Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make Snort test mechanism a fully fleshed out object #364

Open
johnwunder opened this issue Aug 26, 2015 · 0 comments
Open

Make Snort test mechanism a fully fleshed out object #364

johnwunder opened this issue Aug 26, 2015 · 0 comments

Comments

@johnwunder
Copy link
Member

  • Add Alternative_IDs: Need a place to put the Snort signature ID or other IDs that are not the STIX UUID
  • Add Title: Signatures need a simple title to identify their purpose
  • Add Short_Description: Can help explain the techniques used in the signature.
  • Add Configurations: Need a place to put detailed configuration information for the Snort engine and processing assumptions (decoded vs. raw, etc)
  • Add Keywords: Keywords are a useful construct to help with searching for or coding a file. They can also be used like custom properties while waiting for updates to the standard.

(suggested by someone who wanted to remain anonymous)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants