
> On 6/15/11 2:20 PM, Joel Esler wrote:
> > Steve -- Can you chime in here with what we discussed yesterday in your office?
> >
> > Joel
> >
> > On Jun 15, 2011, at 8:54 AM, firnsy wrote:
> >
> > > On 15/06/11 07:07, Joel Esler wrote:
> > > > On Jun 14, 2011, at 2:59 PM, Randal T. Rioux wrote:
> > > > > On 6/14/2011 11:19 AM, Joel Esler wrote:
> > > > > > So is the barnyard2 project willing to take over maintenance of the sql
> > > > > > schema totally?  We'd like to remove it from the Snort tarball along
> > > > > > with the direct-to-db output method.
> > > > >
> > > > > I'll chime in and say yes - whether it be firnsy, myself, etc.
> > > > >
> > > > > I started this for my own project a couple years ago and have wanted to
> > > > > do this for a while!
> > >
> > > I'll second Randy here and say yes the barnyard2 project is willing to
> > > take over maintenance of the schema in its entirety.
> > >
> > > > Roger.  Let us talk over some things internally about how we are going to handle this, and in what versions.  I'll 
> > > > ping you back.
> > >
> > > Sure, we can discuss this further offline when you have more details of
> > > how you want to handover.
> > >
> > > Regards,
> > > firnsy
> >
> >
> > ------------------------------------------------------------------------------
> > EditLive Enterprise is the world's most technically advanced content
> > authoring tool. Experience the power of Track Changes, Inline Image
> > Editing and ensure content is compliant with Accessibility Checking.
> > http://p.sf.net/sfu/ephox-dev2dev
> > _______________________________________________
> > Snort-devel mailing list
> > Snort-devel () lists sourceforge net
> > https://lists.sourceforge.net/lists/listinfo/snort-devel


------------------------------------------------------------------------------
EditLive Enterprise is the world's most technically advanced content
authoring tool. Experience the power of Track Changes, Inline Image
Editing and ensure content is compliant with Accessibility Checking.
http://p.sf.net/sfu/ephox-dev2dev
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel