Snare Lite (SIEM & Logging Software) / Feature Requests / #23 Add facility selection to Objective creation

#23 Add facility selection to Objective creation

Status: open

Owner: nobody

Labels: None

Priority: 3

Updated: 2012-10-09

Created: 2010-05-04

Creator: Yannick

Private: No

In Snare agent for windows there's only the possibility to specify a general facility used for all the messages sent by the agent.
In addition to that, it would be great to add the possibility to select a specific facility for each objective rule.
For exemple, when creating a new rule for critical messages coming from the security log, there would be the possibility to select the facility security/auth.

Discussion

David Mohr - 2010-08-31

Hi,

Sorry about the delayed reply, I haven't been receiving notifications from this tracker. After discussing your idea with a colleague, we have decided not to implement this feature at this point in time. However, we will leave the request open for a time to see if it gains more support and we may re-evaluate.

Regards, David.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Romain LAPOUX - 2012-03-07

I am interested too in this feature.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Cricket17 - 2012-03-07

This would be a good feature.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Add facility selection to Objective creation

Snare Enterprise: bit.ly/Snare-Trial

Group

Searches

Help

#23 Add facility selection to Objective creation

Discussion