The snort parser now can handle multiple alerts at once.
Snort uses a log buffer to write to it's alert file. As a result of this,
when detecting multiple events at a very short time, multiple alerts will
be written at once to the alert file.
The single alerts now will be seperated and parsed individually. The attackers
IP-address (currently only IPv4) and the reported reason will be obtained from
the alert and stored to be returned to the main parser function.
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
projects / people / stevee / guardian.git / commit
