Skip to content
davidstelter edited this page Sep 13, 2010 · 9 revisions

Milestones

These are major project milestones which must be achieved in order for the project to succeed.

1: Object-Relational Mapping

Target completion date: 06/29/09

First off, must grok the existing Snort DB schema. Then make Rails/ActiveRecord talk to it. This might be pretty easy thanks to ActiveRecord’s neato schema discovery stuff, but there are bound to be some gotchas.

Potential difficulties:

  • ActiveRecord’s assumptions about table & column names.
  • ActiveRecord’s unwillingness to work with composite primary keys.

Status:

  • Now essentially complete
  • Individual tables are mapped to objects, table & object naming issues sorted out. (06/25/09)
  • Investigating Composite Primary Keys, a free Rails addon.
    This is working pretty well, though I had to “help” ActiveRecord out as one of the composite key associations failed to work correctly.
    Specifically, I couldn’t get Iphdr to successfully find its associated Event without writing a method that performs an explicit Event.find.
    Weird, but it works for now.
    (Update) Composite keys working pretty flawlessly, the problem with Event above was a typo…

2: Basic Web Page (Completed)

Get a page up, something simple with a few statistics like total number of alerts, unique alerts, unique src IPs, etc. From this view start creating links to other views, such as per-alert listings, basically clone the basics of Acid/Base.

3: Create basic usage and installation docs (Target: 2009-08-14)

  • simple explanations of things like the IP/mask fields, dates, interlinking, etc.
  • figure out streamlined DB setup & document
  • docs on basic code layout