- preludedb-admin has a bew 'count' command, printing the result of a
COUNT() on the database.
- preludedb-admin work on smaller set of data, to prevent large
retrieval error (fix#220, refs #305).
- preludedb-admin handling of interrupted transaction was improved.
- Fix MySQL and SQLite MacOSX detection, by
Uwe Schwartz <usx303 at googlemail.com>. (fix#296).
- Source and Target now use a 16 bits index (required for CorrelationAlert with
large number of source/target). CorrelationAlert Alertident now use a 32 bits
index (required to link large number of Alert together).
- Fix compilation on system without ENOTSUP (fix#227):
Include modified patch from Alexandre Anriot <aanriot@atlantilde.com>.
conversions preventing PostgreSQL to use indexes (fix#225).
- [preludedb-admin] Use separate alert / heartbeat command: this is done to
have a coherent implementation of the --offset and --count command line
options.
- [preludedb-admin] Fix --offset with the load command.
- [preludedb-admin] Give the delete table a decent size, should speedup the
delete command.
- [documentation] preludedb-admin manpage (fix#230), by Pierre Chifflier
<chifflier@inl.fr>.
- Fix preludedb-admin copy/move operations
- Fix a Python binding memory leak upon alert list deletion.
- Various bugfixes.
- Various portability fixes.
- Implement an idea from Lex van Roon <r3boot@r3blog.nl.eu.org> providing
an alert/heartbeat deletion performance improvement in the order of
3000% (preludedb-admin already benefit from it, next Prewikka release
will benefit from it too).
- Fix --with-(perl|python|swig) detection path ordering.
- Verbose error reporting on logfile opening error.
- Various bug fixes.
these indices web browser will often timeout before delete operation completes.
Update to libpreludedb 0.9.8. Changes:
- Always use prelude_escape_binary() when inserting additional data, even in case
we're inserting a string, since the database field might be of a type that require
binary kind of escaping. Fix#143.
- Implement reading of message_processing_model, security_model, security_level.
Handling of community member is deprecated (IDMEFv16 update).
- Fix a bug where Service->ip_version would not be read from database.
- Error reporting improvement.
Changes:
- Fix Perl/Python bindings uint64 handling on 32 bits machine.
- Make preludedb_check_version available from Perl/Python bindings.
- Use new IDMEF_LIST_APPEND primitive, require libprelude 0.9.6.
- Add libprelude dependencie to SQL plugins, since they depend on
libprelude symbols. Fix compilation problem with some distribution.
- Use global transaction surrounding all operation in preludedb-admin,
this bring a major performance improvement for insert operation.
- API improvement.
Changes:
- Fix PostgreSQL plugin compilation problem.
- Update database schema: enforce that AdditionalData data field is not NULL.
- Improve Swig basic type mapping situation regarding to the target architecture.
- Fix query time calculation.
Changes:
* libpreludedb-0.9.5.1:
- Correctly read database schema version.
* libpreludedb-0.9.5:
- Fix important memory leak in Python bindings, Prewikka should end-up
consuming way less memory than it used to.
- Fix PostgreSQL plugin compilation problem.
- Fix for preludedb-admin --count handling when --offset was used.
- Provide more information in preludedb-admin error message.
- Various cleanup.
- Fix for filtering IDMEF field using the '!=' operator, which resulted in
filtering of events where the field did not exist (#129).
- Implement a "move" command in preludedb-admin.
- When SQL query logging is enabled, log the time taken to execute the query.
- Improve plugin API by making it opaque so that existing plugin don't break
if we add more SQL plugin function.
- Verbose error reporting, make the plugin error API viable for more drivers.
- Fix error reporting from perl and python bindings.
- Make libpreludedb header files c++ compiler friendly.
- Enforce listed IDMEF value ordering. IDMEF value were sometime unordered
because of an uninitialized list position problem.
- More accurate error reporting in preludedb-admin.
- Fix NULL error in case the buffer is too small, truncate.
- Fix license notice, stating clearly that linking from a program
using a GPL compatible license is allowed. Required for Debian package
inclusion.
The PreludeDB Library provides an abstraction layer upon the type and
the format of the database used to store IDMEF alerts.
sensors, managers, and a display console. This
is Prelude DB Library. It allow the interface
allowing Prelude to use a DBMS for alert storage.
While libprelude support a choice of MySQL or
postgreSQL, this package uses MySQL because it
was nearly an order of magnitude faster during
test operation.
This is one of several new packages in the Prelude family.
