-
bamm committed patchset 1028 of module sguil to the Sguil CVS repository, changing 1 files.
2008-12-09 20:04:50 UTC by bamm
-
This is a suggestion to add functionality to recover from a system crash or the crash of the generic sguil agent.
Lets say the generic agent is reading a syslog file and crashes. When you start the agent back up, it will re-read events it has already seen, inputting them to the database and presenting them as new events. I think if there was something similar to barnyard's waldo file, the...
2008-10-31 15:24:16 UTC by jchrisos
-
Not sure if this is possible since technically it would be a modification to barnyard. However, since we patch barnyard to work with sguil, it may be possible.
Currently in debug mode, there is no message or error to the user if he/she is trying to read invalid unified log/alert files using barnyard with the sguil output plugin. I think such errors would be helpful and here's why:
As...
2008-10-31 15:21:16 UTC by jchrisos
-
bamm committed patchset 1027 of module sguil to the Sguil CVS repository, changing 2 files.
2008-09-21 02:59:25 UTC by bamm
-
bamm committed patchset 1026 of module sguil to the Sguil CVS repository, changing 6 files.
2008-09-21 02:58:49 UTC by bamm
-
hanashi committed patchset 1025 of module sguil to the Sguil CVS repository, changing 1 files.
2008-07-11 13:20:10 UTC by hanashi
-
hanashi committed patchset 1024 of module sguil to the Sguil CVS repository, changing 3 files.
2008-07-08 18:48:33 UTC by hanashi
-
hanashi committed patchset 1023 of module sguil to the Sguil CVS repository, changing 4 files.
2008-07-08 18:38:26 UTC by hanashi
-
hanashi committed patchset 1022 of module sguil to the Sguil CVS repository, changing 2 files.
2008-06-19 19:11:25 UTC by hanashi
-
hanashi committed patchset 1021 of module sguil to the Sguil CVS repository, changing 1 files.
2008-06-19 16:39:49 UTC by hanashi
