[opensuse-factory] New package : Prelude SIEM
Hello, I'm new in the openSuse community. Since the begining of this year, and because there is a new fresh version of Prelude SIEM (https://www.prelude-siem.org), I want to package it into openSuse. Thanks to Greg Freemyer, I learned many things about packging on openSuse and it's building process. For now, all Prelude SIEM modules are in server:monitoring project and I pushed them to Factory : - libprelude : Just added to Factory and Leap 42.2 - libpreludedb : waiting for legal review in SR 405816 - prelude-manager : in review in SR 423498 - prelude-lml : in review in SR 423499 - prelude-lml-rules : in review in SR 423500 - prelude-correlator : in review in SR 423501 - prewikka : in review in SR 423502 I hope there is still time to add all of this packages to Leap 42.2. Regards -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Sun, Aug 28, 2016 at 3:26 AM, Thomas Andrejak <thomas.andrejak@gmail.com> wrote:
Hello,
I'm new in the openSuse community. Since the begining of this year, and because there is a new fresh version of Prelude SIEM (https://www.prelude-siem.org), I want to package it into openSuse.
Thanks to Greg Freemyer, I learned many things about packging on openSuse and it's building process.
For now, all Prelude SIEM modules are in server:monitoring project and I pushed them to Factory : - libprelude : Just added to Factory and Leap 42.2 - libpreludedb : waiting for legal review in SR 405816 - prelude-manager : in review in SR 423498 - prelude-lml : in review in SR 423499 - prelude-lml-rules : in review in SR 423500 - prelude-correlator : in review in SR 423501 - prewikka : in review in SR 423502
I hope there is still time to add all of this packages to Leap 42.2.
Thomas, My understanding is that as long as the sources in the devel package haven't changed you can go ahead and submit those packages directly from the devel project to Leap 42.2 now. I assume those SRs won't get accepted until the SRs to factory are accepted, but it may save some time at that point. Also, you once told me you had a suricata package I could take over and submit to factory. I don't see it in your home project currently? Good Luck Greg -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, For suricata, I have to push it back into my project, I will do it soon. For prelude-lml prelude-manager and prelude-correlator, I want to push selinux rules but I can't find out how to solve my issue. Do you know someone tha tcan help me ? Regards Thomas 2016-08-31 0:38 GMT+02:00 Greg Freemyer <greg.freemyer@gmail.com>:
On Sun, Aug 28, 2016 at 3:26 AM, Thomas Andrejak <thomas.andrejak@gmail.com> wrote:
Hello,
I'm new in the openSuse community. Since the begining of this year, and because there is a new fresh version of Prelude SIEM (https://www.prelude-siem.org), I want to package it into openSuse.
Thanks to Greg Freemyer, I learned many things about packging on openSuse and it's building process.
For now, all Prelude SIEM modules are in server:monitoring project and I pushed them to Factory : - libprelude : Just added to Factory and Leap 42.2 - libpreludedb : waiting for legal review in SR 405816 - prelude-manager : in review in SR 423498 - prelude-lml : in review in SR 423499 - prelude-lml-rules : in review in SR 423500 - prelude-correlator : in review in SR 423501 - prewikka : in review in SR 423502
I hope there is still time to add all of this packages to Leap 42.2.
Thomas,
My understanding is that as long as the sources in the devel package haven't changed you can go ahead and submit those packages directly from the devel project to Leap 42.2 now.
I assume those SRs won't get accepted until the SRs to factory are accepted, but it may save some time at that point.
Also, you once told me you had a suricata package I could take over and submit to factory. I don't see it in your home project currently?
Good Luck Greg -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, I'm waiting for legal review in staging 443 since a long time ( more than 2 month for libpreludedb ). Is it possible to take time to do it ? Thanks a lot Regards Thomas 2016-08-28 9:26 GMT+02:00 Thomas Andrejak <thomas.andrejak@gmail.com>:
Hello,
I'm new in the openSuse community. Since the begining of this year, and because there is a new fresh version of Prelude SIEM (https://www.prelude-siem.org), I want to package it into openSuse.
Thanks to Greg Freemyer, I learned many things about packging on openSuse and it's building process.
For now, all Prelude SIEM modules are in server:monitoring project and I pushed them to Factory : - libprelude : Just added to Factory and Leap 42.2 - libpreludedb : waiting for legal review in SR 405816 - prelude-manager : in review in SR 423498 - prelude-lml : in review in SR 423499 - prelude-lml-rules : in review in SR 423500 - prelude-correlator : in review in SR 423501 - prewikka : in review in SR 423502
I hope there is still time to add all of this packages to Leap 42.2.
Regards -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, 2016-09-16 at 07:37 +0200, Thomas Andrejak wrote:
Hello,
I'm waiting for legal review in staging 443 since a long time ( more than 2 month for libpreludedb ).
Is it possible to take time to do it ? Do you?
The last submission is like 24 hours old: State: review 2016-09-15T09:33:15 dimstar_suse Comment: Being evaluated by staging project "openSUSE:Factory:Staging:adi:443" 2016-09-15T08:26:33 totol Request created The age of a request is the only valid measurement - you can submit it for a year and create daily a new request - the only thing that is left is a one-day old request. Funnily enough, legal had JUST accepted the previous request 405816 2 days ago - then you submitted it with a changed license yesterday? So, yes, a new request - a new license choice by you - and legal will have to re-evaluate. Cheers, Dominique
Really sorry, I miss this. I just saw "Review got accepted" by "babelwox" but I don't make the link with legal review. I update this package because he made a global remarks in SR #424726 I will do better next time ! Thanks to all teams :) Regards Thomas 2016-09-16 9:27 GMT+02:00 Dominique Leuenberger / DimStar <dimstar@opensuse.org>:
On Fri, 2016-09-16 at 07:37 +0200, Thomas Andrejak wrote:
Hello,
I'm waiting for legal review in staging 443 since a long time ( more than 2 month for libpreludedb ).
Is it possible to take time to do it ?
Do you?
The last submission is like 24 hours old:
State: review 2016-09-15T09:33:15 dimstar_suse Comment: Being evaluated by staging project "openSUSE:Factory:Staging:adi:443"
2016-09-15T08:26:33 totol Request created
The age of a request is the only valid measurement - you can submit it for a year and create daily a new request - the only thing that is left is a one-day old request.
Funnily enough, legal had JUST accepted the previous request 405816 2 days ago - then you submitted it with a changed license yesterday? So, yes, a new request - a new license choice by you - and legal will have to re-evaluate.
Cheers, Dominique -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, 2016-09-16 at 09:54 +0200, Thomas Andrejak wrote:
Really sorry, I miss this. I just saw "Review got accepted" by "babelwox" but I don't make the link with legal review. I update this package because he made a global remarks in SR #424726
I will do better next time !
No worries at all - I saw there was also a review bot that was not happy with the old submissions anyway (some conflicts) - I'll check if this issue is fixed now too. (the error was: found conflict of libprelude23-3.0.0-1.4.x86_64 with prelude- correlator-3.0.1-1.1.noarch: - /var/spool/prelude [mode mismatch: d711 root:root, d755 root:root] found conflict of libprelude23-3.0.0-1.4.x86_64 with prelude-manager- 3.0.0-1.2.x86_64: - /var/spool/prelude [mode mismatch: d711 root:root, d755 root:root] ) The same directory owned by two packages - but installing different modes. Cheers, Dominique
Thanks for validating all modules ! Next step : Leap 42.2 :) Regards Thomas 2016-09-16 10:02 GMT+02:00 Dominique Leuenberger / DimStar <dimstar@opensuse.org>:
On Fri, 2016-09-16 at 09:54 +0200, Thomas Andrejak wrote:
Really sorry, I miss this. I just saw "Review got accepted" by "babelwox" but I don't make the link with legal review. I update this package because he made a global remarks in SR #424726
I will do better next time !
No worries at all - I saw there was also a review bot that was not happy with the old submissions anyway (some conflicts) - I'll check if this issue is fixed now too.
(the error was: found conflict of libprelude23-3.0.0-1.4.x86_64 with prelude- correlator-3.0.1-1.1.noarch: - /var/spool/prelude [mode mismatch: d711 root:root, d755 root:root] found conflict of libprelude23-3.0.0-1.4.x86_64 with prelude-manager- 3.0.0-1.2.x86_64: - /var/spool/prelude [mode mismatch: d711 root:root, d755 root:root] )
The same directory owned by two packages - but installing different modes.
Cheers, Dominique -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Sep 16, 2016 at 6:26 AM, Thomas Andrejak <thomas.andrejak@gmail.com> wrote:
Thanks for validating all modules !
Next step : Leap 42.2 :)
Regards
Thomas
Congratulations Thomas! Maybe it will eventually also get into SLES. I know nothing about how that is done, but I think Prelude being in Factory makes it far more likely, and SLES should have at least one SIEM option. Greg -- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
participants (3)
-
Dominique Leuenberger / DimStar -
Greg Freemyer -
Thomas Andrejak