On Tue 2018.09.04 at 11:30 +0100, Stuart Henderson wrote: > On 2018/08/31 08:26, Okan Demirmen wrote: > > Update to 2.8.0 release. > > > * added support for creating dump files in JSON format, and > > the --dumpfjson and --nodumpfjson command line options. > > > > Note JSON is optional, thus I'm keeping it out as a dependency. > > Do you think it's worth mentioning p5-JSON in DESCR?
Good idea; in fact the DESCR is a bit old, so here's a complete diff which updates that too. Work OK? Thanks! Index: Makefile =================================================================== RCS file: /home/open/cvs/ports/sysutils/sec/Makefile,v retrieving revision 1.31 diff -u -p -r1.31 Makefile --- Makefile 19 Dec 2017 14:14:27 -0000 1.31 +++ Makefile 31 Aug 2018 12:18:05 -0000 @@ -2,7 +2,7 @@ COMMENT= simple event correlator -V= 2.7.12 +V= 2.8.0 DISTNAME= sec-${V} CATEGORIES= sysutils MASTER_SITES= https://github.com/simple-evcorr/sec/releases/download/${V}/ Index: distinfo =================================================================== RCS file: /home/open/cvs/ports/sysutils/sec/distinfo,v retrieving revision 1.26 diff -u -p -r1.26 distinfo --- distinfo 19 Dec 2017 14:14:27 -0000 1.26 +++ distinfo 31 Aug 2018 12:18:09 -0000 @@ -1,2 +1,2 @@ -SHA256 (sec-2.7.12.tar.gz) = SrGfDpSZoHHB4H3d1FP6rSzeXn3i/xh/Dq+y0qYVqjg= -SIZE (sec-2.7.12.tar.gz) = 134197 +SHA256 (sec-2.8.0.tar.gz) = v/qpeY1JWuuMFzdCDAPYdnUyqyaFFTeJ8hJYAOeELmE= +SIZE (sec-2.8.0.tar.gz) = 143621 Index: pkg/DESCR =================================================================== RCS file: /home/open/cvs/ports/sysutils/sec/pkg/DESCR,v retrieving revision 1.2 diff -u -p -r1.2 DESCR --- pkg/DESCR 5 Feb 2008 20:45:06 -0000 1.2 +++ pkg/DESCR 4 Sep 2018 11:55:51 -0000 @@ -1,13 +1,20 @@ -SEC is a free and platform independent event correlation tool that was -designed to fill the gap between commercial event correlation systems -and homegrown solutions that usually comprise of a few simple shell -scripts. SEC accepts input from regular files, named pipes, and -standard input, making it suitable to employ with any application that -is able to write its output to a file stream. The SEC configuration is -stored in text files as rules, each rule specifying an event matching -condition, an action list, and optionally a Boolean expression whose -truth value decides whether the rule can be applied at a given moment. -Regular expressions are used for defining event matching conditions, and -output events can be produced by executing user-specified shell scripts -or programs (e.g., snmptrap or mail), by writing messages to pipes or -files, and by various other means. +SEC is an event correlation tool for advanced event processing which can be +harnessed for event log monitoring, for network and security management, for +fraud detection, and for any other task which involves event correlation. Event +correlation is a procedure where a stream of events is processed, in order to +detect (and act on) certain event groups that occur within predefined time +windows. Unlike many other event correlation products which are heavyweight +solutions, SEC is a lightweight and platform-independent event correlator which +runs as a single process. The user can start it as a daemon, employ it in shell +pipelines, execute it interactively in a terminal, run many SEC processes +simultaneously for different tasks, and use it in a wide variety of other ways. + +SEC reads lines from files, named pipes, or standard input, matches the lines +with patterns (like regular expressions or Perl subroutines) for recognizing +input events, and correlates events according to the rules in its configuration +file(s). SEC can produce output by executing external programs (e.g., snmptrap +or mail), by writing to files, by sending data to TCP and UDP based servers, by +calling precompiled Perl subroutines, etc. + +Note that the --dumpfjson option requires the presence of the Perl JSON module, +available via the p5-JSON package.