Hello,
I've been using this program quite successfully for a few months and really enjoy it. Thank you!
I have a question regarding setting up my own Update Location using a File location instead of HTTP. I have a mixed environment where some older sensors use oinkmaster + svn (ssh mode) to update their rule sets. I also have new sensors that are controlled by IDSPM. Up to this point, whenever I've wanted to update the rules on the IDSPM sensors, I've used cygwin + svn to grab the latest rules/configs from my svn master, then created a new Snort Policy in IDSPM, importing the entire rule set, and then pointing all my IDSPM sensors to the new Snort Policy and then syncing them.
In an effort to simplify this process I began investigating creating my own Update Location, using File type and pointing it to my local svn directory. Unfortunately, when I run Update Policies, I see "Getting Policy Details from Database" and then "Done Checking Policy", but my modified rule files don't change. I'm wondering if I configured it correctly. I've tried the following:
Update Locations
Type | Name | Update Location
File | Local | c:\svn\etc\snort
&
File | Local | c:\svn\etc\snort\snort.conf
but neither helped.
Any instruction or comments would be appreciated.
Thank you.
Note: if you aren't familiar w/ svn, it is also called subversion and is an open-source revision control system. |
|