Skip to content

Commit 4ef1723

Browse files
author
Risto Vaarandi
committed
version 2.9.alpha1
1 parent dcf6f0e commit 4ef1723

4 files changed

Lines changed: 1961 additions & 861 deletions

File tree

ChangeLog

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,26 @@
1+
--- version 2.9.alpha1
2+
3+
* added support for 'cmdexec', 'spawnexec', 'cspawnexec', 'pipeexec'
4+
and 'reportexec' actions.
5+
6+
* added support for 'shell' field in SingleWithScript rules.
7+
8+
* added support for 'egptype' and 'egpattern' fields in EventGroup rules.
9+
10+
* added support for %.sp built-in action list variable.
11+
12+
* added ipv6 support for 'tcpsock' and 'udpsock' actions.
13+
14+
* bugfixes for 'write', 'writen', 'owritecl', 'udgram', 'ustream',
15+
'udpsock' and 'tcpsock' actions.
16+
17+
* starting from this version, a program provided with --timeout-script
18+
command line option is executed without shell interpretation.
19+
20+
* starting from this version, SEC uses Perl JSON::PP module instead of
21+
JSON module (JSON::PP is included in the standard Perl installation).
22+
23+
124
--- version 2.8.3
225

326
* added support for collecting rule performance data, and

README

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
SEC (Simple Event Correlator) 2.8.3
1+
SEC (Simple Event Correlator) 2.9.alpha1
22

33
Introduction:
44
-------------
@@ -27,11 +27,9 @@ work on other OS platforms.
2727
Because SEC is not tested against ancient Perl releases, it is recommended
2828
to run SEC with at least Perl 5.8 (see https://www.perl.org for the latest
2929
stable release).
30-
SEC uses Perl Getopt, POSIX, Fcntl, Socket, IO::Handle, and Sys::Syslog
31-
modules which are included in the standard Perl installation (the presence
32-
of Sys::Syslog is optional). Since the 2.8 version, SEC also employs Perl
33-
JSON module for producing dumpfiles in JSON format, but the presence of this
34-
module is optional.
30+
SEC uses Perl Getopt, POSIX, Fcntl, Socket, IO::Handle, Sys::Syslog, and
31+
JSON::PP modules which are included in the standard Perl installation
32+
(the presence of Sys::Syslog and JSON::PP is optional).
3533

3634
Files in this package:
3735
----------------------
@@ -59,6 +57,6 @@ The author also thanks the following people for supplying software patches,
5957
documentation fixes, and suggesting new features:
6058
Al Sorrell, Brian Mielke, David Lang, James Brown, Jon Frazier, Mark D. Nagel,
6159
Peter Eckel, Rick Casey, and William Gertz.
62-
Last but not least, the author expresses his profound gratitute to
60+
Last but not least, the author expresses his profound gratitude to
6361
John P. Rouillard for many great ideas and creative discussions that have
6462
helped to develop SEC.

0 commit comments

Comments
 (0)