[osiris-devel] monitoring host state
Alexei_Roudnev
Alexei_Roudnev at exigengroup.com
Mon Jan 5 22:18:47 EST 2004
I am afraid of treating everything as a regexp. Remember that, no matter
which regexp are you using, '.' and '*' can be in the match and in the file
name.
I prefer to have a simple rule, like my prev. example, by default, and
specify 'regexp' expression explicitly (such as /xx/, for example).
Else, it can cause a lot of consusions.
Alex
----- Original Message -----
From: "Brian Wotring" <brian at shmoo.com>
To: "Osiris Developers" <osiris-devel at lists.shmoo.com>
Sent: Monday, January 05, 2004 7:12 PM
Subject: Re: [osiris-devel] monitoring host state
>
> On Jan 5, 2004, at 7:11 PM, Alexei_Roudnev wrote:
>
> > Few ideas, related to few last issues:
> >
> > (1) let's modify (I can do it) file match so that 'xxx' mathc to
> > '''.../xxx"
> > or "...\xxx" on Windows; I tried to find simple reg-exp function for
> > Win32
> > but it (simple one) does not exists;
>
> I am afraid of making this filter behave differently on different
> platforms. I think a better solution is to find a regex for Windows.
> If regex support doesn't exist, a full path must be specified.
>
> > (3) Windows / Registry. May be, 'services' can be monitored by special
> > command as a special case.
> >
> > (4) There is one more interesting (for IDS) resource - ports opened for
> > LISTEN.
>
> I'll add these the the list of possible features in the future. The
> like the open ports idea. As for the 3.0 release, I think we have
> enough to deal with already.
>
> --
> Brian Wotring ( brian at shmoo.com )
> PGP KeyID: 0x9674763D
>
> _______________________________________________
> osiris-devel mailing list
> osiris-devel at lists.shmoo.com
> https://lists.shmoo.com/mailman/listinfo/osiris-devel
>
More information about the osiris-devel
mailing list