-
Oh - yes - these patches are to version 1.11.1.
2009-03-25 18:21:58 UTC in FW1-Loggrabber
-
The rule_uid and rule_name fields are new with R60. The rule_uid matches the UID for a rule in (Standard.W, Standard.pf, rulebases_5_0.fws, possibly others).
2009-03-25 18:19:35 UTC in FW1-Loggrabber
-
Please pardon me, the amount of work required to figure this out was actually quite small - after I gave in and posted. Quantum uncertainties collapsing, you see.
Small changes to fw1-loggrabber.c and fw1-loggraber.h are all that is required:
*** fw1-loggrabber-1.11.1/fw1-loggrabber.c 2005-02-21 14:41:34.000000000 -0500
--- updated-fw1-loggrabber-1.11.1/fw1-loggrabber.c...
2009-03-25 18:13:47 UTC in FW1-Loggrabber
-
The README says:
'If you want other fields to be supported or simply miss some fields in output, please run loggrabber in debug-mode and look for output line telling "Unsupported field".'
But nowhere does it seem to tell me what to do once I've gotten that information 8).
I need to grab the rule_uid (and rule_name) would be nice:
DEBUG: Unsupported field found (Position 9)...
2009-03-25 16:32:02 UTC in FW1-Loggrabber
-
gowen committed revision 154 to the Drivel Journal Editor SVN repository, changing 2 files.
2004-06-30 01:18:54 UTC in Drivel Journal Editor
-
gowen committed revision 134 to the Drivel Journal Editor SVN repository, changing 2 files.
2004-06-20 20:26:23 UTC in Drivel Journal Editor
-
gowen committed revision 86 to the Drivel Journal Editor SVN repository, changing 2 files.
2004-05-19 02:51:52 UTC in Drivel Journal Editor
-
gowen committed revision 69 to the Drivel Journal Editor SVN repository, changing 2 files.
2004-04-30 12:24:36 UTC in Drivel Journal Editor
-
gowen committed revision 58 to the Drivel Journal Editor SVN repository, changing 2 files.
2004-04-27 22:23:52 UTC in Drivel Journal Editor
-
gowen committed revision 37 to the Drivel Journal Editor SVN repository, changing 2 files.
2004-04-13 02:05:12 UTC in Drivel Journal Editor
