I discovered an issue with the tool I wrote about last June. I've updated kippo-log2db.pl correcting an error where it was populating the sensor column of the session table improperly. I discovered the error after loading some data into MySQL and then attempting to use Ion's kippo2elasticsearch script to move the data into ElasticSearch. I've also discovered an anomaly that I have not yet taken up with the kippo author, why is the sensor colum in the session table int(4) when the id column of the sensor table isint(11)? Since I only have a handful of sensors, it hasn't impacted me, but if you have an installation with a huge number of sensors, this could become a problem. Anyway, get the new version and if you've imported data using the old version, you may need to reimport. Sorry about that.
References:
'취약점 정보2' 카테고리의 다른 글
| Komodia Redirector with SSL Digestor fails to properly validate SSL and installs non-unique root CA certificates and private keys (0) | 2015.02.21 |
|---|---|
| DNS-based DDoS (0) | 2015.02.21 |
| BURP 1.6.10 Released (0) | 2015.02.09 |
| Automotive Security: Connected Cars Taking the Fast Lane (0) | 2015.02.06 |
| Adobe Flash Player Update Released, Fixing CVE 2015-0313 (0) | 2015.02.05 |