[Oisf-devel] Classifications and Tags
Martin Holste
mcholste at gmail.com
Wed Mar 23 18:02:25 UTC 2011
>> So we've had discussions about the new classification scheme proposed and donated by Alienvault, that's been well received I think and we've added a few new categories to it. The most current version with a few things added is here:
>>
>> http://www.emergingthreats.net/new_classifications_v2.txt
>>
Cool!
>> The subsequent discussion about using tags in the metadata: directive is also an excellent idea. The fact that rules could then belong to more than one tag/category is a spectacular end result. To implement that though it'll require all of the end products to adapt. So that'll take some time. I think we should go down that road, but in the interim we should most definitely still use the new classifications.
>
Excellent! Count me in if you'd like help.
> Can't seem to find what rule language extension was proposed. Can you
> detail that some more?
>
I brought up tags in the thread "[Emerging-Sigs] New Classification
System Proposal" though I'm not sure I was the first to do so in the
history of the list. In the middle of that thread we discuss possibly
using the metadata keyword.
More information about the Oisf-devel
mailing list