Bug#220036: ITP: mudpit -- Spool processor for Snort's unified log/alert files
On Mon, 2003-11-10 at 14:20, Roberto Moreda wrote:
> * Package name : mudpit
> Description : Spool processor for Snort's unified log/alert files
De-capitalize "Spool."
> Mudpit is a modular spool processor for log/alert files generated by
> Snort IDS using the unified output format. Among its features:
>
> * Ability to process both alert and log files in parallel,
> choosing one that contains more information on a particular
> event.
> * Ability to independently handle outputs of more than one
> Snort processes on the same computer under separate permission sets.
> * Stability, including support for automatic recovery from network
> failures and outages with no information loss (checkpoints).
> * Modularity and ability to assign more than one output plugin to each
> spool processor.
> * A generic locking facility that allows separate spool processors
> to write to the same back-end database simultaneously.
This is a good overview of what Mudpit can do, but is worded fairly
awkwardly. I'd suggest putting this in sentence form, possibly still
within bullets (though I hate the powerpoint-ization of the language).
For example:
... Among its features are:
* The ability to process both alert and log files in parallel,
choosing the one which contains the most information on a
particular event.
I'm not actually sure whether stylistically, "The" should be capitalised
in that bullet. -l10n-english CC:d.
--
Joe Drew <hoserhead@woot.net> <drew@debian.org>
My weblog doesn't detail my personal life: http://me.woot.net
Reply to: