Hello there,
Best possible manner to preserve the info is in xmls. The info could be stored
in Tags/Attribute/Values which is also easy to process/query. Using XML is
scalable, flexible.
A typical xml could look like
<Server>
<IP>10.10.220.10</>
<Total sessions>""</>
<userinfo>
<name>testing</>
<accessed file>File2</>
<accessed file>File2</>
........
and so on.
But for this your IDS needs to have XML parsing support.
------------------------------------------------------------------------
Test Your IDS
Is your IDS deployed correctly?
Find out quickly and easily by testing it
with real-world attacks from CORE IMPACT.
Go to
http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw
to learn more.
------------------------------------------------------------------------
