Ticket #104 (assigned issue)

Opened 1 year ago

Last modified 1 year ago

Add a "training" mode to the capture code so that it spits out well-formatted exclusion list info

Reported by: xkovah Assigned to: xkovah (accepted)
Priority: normal Milestone: 1.1
Component: HoneyClient::Agent::Integrity Version: none
Severity: none Keywords:
Cc:

Description

As the name says, I would like a way to run capture so that any events it sees it will output in a format suitable for putting in the exclusion list. This way we can simply run it on known-good sites to quickly build an exclusion list which is specific (i.e. not large globs of things regexed together unless we want them to be for performance reasons).

Attachments

Change History

09/25/07 13:19:01 changed by xkovah

  • status changed from new to assigned.

Add/Change #104 (Add a "training" mode to the capture code so that it spits out well-formatted exclusion list info)




Change Properties
Action