[syslog-ng] [announce] patterndb project
Balazs Scheidler
bazsi at balabit.hu
Thu Jul 1 22:23:25 CEST 2010
On Thu, 2010-07-01 at 11:03 -0500, Martin Holste wrote:
> Shouldn't that go under the provider attribute? My point with the
> ID's vs UUID was that I prefer a numeric ID. Just as with IP space,
> we could provide a "number space" for local signatures. For instance,
> 0 through 2,000,000,000 would be public space, and 2,000,000,000
> through 2^32 would be private space.
>
> I think the "opensshd" component would be assigned to the "name"
> attribute, or something similar, or maybe would be the "class"
> attribute.
let me think this through and also discuss with the guys who originally
designed the XML format and come up with a consistent recommendation on
IDs.
Any other comments on the "patterndb" policy document at
http://git.balabit.hu/?p=bazsi/syslog-ng-patterndb.git;a=blob;f=README.txt;h=9bbfeaead0c21dcf6171e12e311ae8612f572bfc;hb=6061e22221a72d35238b35f82b04afd436341b5c
Perhaps about the two schemas I've described at the same location in
SCHEMAS.txt<
--
Bazsi
More information about the syslog-ng
mailing list