Sagan version 2.0.2 release / New Ubuntu/Debian PPA / New Discord Channel!

[Da Beave]

Quadrant Information Security is proud to release Sagan 2.0.2!  

You can download the source code from https://download.quadrantsec.com/sagan-2.0.2.tar.gz or from https://github.com/quadrantsec/sagan/tree/2.0.2. 

We also have a new Ubuntu/Debian PPA!  That is located at https://quadrantsec.github.io/ppa/.  

We have also moved our support channel to Discord.   Got questions or comments about Sagan?   Hit us up there at https://discord.gg/n6ReCZED 

• Sagan can now compile with GCC 10 

• When an event is “correlated” (via xbit/flexbit) the offending log and the correlating log are stored in the EVE output. 

• Improved JSON parsing and performance. 

• Major cleanup that resulted in better performance and better memory footprint.  The majority of the code cleanup was around the processors/engine.c 

• Sagan can now take JSON “mapping” from the signature.   This makes for easier JSON rule creation. 

Full release notes can be found at https://github.com/quadrantsec/sagan/releases/tag/v,2,0.2 

Sagan documentation can be found at https://sagan.readthedocs.io

 

[Da Beave]

 We also released a new signature set.  That is at https://rules.quadrantsec.com/sagan-rules-20211230.tar.gz

[Da Beave]

Doh!  The Discord channel link expired.   This the new,  non-expiring,  link :  https://discord.gg/VS6jTjH4gW

--
You received this message because you are subscribed to the Google Groups "sagan-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sagan-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/sagan-users/d753551f-99ab-4491-9176-f7ec7c15855bn%40googlegroups.com.