If you haven't noticed already, the first beta release of what will become barnyard2-1.10 was tagged the other day on github. This was a significant milestone that was only enabled by the OISF team and the generous contributions. Thanks again! I was going to push first beta a week ago but have spent the past few days cleaning up documentation, some old and pesky bugs and even a small utility.

So what are the notable includes/updates from the 1.9 release:

  • A new output plugin for communication with SnortSam instances.
  • Upgraded unified2 handling to latest unified2 standard [1].
  • Improved handling of Sguil agent registration timeouts. Thanks (Victor Julian)

Some other worthy mentions from the previous stable release include:

  • Fixed signature loading issue that resulted in a rogue space being appended to messages.
  • Fixed compile issue with IPv6 enabled.
  • Fixed compile issue with TCL and PostgreSQL combinations
  • Added support for new DLT_IPV4 and DLT_IPV6 link types introduced with Snort's new DAQ library.

The old project pages are still being reworked with the server change, so if you want to try it out you will need to become a little familiar with github (it'll be worth it).

So please go forth, download, compile, use and abuse. Be sure to send any feedback good or otherwise back to us.

[1] No output plugins currently utilise the extra data.