rule-update: run PulledPork with -P option to process tarball #552

Closed
GoogleCodeExporter opened this Issue Mar 24, 2015 · 3 comments

Comments

Projects
None yet
1 participant
@GoogleCodeExporter
rule-update: run PulledPork with -P option to process tarball

Original issue reported on code.google.com by doug.bu...@gmail.com on 16 Jun 2014 at 11:41

@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

"The most significant change that you are likely to notice deals with how 
PulledPork now processes the rules tarball.  In the previous versions of 
PulledPork when you would run the application it would process the rules 
tarball as designated in your configuration, regardless of whether or not the 
source tarball had changed (no new rules tarball for example).  With the new 
changes the source rules tarball is ONLY processed if it is new/changed OR if 
you specify the -P runtime flag.  So for tuning exercises or out of band runs 
when the source tarball is unchanged, you MUST specify the -P flag for any 
processing to occur."

http://blog.snort.org/2013/09/pulledpork-070-released-include.html

Original comment by doug.bu...@gmail.com on 16 Jun 2014 at 11:42

  • Added labels: ****
  • Removed labels: ****
"The most significant change that you are likely to notice deals with how 
PulledPork now processes the rules tarball.  In the previous versions of 
PulledPork when you would run the application it would process the rules 
tarball as designated in your configuration, regardless of whether or not the 
source tarball had changed (no new rules tarball for example).  With the new 
changes the source rules tarball is ONLY processed if it is new/changed OR if 
you specify the -P runtime flag.  So for tuning exercises or out of band runs 
when the source tarball is unchanged, you MUST specify the -P flag for any 
processing to occur."

http://blog.snort.org/2013/09/pulledpork-070-released-include.html

Original comment by doug.bu...@gmail.com on 16 Jun 2014 at 11:42

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Submitted for testing:

https://groups.google.com/d/topic/security-onion-testing/CK1e5OG4LPg/discussion

https://groups.google.com/d/topic/security-onion-testing/piRYj-7Ar8M/discussion

Original comment by doug.bu...@gmail.com on 8 Jul 2014 at 11:07

  • Added labels: ****
  • Removed labels: ****
Submitted for testing:

https://groups.google.com/d/topic/security-onion-testing/CK1e5OG4LPg/discussion

https://groups.google.com/d/topic/security-onion-testing/piRYj-7Ar8M/discussion

Original comment by doug.bu...@gmail.com on 8 Jul 2014 at 11:07

  • Added labels: ****
  • Removed labels: ****
@GoogleCodeExporter

This comment has been minimized.

Show comment
Hide comment
@GoogleCodeExporter

GoogleCodeExporter Mar 24, 2015

Published:
http://blog.securityonion.net/2014/07/new-securityonion-pulledpork-and.html

Original comment by doug.bu...@gmail.com on 8 Jul 2014 at 11:19

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Published:
http://blog.securityonion.net/2014/07/new-securityonion-pulledpork-and.html

Original comment by doug.bu...@gmail.com on 8 Jul 2014 at 11:19

  • Changed state: Verified
  • Added labels: ****
  • Removed labels: ****
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment