| Name : perl-XML-IDMEF
| |
| Version : 0.11
| Vendor : obs://build_opensuse_org/devel:languages:perl
|
| Release : 6.1
| Date : 2015-01-23 18:04:26
|
| Group : Development/Libraries/Perl
| Source RPM : perl-XML-IDMEF-0.11-6.1.src.rpm
|
| Size : 0.09 MB
| |
| Packager : (none)
| |
| Summary : A module for building/parsing IDMEF messages
|
Description :
IDMEF.pm is an interface for simply creating and parsing IDMEF messages.
IDMEF is an XML based protocol designed mainly for representing Intrusion
Detection (IDS) alert messages (http://www.silicondefense.com/idwg/).
IDMEF.pm is compliant with IDMEF v1.0, and hence provides calls for
building Alert, ToolAlert, CorrelationAlert, OverflowAlert and Heartbeat
IDMEF messages.
This API has been designed for simplifying the task of translating a
key-value based format to its idmef representation, which is the most
common situation when writing a log export module for a given IDS software.
A typical session involves the creation of a new IDMEF message, the
initialisation of some of its fields and the addition of new IDMEF tags to
this message, while parsing some other native message.
An interface to load and parse an IDMEF message is also provided.
The API used in XML::IDMEF is in no way standard. It does not follow any of
the SAX or DOM philosophy, since it is neither based on a tree
representation nor on an event oriented parser (at least as seen from the
outside). It instead gives a linear approach toward the XML object, and
uses inbuilt knowledge about a given XML DTD (IDMEF in our case) to make
proper choices when building the message. This simplifies the task of
building weel formed XML messages, by taking care on your behalf of tasks
such as building intermediary nodes in an XML tree, or inserting nodes in
the right, DTD compliant order.
This module contains a generic XML DTD parser and includes a simplified
node based representation of the IDMEF DTD. It can hence easily be upgraded
or extended to support new XML nodes or other DTDs. For information on how
to use the XML::IDMEF API with other XML DTDs, read the documentation in
the source code :) Yet, beware that the internal DTD representation is a
*simplified* DTD, and can not translate all the subtilities that may be
defined in XML DTDs. This representation is enough for representing most
simple DTDs, such as IDMEF, but not for more complex DTDs. In particular,
it considers all attributes as of type CDATA, and does not support complex
children ordering and occurence policies.
This code is distributed under the BSD license.
|
RPM found in directory: /packages/linux-pbone/ftp5.gwdg.de/pub/opensuse/repositories/devel:/languages:/perl:/CPAN-X/openSUSE_13.2/noarch |
Hmm ... It's impossible ;-) This RPM doesn't exist on any FTP server
Provides :
perl(XML::IDMEF)
perl-XML-IDMEF
Requires :
