libpreludedb

preludedb-admin has a new 'count' command, printing the result of a COUNT() on the database. preludedb-admin works on smaller sets of data to prevent large retrieval errors. preludedb-admin handling of interrupted transactions was improved. MySQL and SQLite detection under Mac OS X has been fixed. This release will check whether the PostgreSQL version is greater than or equal to 8.2.0, and use the new E'value' escape method when available to avoid a warning.

Improved thread safety. Python threads may run while executing the libpreludedb C function. The alert.assessment.impact.description database field is able to store more characters. An OpenBSD compilation issue has been fixed. MySQL sessions are prevented from timing out after 8 hours of inactivity. A PostgreSQL warning when inserting binary data has been fixed. In preludedb-admin, it is possible to specify an offset with no limit, a problem handling the offset option with the "load" command has been fixed, and a possible wraparound in statistics computation code has been fixed.

Source and Target now use a 16-bit index (required for CorrelationAlert with large number of sources/targets). CorrelationAlert Alertident now use a 32-bit index (required to link large number of Alerts together). Compilation on systems without ENOTSUP and type conversions preventing PostgreSQL from using indexes are fixed. Separate alert/heartbeat commands are used in preludedb-admin to have a coherent implementation of the --offset and --count command line options. --offset with the load command is fixed. The delete table is a decent size, which should speed up the delete command. A preludedb-admin man page has been added.

Case-insensitive regular expressions are provided
with SQLite3. preludedb-admin can load multiple
files. Substring matching is provided for the
AdditionalData value. An insertion issue for
ProcessArg and File Linkage was fixed. A bug which
occurred when retrieving an empty time field was
fixed. When a given SQL function is not
implemented by the driver, a detailed error
message is returned. Python only get_values,
get_heartbeat_idents, and get_alert_idents were
implemented. The number of rows is returned as
well as the rows in a tuple. A check is made to
ensure that there is an exception to process,
which fixes a crash with Python bindings upon
signal reception.

An invalid free in the SQLite plugin has been fixed. preludedb-admin copy/move operations have been fixed.