[Oisf-wg-configuration_language] Configuration Structure
Jason Ish
jason.ish at endace.com
Thu Aug 6 21:26:00 UTC 2009
On Thu, Aug 6, 2009 at 12:36 PM, Matt Jonkman <jonkman at jonkmans.com> wrote:
> Nick Rogness wrote:
> > Maybe the question should be who is the intended user base in the short
> and long term? If it is just unix geeks like us, then XML is not the
> answer. Then again, snort is already built for unix geeks. Is the goal to
> just develop a snort++ or address a more broad audience??
>
> We're not looking to make a snort++, but we do need to stay compatible
> in many ways. Config thankfully isn't one of them.
>
> As for the audience, Security folks I'd say. I don't think we're
> possibly ever going to make ids simple and user friendly enough for the
> average joe computer user to config one.
>
> We MAY be able to make it easy enough for the average IT guy (MCSE) to
> do it though. I think that'll come along with the web based config tool,
> or some very intelligent defaults.
>
> But I don't think we need to consider that now. Unix geeks and security
> people I think should be the target audience for the config language.
> The rest we'll get with teh web config tool in phase 2.
It might make sense to consider the people who may work on a web
configuration tool in phase 2. Any strict format that we can achieve with
flex/bison, yaml or XML will be appreciated by the developer of a config
tool. But yaml and XML will probably shine for such a person. They don't
have to worry about grammar or a parser, tools will do that for them and
they only need to work with the data. Plus generating a configuration file
will also be trivial as yaml and XML parsers usually also come with an
emitter.
In this resect, YAML might be a good middle-ground, despite the fact that it
cares about whitespace. It'll provide an easily parsed config file for the
tool writers out there due to the availability of YAML parsers, yet it is
easily edited in a text editor - even easier if you use a YAML aware editor
like emacs in yaml-mode.
Hmm, I had no intention of this sounding like a go yaml post, as I'm on the
fence here still myself.
Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-wg-configuration_language/attachments/20090806/1cab897e/attachment-0002.html>
More information about the Oisf-wg-configuration_language
mailing list