Skip to content
This repository has been archived by the owner on Jan 18, 2024. It is now read-only.

new alert_json plugin with kafka capabilities #88

Open
wants to merge 212 commits into
base: master
Choose a base branch
from
Open

new alert_json plugin with kafka capabilities #88

wants to merge 212 commits into from

Commits on Mar 28, 2013

  1. Created alert_json output plugin skeleton, and integrated in banyard2. 

         modified:   src/output-plugins/Makefile.am
     modified:   src/plugbase.c
     new file:   src/output-plugins/spo_alert_json.c
     new file:   src/output-plugins/spo_alert_json.h
    root committed Mar 28, 2013
    Configuration menu
    Copy the full SHA
    c5efa08 View commit details
    Browse the repository at this point in the history

Commits on Apr 3, 2013

  1. Changed names under spo_alert_json. No funtionality changed except de… 

    …fault output names

      modified:   output-plugins/spo_alert_json.c
    root committed Apr 3, 2013
    Configuration menu
    Copy the full SHA
    db69fcf View commit details
    Browse the repository at this point in the history

  2. Timestamp now printed in milisenconds, instead of string

    root committed Apr 3, 2013
    Configuration menu
    Copy the full SHA
    eb71ecc View commit details
    Browse the repository at this point in the history

  3. Each data type add it's own string to a json file now.

    root committed Apr 3, 2013
    Configuration menu
    Copy the full SHA
    ec29434 View commit details
    Browse the repository at this point in the history

  4. FIXED: JSON invalid fields are not written at all. Before, a ",," was… 

    … printed

      modified:   output-plugins/spo_alert_json.c
    root committed Apr 3, 2013
    Configuration menu
    Copy the full SHA
    25ca718 View commit details
    Browse the repository at this point in the history

Commits on Apr 5, 2013

  1. added output-plugins/spo_alert_json.h in src/plugbase.c 

    	modified:   src/plugbase.c
    root committed Apr 5, 2013
    Configuration menu
    Copy the full SHA
    0df4cdd View commit details
    Browse the repository at this point in the history

  2. Added kafka libraries and header (in a future we will add the entire 

    librdkafka)
	modified:   Makefile.am
	new file:   output-plugins/kafka/librdkafka.a
	new file:   output-plugins/kafka/rdkafka.h
	new file:   output-plugins/librdkafka.a
    root committed Apr 5, 2013
    Configuration menu
    Copy the full SHA
    df547e1 View commit details
    Browse the repository at this point in the history

Commits on Apr 16, 2013

  1. Added kafka output to spo_alert_json. Topic is need to know in compile 

    time, next commit will fix that.
Created sfutil/sf_kafka, to send kafka messages. Modify some makefile.am
and added -lz, -lrt and -lpthread c flags, needed by kafka. Added
rdkafka library too.

	modified:   Makefile.am
	modified:   output-plugins/spo_alert_json.c
	modified:   sfutil/Makefile.am
	new file:   sfutil/kafka/librdkafka.a
	new file:   sfutil/kafka/rd.h
	new file:   sfutil/kafka/rdaddr.h
	new file:   sfutil/kafka/rdcrc32.h
	new file:   sfutil/kafka/rdfile.h
	new file:   sfutil/kafka/rdgz.h
	new file:   sfutil/kafka/rdkafka.h
	new file:   sfutil/kafka/rdrand.h
	new file:   sfutil/kafka/rdtime.h
	new file:   sfutil/kafka/rdtypes.h
	new file:   sfutil/sf_kafka.c
	new file:   sfutil/sf_kafka.h
    root committed Apr 16, 2013
    Configuration menu
    Copy the full SHA
    0de1baa View commit details
    Browse the repository at this point in the history

  2. Kafka topic can be specified adding a '@' after broker's name 

    	modified:   output-plugins/spo_alert_json.c
    root committed Apr 16, 2013
    Configuration menu
    Copy the full SHA
    c408120 View commit details
    Browse the repository at this point in the history

Commits on Apr 18, 2013

  1. FIX: alert_json can send alerts to a file and a kafka broker at the same 

    time now
	modified:   output-plugins/spo_alert_json.c
    root committed Apr 18, 2013
    Configuration menu
    Copy the full SHA
    5d886ca View commit details
    Browse the repository at this point in the history

  2. Delayed KafkaLog's handler init in daemon mode (Need to do because a 

    fork() in that mode).
	modified:   src/output-plugins/spo_alert_json.c
	modified:   src/sfutil/sf_kafka.c
	modified:   src/sfutil/sf_kafka.h
    root committed Apr 18, 2013
    Configuration menu
    Copy the full SHA
    6d76240 View commit details
    Browse the repository at this point in the history

  3. Increased spo_alert_json LOG_BUFFER; Kafka split messages with just 4K 

    	modified:   src/output-plugins/spo_alert_json.c
    root committed Apr 18, 2013
    Configuration menu
    Copy the full SHA
    615879c View commit details
    Browse the repository at this point in the history

Commits on May 3, 2013

  1. Changed the way sf_kafka use the buffer. Now it allocate a new one an… 

    …d let

librdkafka free it.
	deleted:    src/output-plugins/kafka/librdkafka.a
	deleted:    src/output-plugins/kafka/rdkafka.h
	modified:   src/sfutil/sf_kafka.c
	modified:   src/sfutil/sf_kafka.h
    root committed May 3, 2013
    Configuration menu
    Copy the full SHA
    43a2c43 View commit details
    Browse the repository at this point in the history

  2. FIX: When sending alerts, sometimes proto was not set, so the json alert 

    contained a blank space in arguments, surrounded by commas (", ,"). Now,
if the alert's proto is not valid, we don't send the comma.
	modified:   src/output-plugins/spo_alert_json.c
    root committed May 3, 2013
    Configuration menu
    Copy the full SHA
    b1f4acc View commit details
    Browse the repository at this point in the history

Commits on Jul 3, 2013

  1. Bumped: version to 2-1.13-BETA 

    Bumped: build to 325

Add: Full support for sid-msg v2 format which
     enchanced by the following fields: gid,revision,classification,priority
     for each entry which allow pre-population of signature metadata by
     barnyard2 if database output is used.

Add: Signature Suppression support at the spooler level using
     configuration directive. See doc/README.sig_suppress

Add: Variable resolving/support in configuration file
     (generic variable.

Add: hostname and interface to possible CSV field
     Feature requested by: Phil Daws

Add: spo_database configuration keyword "disable_signature_reference_table"
     was added and reconnect_sleep_time, connection_limit defined in
     doc/README.database.

Fixed: Added extra check when generating sig_reference cache.
       (Martin Olsson)

Fixed: sid-msg.map and gen-msg.map double declaration issue (using
       command line and directive is now prohibited) [ will bail
       if both are used (-S and config sid_file OR -G and config
       gen_file.]

Fixed: syslog_full in complete mode IP information (Fäbu Hufi)

Fixed: database, could stop processing event when some ip options where
       null (John Naggets)

Fixed: Removed some database messages and move them to debug message if
       the propre debug flag is used.
    @binf @eugpermar
    binf authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    de53c97 View commit details
    Browse the repository at this point in the history

  2. Last minute commit for a long waited needed feature and some little fix. 

    Add: Support for proper signal handling.
Add: README info for google mailing lists.

Fixed: Compile issue when debug was enabled (missing , in some
DEBUG_WRAP code.

Fixed: Changed a few places where the snort literal was used instead of
barnyard2 and this could confuse some first time barnyard2 users.

Fixed: RPM spec file to point to good version (when needed)

Bumped: Build to 326

--github specific
Fixes firnsy#81
Fixes firnsy#73
Fixes firnsy#75

Close firnsy#82
Close firnsy#83
Close firnsy#80
Close firnsy#79
Close firnsy#78
Close firnsy#27
--github specific
    @binf @eugpermar
    binf authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    5796f03 View commit details
    Browse the repository at this point in the history

  3. fixed: libwebsocket update collapsed a number of arguments into gener… 

    …al struct.
    @eugpermar
    firnsy authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    99c8188 View commit details
    Browse the repository at this point in the history

  4. updated: build bump and removal of beta tag pending release.

    @eugpermar
    firnsy authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    bcbd6b0 View commit details
    Browse the repository at this point in the history

  5. fixed: range logic was inadvertenly inverted.

    @eugpermar
    firnsy authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    33f49f8 View commit details
    Browse the repository at this point in the history

  6. fixed: lingering reference identifid during HUP operations.

    @eugpermar
    firnsy authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    b0ccd22 View commit details
    Browse the repository at this point in the history

  7. added: handle situations where map files are not v2.

    @eugpermar
    firnsy authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    317f4be View commit details
    Browse the repository at this point in the history

  8. fixed: issue with signature insertion and v1/v2 sid-msg.map handling.

    @eugpermar
    firnsy authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    d856c41 View commit details
    Browse the repository at this point in the history

  9. Parsed hosts and networks file in order to produce in spo_alert_json

    @eugpermar
    root authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    5fefbe0 View commit details
    Browse the repository at this point in the history

  10. Added src_name, src_str, dst_name and dst_str to json fields, based on 

    /opt/rb/etc/{hosts,networks} files
	modified:   output-plugins/spo_alert_json.c
    @eugpermar
    root authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    1126d59 View commit details
    Browse the repository at this point in the history

  11. Added network identifications in source and destination ip 

    	modified:   output-plugins/spo_alert_json.c
    @eugpermar
    root authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    f048121 View commit details
    Browse the repository at this point in the history

  12. Added geoIP support using maxmind GeoIP 

    	modified:   Makefile.am
	modified:   output-plugins/spo_alert_json.c
    @eugpermar
    root authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    0896ef8 View commit details
    Browse the repository at this point in the history

  13. Fixed a possible memory leak. 

    	modified:   src/sfutil/sf_kafka.c
    @eugpermar
    root authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    dd159ed View commit details
    Browse the repository at this point in the history

  14. Fixed some possible memory leaks and enabled --enable-geo-ip in 

    configure script
	modified:   configure.in
	modified:   src/output-plugins/spo_alert_json.c
    @eugpermar
    root authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    6072ae5 View commit details
    Browse the repository at this point in the history

  15. Updated librdkafka

    @eugpermar
    root authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    974bef5 View commit details
    Browse the repository at this point in the history

  16. Added to sf_kafka a maximum queue length value 

    	modified:   sfutil/sf_kafka.c
    @eugpermar
    root authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    72b1321 View commit details
    Browse the repository at this point in the history

  17. Added json_output plugin

    @eugpermar
    root authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    7f1de11 View commit details
    Browse the repository at this point in the history

  18. Added json and geoIP libs conditional compile stuff in configure.in. 

    KafkaLog now have a TextLog to print to a file, and alert_json does not
have to worry about send to kafka and to a textfile.
    @eugpermar
    eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    4d2fbf3 View commit details
    Browse the repository at this point in the history

  19. fix: possible double free's on cleanup when HUP recieved.

    @eugpermar
    firnsy authored and eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    563bc89 View commit details
    Browse the repository at this point in the history

  20. FIX: sf_kafka did not compile if --enable-kafka were passed to compile 

    script
    @eugpermar
    eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    0459902 View commit details
    Browse the repository at this point in the history

  21. Added priority and classification fields to alert_json plugin. Some f… 

    …ields will be always printed, too
    @eugpermar
    eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    ee5eca8 View commit details
    Browse the repository at this point in the history

  22. Added sensor_id capability

    @eugpermar
    eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    f4cb1c3 View commit details
    Browse the repository at this point in the history

  23. Added sensor_id and sensor_name passed by params. We will send the co… 

    …untry code in s_ip and dest_ip too.
    @eugpermar
    eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    a80dd89 View commit details
    Browse the repository at this point in the history

  24. Using sf_ip from sfutils module, what simplifies a bit the name resol… 

    …ution

Managed a geoip NULL return when ip is not in the database.
    @eugpermar
    eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    c6f50a5 View commit details
    Browse the repository at this point in the history

  25. FIXED: Sendig src_country twice by error

    @eugpermar
    eugpermar committed Jul 3, 2013
    Configuration menu
    Copy the full SHA
    b03bb29 View commit details
    Browse the repository at this point in the history

Commits on Jul 4, 2013

  1. Added spread over kafka partitions capacity.

    @eugpermar
    eugpermar committed Jul 4, 2013
    Configuration menu
    Copy the full SHA
    2b98f85 View commit details
    Browse the repository at this point in the history

  2. Deleted kafka libs and used system ones

    @eugpermar
    eugpermar committed Jul 4, 2013
    Configuration menu
    Copy the full SHA
    dfea910 View commit details
    Browse the repository at this point in the history

Commits on Jul 8, 2013

  1. The geoip library path is now passed by param.

    @eugpermar
    eugpermar committed Jul 8, 2013
    Configuration menu
    Copy the full SHA
    67a8c03 View commit details
    Browse the repository at this point in the history

Commits on Jul 10, 2013

  1. Readed services and protocols file, and sended in the event

    @eugpermar
    eugpermar committed Jul 10, 2013
    Configuration menu
    Copy the full SHA
    44ad609 View commit details
    Browse the repository at this point in the history

  2. FIX: dst port name was the same as src_port name.

    @eugpermar
    eugpermar committed Jul 10, 2013
    Configuration menu
    Copy the full SHA
    5a8741d View commit details
    Browse the repository at this point in the history

  3. FIX: Classification field now show the correct classification message

    @eugpermar
    eugpermar committed Jul 10, 2013
    Configuration menu
    Copy the full SHA
    05fcdc2 View commit details
    Browse the repository at this point in the history

  4. Created rbutil folder, where it will be all redborder utils.

    @eugpermar
    eugpermar committed Jul 10, 2013
    Configuration menu
    Copy the full SHA
    aacf0d9 View commit details
    Browse the repository at this point in the history

  5. Created rbutil folder, where it will be all redborder utils.

    @eugpermar
    eugpermar committed Jul 10, 2013
    Configuration menu
    Copy the full SHA
    7e2eda9 View commit details
    Browse the repository at this point in the history

  6. Amend: fixed src/Makefile.am

    @eugpermar
    eugpermar committed Jul 10, 2013
    Configuration menu
    Copy the full SHA
    cb52266 View commit details
    Browse the repository at this point in the history

  7. Warning supressed.

    @eugpermar
    eugpermar committed Jul 10, 2013
    Configuration menu
    Copy the full SHA
    dba7696 View commit details
    Browse the repository at this point in the history

  8. Changed -DJSON_KAFKA and -DJSON_GEOIP to defines in config.h file

    @eugpermar
    eugpermar committed Jul 10, 2013
    Configuration menu
    Copy the full SHA
    8ac1090 View commit details
    Browse the repository at this point in the history

Commits on Jul 11, 2013

  1. Added payload field

    @eugpermar
    eugpermar committed Jul 11, 2013
    Configuration menu
    Copy the full SHA
    3f2a03a View commit details
    Browse the repository at this point in the history

Commits on Jul 12, 2013

  1. Changed the strcmp alerts processing system to a template based one

    @eugpermar
    eugpermar committed Jul 12, 2013
    Configuration menu
    Copy the full SHA
    99adef9 View commit details
    Browse the repository at this point in the history

  2. Using the json name given in the template

    @eugpermar
    eugpermar committed Jul 12, 2013
    Configuration menu
    Copy the full SHA
    9a808be View commit details
    Browse the repository at this point in the history

  3. Added a "default value" field in the template

    @eugpermar
    eugpermar committed Jul 12, 2013
    Configuration menu
    Copy the full SHA
    3e97959 View commit details
    Browse the repository at this point in the history

  4. Update doc

    @eugpermar
    eugpermar committed Jul 12, 2013
    Configuration menu
    Copy the full SHA
    9758863 View commit details
    Browse the repository at this point in the history

Commits on Jul 13, 2013

  1. Proto fallback value is now the same value as proto_id

    @eugpermar
    eugpermar committed Jul 13, 2013
    Configuration menu
    Copy the full SHA
    38f3cac View commit details
    Browse the repository at this point in the history

Commits on Jul 15, 2013

  1. Added ARP and VLAN parsing.

    @eugpermar
    eugpermar committed Jul 15, 2013
    Configuration menu
    Copy the full SHA
    262c850 View commit details
    Browse the repository at this point in the history

  2. Resolved VLAN names.

    @eugpermar
    eugpermar committed Jul 15, 2013
    Configuration menu
    Copy the full SHA
    f8519e9 View commit details
    Browse the repository at this point in the history

Commits on Jul 16, 2013

  1. FIX: ipv4 were not passed by ntohl functions

    @eugpermar
    eugpermar committed Jul 16, 2013
    Configuration menu
    Copy the full SHA
    8fd7109 View commit details
    Browse the repository at this point in the history

Commits on Jul 17, 2013

  1. Deleted all slow KafkaLog_Print and changed to KafkaLog_Puts. Added a… 

    … _itoa function to convert number to string. Template default values changed from void* to char*
    @eugpermar
    eugpermar committed Jul 17, 2013
    Configuration menu
    Copy the full SHA
    fcdbe8f View commit details
    Browse the repository at this point in the history

  2. changed a snprintf to a strcat in KafkaLog_Write: performance 

    KafkaLog->maxBuf renamed to kafkaLog->bufLen and start_bufLen, more descriptive ones
    @eugpermar
    eugpermar committed Jul 17, 2013
    Configuration menu
    Copy the full SHA
    de16a9d View commit details
    Browse the repository at this point in the history

  3. Changed hosts format to [name addr] (See redmine #522 issue)

    @eugpermar
    eugpermar committed Jul 17, 2013
    Configuration menu
    Copy the full SHA
    c7477a5 View commit details
    Browse the repository at this point in the history

Commits on Jul 25, 2013

  1. Timestamp resolution moved from miliseconds to seconds

    @eugpermar
    eugpermar committed Jul 25, 2013
    Configuration menu
    Copy the full SHA
    529e965 View commit details
    Browse the repository at this point in the history

Commits on Jul 30, 2013

  1. alert-json did not work if --enable-ipv6 was present (Redmine issue 6… 

    …20). Fixed
    @eugpermar
    eugpermar committed Jul 30, 2013
    Configuration menu
    Copy the full SHA
    47af71b View commit details
    Browse the repository at this point in the history

Commits on Aug 1, 2013

  1. Changed configure.in so it can import rdkafka from any location. Now you 

    can specify kafka location using --with-kafka-* params configure params.
    @eugpermar
    eugpermar committed Aug 1, 2013
    Configuration menu
    Copy the full SHA
    b346855 View commit details
    Browse the repository at this point in the history

  2. Added rb_pointers.h header to have specific commands to check pointer… 

    …s. Added type,domain,domain_id template parameters too.
    @eugpermar
    eugpermar committed Aug 1, 2013
    Configuration menu
    Copy the full SHA
    1971669 View commit details
    Browse the repository at this point in the history

  3. Geoip libraries can now be specified in configure (--with...)

    @eugpermar
    eugpermar committed Aug 1, 2013
    Configuration menu
    Copy the full SHA
    f7eff47 View commit details
    Browse the repository at this point in the history

Commits on Aug 2, 2013

  1. Sending action of message (not fully supported). Some numbers sended … 

    …in hex format => json not supported.
    @eugpermar
    eugpermar committed Aug 2, 2013
    Configuration menu
    Copy the full SHA
    70ae7b8 View commit details
    Browse the repository at this point in the history

  2. IPv4 sended in wrong format. Deleted a warning. fwsam did not compile… 

    … if ipv6 enabled.
    @eugpermar
    eugpermar committed Aug 2, 2013
    Configuration menu
    Copy the full SHA
    de518d2 View commit details
    Browse the repository at this point in the history

  3. Barnyard could wait forever if the kafka broker was down. Fixed.

    @eugpermar
    eugpermar committed Aug 2, 2013
    Configuration menu
    Copy the full SHA
    2da769a View commit details
    Browse the repository at this point in the history

  4. Eth address not printed with all zeroes padding. Fixed.

    @eugpermar
    eugpermar committed Aug 2, 2013
    Configuration menu
    Copy the full SHA
    038d63a View commit details
    Browse the repository at this point in the history

Commits on Aug 7, 2013

  1. Added kafka 0.8 support

    @eugpermar
    eugpermar committed Aug 7, 2013
    Configuration menu
    Copy the full SHA
    55859fc View commit details
    Browse the repository at this point in the history

Commits on Aug 12, 2013

  1. Workaround to solve bug in librdkafka.

    @eugpermar
    eugpermar committed Aug 12, 2013
    Configuration menu
    Copy the full SHA
    003086d View commit details
    Browse the repository at this point in the history

Commits on Aug 22, 2013

  1. Changed some fields name.

    @eugpermar
    eugpermar committed Aug 22, 2013
    Configuration menu
    Copy the full SHA
    e11344d View commit details
    Browse the repository at this point in the history

Commits on Aug 23, 2013

  1. Deleted sensor_id_snort from default template

    @eugpermar
    eugpermar committed Aug 23, 2013
    Configuration menu
    Copy the full SHA
    0665f85 View commit details
    Browse the repository at this point in the history

  2. Changed some template elements

    @eugpermar
    eugpermar committed Aug 23, 2013
    Configuration menu
    Copy the full SHA
    9bc12e3 View commit details
    Browse the repository at this point in the history

Commits on Sep 16, 2013

  1. Changed some template names

    @eugpermar
    eugpermar committed Sep 16, 2013
    Configuration menu
    Copy the full SHA
    a3a04f1 View commit details
    Browse the repository at this point in the history

Commits on Sep 24, 2013

  1. Deleted kafka 0.8 support. Fixed memory leak. Inserted some likely() 

    optimiz.
    @eugpermar
    eugpermar committed Sep 24, 2013
    Configuration menu
    Copy the full SHA
    37c67a5 View commit details
    Browse the repository at this point in the history

Commits on Oct 9, 2013

  1. Updated configure.in

    @eugpermar
    eugpermar committed Oct 9, 2013
    Configuration menu
    Copy the full SHA
    4d4b105 View commit details
    Browse the repository at this point in the history

Commits on Nov 5, 2013

  1. Added group_id and group_name in the parameters. domain_id renamed to… 

    … domain_name, and domain->domain_id
    @eugpermar
    eugpermar committed Nov 5, 2013
    Configuration menu
    Copy the full SHA
    3300b02 View commit details
    Browse the repository at this point in the history

Commits on Nov 19, 2013

  1. IP packets length and ethernet packets length are now aggregated in g… 

    …roups. Priority_name added.
    @eugpermar
    eugpermar committed Nov 19, 2013
    Configuration menu
    Copy the full SHA
    a50d5cc View commit details
    Browse the repository at this point in the history

Commits on Nov 21, 2013

  1. Added AS numbers

    @eugpermar
    eugpermar committed Nov 21, 2013
    Configuration menu
    Copy the full SHA
    8f6035a View commit details
    Browse the repository at this point in the history

  2. Changed Fatal errors to error messages.

    @eugpermar
    eugpermar committed Nov 21, 2013
    Configuration menu
    Copy the full SHA
    0f2e165 View commit details
    Browse the repository at this point in the history

Commits on Nov 28, 2013

  1. Update to current kafka api

    @eugpermar
    eugpermar committed Nov 28, 2013
    Configuration menu
    Copy the full SHA
    770955c View commit details
    Browse the repository at this point in the history

Commits on Dec 5, 2013

  1. FIX sometimes print a *0 when printing ethlength.

    @eugpermar
    eugpermar committed Dec 5, 2013
    Configuration menu
    Copy the full SHA
    d24420d View commit details
    Browse the repository at this point in the history

  2. FIX: ntohl were not applied in ip.

    @eugpermar
    eugpermar committed Dec 5, 2013
    Configuration menu
    Copy the full SHA
    9bcd10b View commit details
    Browse the repository at this point in the history

Commits on Dec 18, 2013

  1. Solved a invalid write valgrind report. Don't sending ip,mac,vlans na… 

    …mes by default.
    @eugpermar
    eugpermar committed Dec 18, 2013
    Configuration menu
    Copy the full SHA
    e823da9 View commit details
    Browse the repository at this point in the history

Commits on Dec 26, 2013

  1. Added rb_macs_vendor support

    @eugpermar
    eugpermar committed Dec 26, 2013
    Configuration menu
    Copy the full SHA
    ab3c3da View commit details
    Browse the repository at this point in the history

  2. Cleaned old kafka code

    @eugpermar
    eugpermar committed Dec 26, 2013
    Configuration menu
    Copy the full SHA
    5086948 View commit details
    Browse the repository at this point in the history

Commits on Jan 15, 2014

  1. FIX: ETHDST_VENDOR without mac in switch.

    @eugpermar
    eugpermar committed Jan 15, 2014
    Configuration menu
    Copy the full SHA
    4b33b2f View commit details
    Browse the repository at this point in the history

Commits on Apr 30, 2014

  1. FIX: spo_alert_json didn't compile if not HAVE_GEOIP present

    @eugpermar
    eugpermar committed Apr 30, 2014
    Configuration menu
    Copy the full SHA
    4fa91db View commit details
    Browse the repository at this point in the history

  2. FIX: rb_kafka didn't compile if not --enable-rdkafka present (thanks … 

    …to Alberto for reporting)
    @eugpermar
    eugpermar committed Apr 30, 2014
    Configuration menu
    Copy the full SHA
    a56f46c View commit details
    Browse the repository at this point in the history

Commits on May 26, 2014

  1. FIX: ethlen puts an extra 0 sometimes

    @eugpermar
    eugpermar committed May 26, 2014
    Configuration menu
    Copy the full SHA
    56c8d63 View commit details
    Browse the repository at this point in the history

Commits on May 27, 2014

  1. You can pass option to rdkafka directly (See #2250)

    @eugpermar
    eugpermar committed May 27, 2014
    Configuration menu
    Copy the full SHA
    f272e43 View commit details
    Browse the repository at this point in the history

  2. Added delivery function callback for every message

    @eugpermar
    eugpermar committed May 27, 2014
    Configuration menu
    Copy the full SHA
    ac57192 View commit details
    Browse the repository at this point in the history

Commits on Jul 11, 2014

  1. Deleted priority name. Now priority is always a name

    @eugpermar
    eugpermar committed Jul 11, 2014
    Configuration menu
    Copy the full SHA
    34376d1 View commit details
    Browse the repository at this point in the history

Commits on Jul 14, 2014

  1. FIX: Buffer overflow

    @eugpermar
    eugpermar committed Jul 14, 2014
    Configuration menu
    Copy the full SHA
    e3baa9b View commit details
    Browse the repository at this point in the history

  2. FIX: Buffer overflow

    @eugpermar
    eugpermar committed Jul 14, 2014
    Configuration menu
    Copy the full SHA
    37a8067 View commit details
    Browse the repository at this point in the history

Commits on Jul 15, 2014

  1. FIX: priority was sent even when there was no event

    @eugpermar
    eugpermar committed Jul 15, 2014
    Configuration menu
    Copy the full SHA
    3ab793e View commit details
    Browse the repository at this point in the history

Commits on Jul 16, 2014

  1. FIX: Bad delivery message callback management

    @eugpermar
    eugpermar committed Jul 16, 2014
    Configuration menu
    Copy the full SHA
    d653674 View commit details
    Browse the repository at this point in the history

Commits on Jul 17, 2014

  1. Barnyard cache is now freeing at the end, instead of start. This avoi… 

    …ds a lot of lonely packet events
    @eugpermar
    eugpermar committed Jul 17, 2014
    Configuration menu
    Copy the full SHA
    25f5f6f View commit details
    Browse the repository at this point in the history

  2. Sanitized spooler.c: some functions made static, some prototypes dele… 

    …ted.
    @eugpermar
    eugpermar committed Jul 17, 2014
    Configuration menu
    Copy the full SHA
    208ace4 View commit details
    Browse the repository at this point in the history

Commits on Jul 18, 2014

  1. Enabled lonely events processing. SRC/DST IP are now extracted from e… 

    …vent first.
    @eugpermar
    eugpermar committed Jul 18, 2014
    Configuration menu
    Copy the full SHA
    a9de004 View commit details
    Browse the repository at this point in the history

  2. Trying to get proto from event before attempt to extract from the pac… 

    …ket.
    @eugpermar
    eugpermar committed Jul 18, 2014
    Configuration menu
    Copy the full SHA
    7158760 View commit details
    Browse the repository at this point in the history

Commits on Jul 21, 2014

  1. src and dst port now extracted from the event instead of the packet. … 

    …If cannot extract from event, then try to extract from packet.
    @eugpermar
    eugpermar committed Jul 21, 2014
    Configuration menu
    Copy the full SHA
    64f9cfd View commit details
    Browse the repository at this point in the history

  2. ICMP type now tried to extracted from event first than the packet

    @eugpermar
    eugpermar committed Jul 21, 2014
    Configuration menu
    Copy the full SHA
    0f49c62 View commit details
    Browse the repository at this point in the history

  3. extract icmp code first from event that from packet. ICMP code & type… 

    … only printed if icmp protocolot event
    @eugpermar
    eugpermar committed Jul 21, 2014
    Configuration menu
    Copy the full SHA
    99fb126 View commit details
    Browse the repository at this point in the history

  4. Trying to extract vlanId information of the event first of the packet.

    @eugpermar
    eugpermar committed Jul 21, 2014
    Configuration menu
    Copy the full SHA
    f00d29d View commit details
    Browse the repository at this point in the history

  5. ipv6 country database loaded separately from ipv4 country database

    @eugpermar
    eugpermar committed Jul 21, 2014
    Configuration menu
    Copy the full SHA
    e103aac View commit details
    Browse the repository at this point in the history

  6. Autonomous System Numbers ipv6 database are now sepparated from ipv4 … 

    …ones
    @eugpermar
    eugpermar committed Jul 21, 2014
    Configuration menu
    Copy the full SHA
    b0103b1 View commit details
    Browse the repository at this point in the history

  7. Cosmetic changes: SRC_REQ and DST_REQ uses are now encapsulated by ma… 

    …cros
    @eugpermar
    eugpermar committed Jul 21, 2014
    Configuration menu
    Copy the full SHA
    c3c02f0 View commit details
    Browse the repository at this point in the history

  8. FIX: didn't compile if --enable-ipv6 was not present

    @eugpermar
    eugpermar committed Jul 21, 2014
    Configuration menu
    Copy the full SHA
    03555b0 View commit details
    Browse the repository at this point in the history

Commits on Aug 28, 2014

  1. rb_pointers added copyright

    @eugpermar
    eugpermar committed Aug 28, 2014
    Configuration menu
    Copy the full SHA
    7601011 View commit details
    Browse the repository at this point in the history

  2. Extracted actionOfEvent function, in order to reuse in another output… 

    … plugin
    @eugpermar
    eugpermar committed Aug 28, 2014
    Configuration menu
    Copy the full SHA
    6d2eb21 View commit details
    Browse the repository at this point in the history

  3. Syslog output plugin can print the action taken

    @eugpermar
    eugpermar committed Aug 28, 2014
    Configuration menu
    Copy the full SHA
    5fa044b View commit details
    Browse the repository at this point in the history

Commits on Aug 29, 2014

  1. Syslog output plugin now prints action taken too.

    @eugpermar
    eugpermar committed Aug 29, 2014
    Configuration menu
    Copy the full SHA
    9f5c7ad View commit details
    Browse the repository at this point in the history

  2. Added sensor name to output

    @eugpermar
    eugpermar committed Aug 29, 2014
    Configuration menu
    Copy the full SHA
    078102a View commit details
    Browse the repository at this point in the history

  3. Added sensor-group to syslog output plugin

    @eugpermar
    eugpermar committed Aug 29, 2014
    Configuration menu
    Copy the full SHA
    485110f View commit details
    Browse the repository at this point in the history

  4. Renamed "sensor name"->"sensor" and "sensor group"->"group"

    @eugpermar
    eugpermar committed Aug 29, 2014
    Configuration menu
    Copy the full SHA
    7099fe5 View commit details
    Browse the repository at this point in the history

Commits on Sep 1, 2014

  1. Added rbutils/Makefile.in, and headers guards

    @eugpermar
    eugpermar committed Sep 1, 2014
    Configuration menu
    Copy the full SHA
    b46067c View commit details
    Browse the repository at this point in the history

Commits on Sep 2, 2014

  1. Increased syslog human-readable IP buffers size, in order to accomoda… 

    …te ipv6
    @eugpermar
    eugpermar committed Sep 2, 2014
    Configuration menu
    Copy the full SHA
    b3f9d72 View commit details
    Browse the repository at this point in the history

Commits on Oct 30, 2014

  1. FIX: Ports were using as uint8_t, instead of uint16_t

    @eugpermar
    eugpermar committed Oct 30, 2014
    Configuration menu
    Copy the full SHA
    a38c808 View commit details
    Browse the repository at this point in the history

  2. FIX: bad IPlength

    @eugpermar
    eugpermar committed Oct 30, 2014
    Configuration menu
    Copy the full SHA
    6099b36 View commit details
    Browse the repository at this point in the history

Commits on Mar 26, 2015

  1. Included Extra Data counts in Records

    Pablo Cantos committed Mar 26, 2015
    Configuration menu
    Copy the full SHA
    e0ea441 View commit details
    Browse the repository at this point in the history

Commits on Mar 30, 2015

  1. Preparing spo_alert_json.c, plugbase.c and plugbase.h. Perhaps we wil… 

    …l have to roll back to undo these changes.
    Pablo Cantos committed Mar 30, 2015
    Configuration menu
    Copy the full SHA
    13cbf23 View commit details
    Browse the repository at this point in the history

Commits on Mar 31, 2015

  1. Flush cached event after TIME_ALARM seconds: Setting Alarm

    Pablo Cantos committed Mar 31, 2015
    Configuration menu
    Copy the full SHA
    411cc8f View commit details
    Browse the repository at this point in the history

Commits on Apr 7, 2015

  1. Changing the way spoolerProcessRecord works and including Extra Data … 

    …in EventRecordNode->data
    Pablo Cantos committed Apr 7, 2015
    Configuration menu
    Copy the full SHA
    fe432e5 View commit details
    Browse the repository at this point in the history

  2. Fire remained events before closing spooler when EOF is reached

    Pablo Cantos committed Apr 7, 2015
    Configuration menu
    Copy the full SHA
    8a01fd9 View commit details
    Browse the repository at this point in the history

Commits on Apr 10, 2015

  1. rd_unified2.c modified: fixing macro and actionOfEvent

    Pablo Cantos committed Apr 10, 2015
    Configuration menu
    Copy the full SHA
    e17f878 View commit details
    Browse the repository at this point in the history

  2. Merge branch 'master' into ExtraData

    Pablo Cantos committed Apr 10, 2015
    Configuration menu
    Copy the full SHA
    2e91674 View commit details
    Browse the repository at this point in the history

  3. spo_alert_json.c modified: getting events from spooler and producing … 

    …kafka messages with extra data
    Pablo Cantos committed Apr 10, 2015
    Configuration menu
    Copy the full SHA
    1215ad4 View commit details
    Browse the repository at this point in the history

  4. Not sending src/dst net/name if they are empty

    @eugpermar
    eugpermar committed Apr 10, 2015
    Configuration menu
    Copy the full SHA
    fc3035b View commit details
    Browse the repository at this point in the history

  5. Changed alert messages to should_drop and cant_drop

    @eugpermar
    eugpermar committed Apr 10, 2015
    Configuration menu
    Copy the full SHA
    e25213d View commit details
    Browse the repository at this point in the history

Commits on Apr 13, 2015

  1. Merge branch 'master' into ExtraData

    Pablo Cantos committed Apr 13, 2015
    Configuration menu
    Copy the full SHA
    fd044e7 View commit details
    Browse the repository at this point in the history

Commits on Apr 14, 2015

  1. Solving memory issues

    Pablo Cantos committed Apr 14, 2015
    Configuration menu
    Copy the full SHA
    a1b3487 View commit details
    Browse the repository at this point in the history

  2. Fixing/readjusting some pieces of code

    Pablo Cantos committed Apr 14, 2015
    Configuration menu
    Copy the full SHA
    10a40c1 View commit details
    Browse the repository at this point in the history

  3. Comment added to explain payload not matching

    Pablo Cantos committed Apr 14, 2015
    Configuration menu
    Copy the full SHA
    f45af1e View commit details
    Browse the repository at this point in the history

  4. Merge branch 'master' into ExtraData

    Pablo Cantos committed Apr 14, 2015
    Configuration menu
    Copy the full SHA
    6d2b8b2 View commit details
    Browse the repository at this point in the history

  5. Firing the last cached event

    Pablo Cantos committed Apr 14, 2015
    Configuration menu
    Copy the full SHA
    57cf6a7 View commit details
    Browse the repository at this point in the history

  6. define RB_EXTRADATA

    Pablo Cantos committed Apr 14, 2015
    Configuration menu
    Copy the full SHA
    2c06993 View commit details
    Browse the repository at this point in the history

Commits on Apr 15, 2015

  1. Including macro RB_EXTRADATA in configure. Short change in spoolerExt… 

    …raDataCacheClean().
    Pablo Cantos committed Apr 15, 2015
    Configuration menu
    Copy the full SHA
    c5a3d45 View commit details
    Browse the repository at this point in the history

Commits on Apr 17, 2015

  1. Changing the way DEFAULT_JSON is defined. Including code to write URI… 

    … and hostname as ExtraData.
    Pablo Cantos committed Apr 17, 2015
    Configuration menu
    Copy the full SHA
    185858f View commit details
    Browse the repository at this point in the history

Commits on Apr 28, 2015

  1. changed file_sha256 by sha256 in spo_alert_json.c

    Pablo Cantos committed Apr 28, 2015
    Configuration menu
    Copy the full SHA
    e0177f3 View commit details
    Browse the repository at this point in the history

Commits on May 18, 2015

  1. Using X macros to avoid ID/function duplication

    @eugpermar
    eugpermar committed May 18, 2015
    Configuration menu
    Copy the full SHA
    9285734 View commit details
    Browse the repository at this point in the history

  2. Added enrich_with output json parameter. Deleted a few deprecated par… 

    …ameters because they can be included in enruch_with
    @eugpermar
    eugpermar committed May 18, 2015
    Configuration menu
    Copy the full SHA
    e512180 View commit details
    Browse the repository at this point in the history

  3. Added KafkaLog_FlushAll in order to flush all messages when barnyard2… 

    … exists
    @eugpermar
    eugpermar committed May 18, 2015
    Configuration menu
    Copy the full SHA
    21edda4 View commit details
    Browse the repository at this point in the history

  4. Cleaning GeoIP databases

    @eugpermar
    eugpermar committed May 18, 2015
    Configuration menu
    Copy the full SHA
    2238c7e View commit details
    Browse the repository at this point in the history

Commits on May 22, 2015

  1. Fixing .gitignore file

    Pablo Cantos committed May 22, 2015
    Configuration menu
    Copy the full SHA
    7ce4263 View commit details
    Browse the repository at this point in the history

  2. merging from master

    Pablo Cantos committed May 22, 2015
    Configuration menu
    Copy the full SHA
    2baa664 View commit details
    Browse the repository at this point in the history

Commits on Jul 1, 2015

  1. Updated .gitignore

    @eugpermar
    eugpermar committed Jul 1, 2015
    Configuration menu
    Copy the full SHA
    09c1d96 View commit details
    Browse the repository at this point in the history

Commits on Jul 10, 2015

  1. SMTP ExtraData fields included

    Pablo Cantos committed Jul 10, 2015
    Configuration menu
    Copy the full SHA
    609383d View commit details
    Browse the repository at this point in the history

Commits on Jul 13, 2015

  1. FIX: Last event discarded when opening a new snort.log file (redmine … 

    …issue #4834)
    Pablo Cantos committed Jul 13, 2015
    Configuration menu
    Copy the full SHA
    f6ed494 View commit details
    Browse the repository at this point in the history

Commits on Sep 29, 2015

  1. Adding rbhttp library in the configure flags

    @eugpermar
    eugpermar committed Sep 29, 2015
    Configuration menu
    Copy the full SHA
    8271632 View commit details
    Browse the repository at this point in the history

Commits on Sep 30, 2015

  1. Deleted rb_kafka.{c,h}, since they did too many stuffs. Preparing for… 

    … HTTP sends
    @eugpermar
    eugpermar committed Sep 30, 2015
    Configuration menu
    Copy the full SHA
    d6548f6 View commit details
    Browse the repository at this point in the history

  2. Creating a thread in order to do kafka polls

    @eugpermar
    eugpermar committed Sep 30, 2015
    Configuration menu
    Copy the full SHA
    c550318 View commit details
    Browse the repository at this point in the history

Commits on Oct 1, 2015

  1. More verbose kafka errors

    @eugpermar
    eugpermar committed Oct 1, 2015
    Configuration menu
    Copy the full SHA
    5ab2438 View commit details
    Browse the repository at this point in the history

  2. Adding http library to json output plugin

    @eugpermar
    eugpermar committed Oct 1, 2015
    Configuration menu
    Copy the full SHA
    d1de5ad View commit details
    Browse the repository at this point in the history

Commits on Oct 2, 2015

  1. Deleting kafka by default behavior

    @eugpermar
    eugpermar committed Oct 2, 2015
    Configuration menu
    Copy the full SHA
    c342656 View commit details
    Browse the repository at this point in the history

  2. FIX: GeoIP_delete called twice

    @eugpermar
    eugpermar committed Oct 2, 2015
    Configuration menu
    Copy the full SHA
    4098604 View commit details
    Browse the repository at this point in the history

  3. Added printbuf to src/rbutil/Makefile.in

    @eugpermar
    eugpermar committed Oct 2, 2015
    Configuration menu
    Copy the full SHA
    c79b801 View commit details
    Browse the repository at this point in the history

Commits on Oct 13, 2015

  1. New properties http.max_connections and http.max_queued_messages

    @eugpermar
    eugpermar committed Oct 13, 2015
    Configuration menu
    Copy the full SHA
    9827bd8 View commit details
    Browse the repository at this point in the history

Commits on Oct 14, 2015

  1. Adapted barnyard2 to use librbhttp v1.0, and wrapping new properties

    @eugpermar
    eugpermar committed Oct 14, 2015
    Configuration menu
    Copy the full SHA
    d6edcea View commit details
    Browse the repository at this point in the history

Commits on Dec 18, 2015

  1. Deleting deprecated comment

    @eugpermar
    eugpermar committed Dec 18, 2015
    Configuration menu
    Copy the full SHA
    284cdb8 View commit details
    Browse the repository at this point in the history

Commits on Dec 21, 2015

  1. DEFAULT_JSON is now extracted from X_FUNCTION_TEMPLATE

    @eugpermar
    eugpermar committed Dec 21, 2015
    Configuration menu
    Copy the full SHA
    81801dd View commit details
    Browse the repository at this point in the history

  2. Added header to rb_numstrpair_list.h

    @eugpermar
    eugpermar committed Dec 21, 2015
    Configuration menu
    Copy the full SHA
    fd503de View commit details
    Browse the repository at this point in the history

  3. Cleaning headers of spo_alert_json.c

    @eugpermar
    eugpermar committed Dec 21, 2015
    Configuration menu
    Copy the full SHA
    44ade9c View commit details
    Browse the repository at this point in the history

Commits on Jan 13, 2016

  1. Deleted deprecated "type" and "trheader" template

    @eugpermar
    eugpermar committed Jan 13, 2016
    Configuration menu
    Copy the full SHA
    c4bea65 View commit details
    Browse the repository at this point in the history

Commits on Jan 14, 2016

  1. Deleted AlertJSONConfig, never used

    @eugpermar
    eugpermar committed Jan 14, 2016
    Configuration menu
    Copy the full SHA
    63ef7a7 View commit details
    Browse the repository at this point in the history

  2. Created output_template functions that abstract TAILQ behavior

    @eugpermar
    eugpermar committed Jan 14, 2016
    Configuration menu
    Copy the full SHA
    d19a0ee View commit details
    Browse the repository at this point in the history

Commits on Jan 28, 2016

  1. New extraData: EVENT_INFO_FTP_USER

    @eugpermar
    Ana Rey authored and eugpermar committed Jan 28, 2016
    Configuration menu
    Copy the full SHA
    55eb651 View commit details
    Browse the repository at this point in the history

  2. extradata: EVENT_INFO_SMB_UID EVENT_INFO_SMB_IS_UPLOAD

    @eugpermar
    Ana Rey authored and eugpermar committed Jan 28, 2016
    Configuration menu
    Copy the full SHA
    852945d View commit details
    Browse the repository at this point in the history

Commits on Feb 1, 2016

  1. Added compiled, configure, Makefile.in, and compile script to git

    @eugpermar
    eugpermar committed Feb 1, 2016
    Configuration menu
    Copy the full SHA
    75da520 View commit details
    Browse the repository at this point in the history

  2. Updated configure.in to use new librb-http library

    @eugpermar
    eugpermar committed Feb 1, 2016
    Configuration menu
    Copy the full SHA
    ab605f7 View commit details
    Browse the repository at this point in the history

  3. Updating src/rbutil/Makefile.in, deleting rb_kafka.* references

    @eugpermar
    eugpermar committed Feb 1, 2016
    Configuration menu
    Copy the full SHA
    ad18a9d View commit details
    Browse the repository at this point in the history

  4. Removed whitespaces

    @Bigomby
    Bigomby committed Feb 1, 2016
    Configuration menu
    Copy the full SHA
    0b1f424 View commit details
    Browse the repository at this point in the history

  5. Integrated new version of librbhttp

    @Bigomby
    Bigomby committed Feb 1, 2016
    Configuration menu
    Copy the full SHA
    eb3f943 View commit details
    Browse the repository at this point in the history

  6. Merge pull request #4 from Bigomby/Feature/Managing_ExtraData_fields 

    Feature/managing extra data fields
    @eugpermar
    eugpermar committed Feb 1, 2016
    Configuration menu
    Copy the full SHA
    9bb391b View commit details
    Browse the repository at this point in the history

  7. Added many autoconf.sh generated files

    @eugpermar
    eugpermar committed Feb 1, 2016
    Configuration menu
    Copy the full SHA
    8a6997b View commit details
    Browse the repository at this point in the history

Commits on Feb 4, 2016

  1. Fixed invalid free memory 

    1417 ==1438==
1418 ==1438== More than 100 errors detected.  Subsequent errors
1419 ==1438== will still be recorded, but in less detail than before.
1420 ==1438== Invalid free() / delete / delete[] / realloc()
1421 ==1438==    at 0x4C27430: free (vg_replace_malloc.c:446)
1422 ==1438==    by 0x4202DC: AlertJSONCleanup (spo_alert_json.c:1018)
1423 ==1438==    by 0x403EF2: Barnyard2Cleanup (barnyard2.c:1122)
1424 ==1438==    by 0x40428C: SignalCheck (barnyard2.c:1405)
1425 ==1438==    by 0x405E1F: Barnyard2Main (barnyard2.c:395)
1426 ==1438==    by 0x6185D5C: (below main) (in /lib64/libc-2.12.so)
1427 ==1438==  Address 0x79cc8e0 is 0 bytes inside a block of size 24
free'd
1428 ==1438==    at 0x4C27430: free (vg_replace_malloc.c:446)
1429 ==1438==    by 0x4202DC: AlertJSONCleanup (spo_alert_json.c:1018)
1430 ==1438==    by 0x403EF2: Barnyard2Cleanup (barnyard2.c:1122)
1431 ==1438==    by 0x40428C: SignalCheck (barnyard2.c:1405)
1432 ==1438==    by 0x405E1F: Barnyard2Main (barnyard2.c:395)
1433 ==1438==    by 0x6185D5C: (below main) (in /lib64/libc-2.12.so)
    Ana Rey committed Feb 4, 2016
    Configuration menu
    Copy the full SHA
    02140d8 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #5 from anarey/feature/extra_data_bug 

    Fixed invalid free memory
    @eugpermar
    eugpermar committed Feb 4, 2016
    Configuration menu
    Copy the full SHA
    5357d16 View commit details
    Browse the repository at this point in the history

  3. Bug: leak memory. Do not free the eth_vendors_db elemnt 

    ==7242== 1 bytes in 1 blocks are still reachable in loss record 1 of 33
==7242==    at 0x4C27A2E: malloc (vg_replace_malloc.c:270)
==7242==    by 0x61E7EC1: strdup (in /lib64/libc-2.12.so)
==7242==    by 0x5253D3D: rd_memctx_init (in /opt/rb/lib/librd.so)
==7242==    by 0x5F65C9B: rb_new_mac_vendor_db (in /opt/rb/lib/librb_mac_vendors.so.0)
==7242==    by 0x421EA7: AlertJSONParseArgs (spo_alert_json.c:728)
==7242==    by 0x42252A: AlertJSONInit (spo_alert_json.c:360)
==7242==    by 0x413969: ConfigureOutputPlugins (parser.c:609)
==7242==    by 0x405654: Barnyard2Init (barnyard2.c:2092)
==7242==    by 0x405DCA: Barnyard2Main (barnyard2.c:325)
==7242==    by 0x6185D5C: (below main) (in /lib64/libc-2.12.so)
    Ana Rey committed Feb 4, 2016
    Configuration menu
    Copy the full SHA
    4469f7a View commit details
    Browse the repository at this point in the history

Commits on Feb 15, 2016

  1. Release memory in kafka

    @anarey
    Ana Rey authored and anarey committed Feb 15, 2016
    Configuration menu
    Copy the full SHA
    cb2f2bd View commit details
    Browse the repository at this point in the history

  2. Merge pull request #7 from anarey/feature/extra_data_bug2 

    Freeing memory at the end of barnyard2 execution
    @eugpermar
    eugpermar committed Feb 15, 2016
    Configuration menu
    Copy the full SHA
    8f0d510 View commit details
    Browse the repository at this point in the history

  3. extradata: deleted "<" and ">" caracteres in email_sender element 

    Exmaple:
  "email_sender": "ejimenez@redborder.net",

Old format:
  "email_sender": "<ejimenez@redborder.net>",
    @anarey
    Ana Rey authored and anarey committed Feb 15, 2016
    Configuration menu
    Copy the full SHA
    76bffce View commit details
    Browse the repository at this point in the history

  4. extradata: email_destination in an array 

    Example:
"email_destinations":"[\"rcpt1@redborder.net\",\"rcpt2@redborder.net\",\"rcpt3@redborder.net\"]"
"email_destinations":"[\"malware@redborder.net>\"]"
    @anarey
    Ana Rey authored and anarey committed Feb 15, 2016
    Configuration menu
    Copy the full SHA
    4a1ec75 View commit details
    Browse the repository at this point in the history

Commits on Feb 16, 2016

  1. Merge pull request #8 from anarey/feature/email-destinations 

    Feature/email destinations
    @eugpermar
    eugpermar committed Feb 16, 2016
    Configuration menu
    Copy the full SHA
    150d5fb View commit details
    Browse the repository at this point in the history

  2. Created printMail function

    @eugpermar
    eugpermar committed Feb 16, 2016
    Configuration menu
    Copy the full SHA
    3fe7c2e View commit details
    Browse the repository at this point in the history

  3. Cleaning EMAIL_DESTINATIONS extradata print case

    @eugpermar
    eugpermar committed Feb 16, 2016
    Configuration menu
    Copy the full SHA
    abd4f8e View commit details
    Browse the repository at this point in the history

  4. Created printMultipleMails function

    @eugpermar
    eugpermar committed Feb 16, 2016
    Configuration menu
    Copy the full SHA
    a859ac8 View commit details
    Browse the repository at this point in the history

Commits on Feb 22, 2016

  1. Fix in Alarm Control for spoolerFireLastEvent()

    Pablo Cantos committed Feb 22, 2016
    Configuration menu
    Copy the full SHA
    888586a View commit details
    Browse the repository at this point in the history

  2. Added spoolerPrint*() functions for debug purposes

    Pablo Cantos committed Feb 22, 2016
    Configuration menu
    Copy the full SHA
    05ac8f1 View commit details
    Browse the repository at this point in the history

  3. Protection added when reading from spooler

    Pablo Cantos committed Feb 22, 2016
    Configuration menu
    Copy the full SHA
    9f5a4b3 View commit details
    Browse the repository at this point in the history

Commits on Feb 23, 2016

  1. Merge branch 'Feature/Managing_ExtraData_fields' of github.com:redBor… 

    …der/barnyard2 into Feature/Managing_ExtraData_fields
    Pablo Cantos committed Feb 23, 2016
    Configuration menu
    Copy the full SHA
    615324e View commit details
    Browse the repository at this point in the history

  2. Added spoolerPrint*Packet() functions for debug purposes

    Pablo Cantos committed Feb 23, 2016
    Configuration menu
    Copy the full SHA
    bc0e9a7 View commit details
    Browse the repository at this point in the history

  3. Some few lines of code fixed

    Pablo Cantos committed Feb 23, 2016
    Configuration menu
    Copy the full SHA
    40d8d26 View commit details
    Browse the repository at this point in the history

Commits on Mar 10, 2016

  1. Added more defaults options

    @Bigomby
    Bigomby committed Mar 10, 2016
    Configuration menu
    Copy the full SHA
    f23a075 View commit details
    Browse the repository at this point in the history

  2. Added newline char to ErrorMessage on HTTP error

    @Bigomby
    Bigomby committed Mar 10, 2016
    Configuration menu
    Copy the full SHA
    d6fb823 View commit details
    Browse the repository at this point in the history

Commits on Mar 15, 2016

  1. Merge pull request #9 from Bigomby/Feature/Managing_ExtraData_fields 

    Added more default options
    @eugpermar
    eugpermar committed Mar 15, 2016
    Configuration menu
    Copy the full SHA
    f327df1 View commit details
    Browse the repository at this point in the history

  2. Printing file_size as json number

    @eugpermar
    eugpermar committed Mar 15, 2016
    Configuration menu
    Copy the full SHA
    1d0f2e5 View commit details
    Browse the repository at this point in the history

Commits on Apr 27, 2016

  1. FIX: printMultipleMails reading beyond limits

    @eugpermar
    eugpermar committed Apr 27, 2016
    Configuration menu
    Copy the full SHA
    4e9c18f View commit details
    Browse the repository at this point in the history

  2. Use printbuf_memappend_escaped in EVENT_INFO_FILE_NAME 

    Before of this, names with characters '\', '"' or control ones (<U+0020)
in it's name would be printed as invalid JSON. With this escape
function. With this escape function, the output will be a valid JSON.
    @eugpermar
    eugpermar committed Apr 27, 2016
    Configuration menu
    Copy the full SHA
    12f2a9a View commit details
    Browse the repository at this point in the history

Commits on Apr 29, 2022

  1. change service script

    David Vanhoucke committed Apr 29, 2022
    Configuration menu
    Copy the full SHA
    c1cddd9 View commit details
    Browse the repository at this point in the history

Commits on May 11, 2022

  1. Adding systemd service

    @manegron
    manegron committed May 11, 2022
    Configuration menu
    Copy the full SHA
    705de4f View commit details
    Browse the repository at this point in the history

Commits on Nov 6, 2023

  1. rpm build

    @davidredborder
    davidredborder committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    ef6ea9a View commit details
    Browse the repository at this point in the history

  2. make compatible with rhel9

    @davidredborder
    davidredborder committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    64470a9 View commit details
    Browse the repository at this point in the history

  3. update spec file

    @davidredborder
    davidredborder committed Nov 6, 2023
    Configuration menu
    Copy the full SHA
    181ff00 View commit details
    Browse the repository at this point in the history

Commits on Nov 8, 2023

  1. Merge pull request #14 from redBorder/Feature/Managing_ExtraData_fields 

    Feature/managing extra data fields
    @manegron
    manegron committed Nov 8, 2023
    Configuration menu
    Copy the full SHA
    d104676 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #15 from redBorder/rhel9 

    Rhel9
    @manegron
    manegron committed Nov 8, 2023
    Configuration menu
    Copy the full SHA
    06f8575 View commit details
    Browse the repository at this point in the history

Commits on Apr 2, 2024

  1. update process rpm creation

    @davidredborder
    davidredborder committed Apr 2, 2024
    Configuration menu
    Copy the full SHA
    bd81df0 View commit details
    Browse the repository at this point in the history

Commits on Apr 11, 2024

  1. add makefile

    @davidredborder
    davidredborder committed Apr 11, 2024
    Configuration menu
    Copy the full SHA
    0b4ea63 View commit details
    Browse the repository at this point in the history

  2. Add gcc into buildrequires

    @manegron
    manegron committed Apr 11, 2024
    Configuration menu
    Copy the full SHA
    294aa24 View commit details
    Browse the repository at this point in the history

  3. Merge pull request #16 from redBorder/improvement/#16872_rpm_package_… 

    …mock

update process rpm creation
    @manegron
    manegron committed Apr 11, 2024
    Configuration menu
    Copy the full SHA
    c639a2b View commit details
    Browse the repository at this point in the history