Difference: SaganTODO (6 vs. 7)

Revision 72011-02-11 - ChampClark

Line: 1 to 1
 
META TOPICPARENT name="WebHome"
Sagan "TODO" list....
Line: 12 to 12
  $EXTERNAL_NET/$HOME_NET support - Possibly other variables to further identify where the traffic is coming from and what to do with it.
Changed:
<
<		Syslog/UDP replay add on - A program, separate and external to Sagan, that'll 'sniff' the network interface for UDP/514 Syslog traffic. If traffic is seen, capture the packet and reply it to another Syslog server. Such a program is useful in pre-setup syslog environments.(Idea credited to Bruce Wink).
>
>		 Syslog/UDP replay add on - A program, separate and external to Sagan, that'll 'sniff' the network interface for UDP/514 Syslog traffic. If traffic is seen, capture the packet and reply it to another Syslog server. Such a program is useful in pre-setup syslog environments.(Idea credited to Bruce Wink). - Added to Sagan 0.1.8
  Need snmptrapd rules - "snmptrapd" write out to syslog. Need rules.
Line: 22 to 22
  Stats - Periodic stats dumped to the /var/log/sagan/sagan.log. Top IP's, SIDs, etc.
Changed:
<
<		PIX/ASA parser - to extract PIX/ASA IP/Port information
>
>		 PIX/ASA parser - to extract PIX/ASA IP/Port information - Being done in 0.1.8 via liblognorm.
  Sguid agent ... Could be cool?
View topic | History: r10 < r9 < r8 < r7 | More topic actions...
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback