Wait, you're getting rid of the built in rules? That was the entire reason I was using OSSEC, some auto classification. Otherwise I'd just have saved a lot of pain and used syslog...
James Pulver ________________________________________ From: [email protected] <[email protected]> on behalf of dan (ddp) <[email protected]> Sent: Monday, March 10, 2014 12:43 PM To: [email protected] Subject: Re: [ossec-list] Release process ? and time to cut a release On Mon, Mar 10, 2014 at 11:40 AM, Jason Frisvold <[email protected]> wrote: > Michael Starks wrote: >>> I don't understand. Some of the are major yes and some of them change >>> the contract with the users. Example install will be different, rules >>> have been removed, and much much more. This means new version not a bug >>> fix release. So I say release 2.8. > > I missed the beginning of this conversation, so maybe this was > answered.. I see mention of rules being removed. Uh.. why? Removing > core rules can be problematic, especially if users are depending on > them. Is there something planned to provide feedback about removed rules? > Because the rules and decoders were broken and horrible and should never have been included in the first place. Anyone who is using them has probably modified them by now. I'm also not sure they worked for anything other than the things I was playing with at the time, so I can't imagine anyone is actually using them for production anything at this point. They've also lead one user to believe we supported something when we did not actually support it. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout. -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
