Bug #14
sensor.c API rework
Start date:
Due date:
% Done:
0%
Resolution:
fixed
History
#1 Updated by almost 19 years ago
- Status changed from New to Assigned
#2 Updated by Yoann VANDOORSELAERE almost 19 years ago
This is what we came up to after some discussion, comment are greatly appreciated, flames will goes to /dev/null.
1. Configuration files changes/etc/prelude-sensors/ -> /etc/prelude/ /etc/sensor-name/ -> /etc/prelude/sensor-name/ /var/spool/prelude-sensors/ -> /var/spool/prelude/ /etc/prelude-sensors/sensors-default.conf -> splitted in two part: /etc/prelude/defaults/global.conf included by everyone (agents, sensors, managers). /etc/prelude/defaults/manager-client.conf included by agents and sensors.
- Some definitions:
- sensors: monitoring application sending events to a manager.
- managers: application receiving sensors events, and possibly relaying theses events to others manager.
- agents: application connected to a manager, issuing specific task depending on the manager input (correlation agents, counter measure agent).
2. API renaming
- Need to encapsulate sensor.c API in an object.
- This object is used by agents/managers/sensors, and the behavior vary depending on the type
- prelude_client_t seem to encapsulate all of the above.
- conflict with existing prelude_client_t connection API, which should be renamed
#3 Updated by Yoann VANDOORSELAERE almost 19 years ago
- Status changed from Assigned to Closed
- Resolution set to fixed
#4 Updated by Yoann VANDOORSELAERE almost 19 years ago
Fixed in changeset r3717
#5 Updated by Yoann VANDOORSELAERE about 14 years ago
- Project changed from PRELUDE SIEM to Libprelude
- Category deleted (
1)