[Discussion] Output Format

• Previous message (by thread): [Discussion] I think everyone is describing Bro
• Next message (by thread): [Discussion] I think everyone is describing Bro
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I think we may need something like that. Especially if we're moving
toward both IP reputation/history sharing and having a lot of output
points in the engine.

I've also seen JSONs lately for describing bad things in malware. Is
anyone aware of other standards we ought to consider or learn from?

Matt

Jason Lewis wrote:
> Food for thought....  would efforts be better spent developing a common
> format for these types of devices to talk together?   The IDMEF was an
> attempt, but I haven't seen a standard come out.
> 
> http://www.ietf.org/rfc/rfc4765.txt
> 
> jas
> _______________________________________________
> Discussion mailing list
> Discussion at openinfosecfoundation.org
> http://lists.openinfosecfoundation.org/mailman/listinfo/discussion

-- 
--------------------------------------------
Matthew Jonkman
Emerging Threats
Phone 765-429-0398
Fax 312-264-0205
http://www.emergingthreats.net
--------------------------------------------

PGP: http://www.jonkmans.com/mattjonkman.asc

• Previous message (by thread): [Discussion] I think everyone is describing Bro
• Next message (by thread): [Discussion] I think everyone is describing Bro
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]