when generating rules it should generate sid-msg.map and then also generate the gen-msg.map

[GoogleCodeExporter]

It would be great if both can be generated at the same time..  Reason for this 
is because barnyard2 uses the gen-msg.map when sending alert notifications 
otherwise you're only going to see the SID

Simple script to generate the gen-msg.map from the output of the sid-msg.map 
generation

The create-sidmap as far as I know is only included in oinkmaster  ; Can these 
tools be included with pulledpork so that everything can be done after the 
rules are updated and generated after being downloaded and local rules parsed.

From oinkmaster

/root/oinkmaster-2.0/contrib/create-sidmap.pl /etc/snort/rules/ > 
/etc/snort/rules/sid-msg.map

cat /etc/snort/rules/sid-msg.map | awk -F '|' '{print "3 || "$1" || "$3}' > 
/etc/snort/rules/gen-msg.map

But this does also strip out certain information from the sid-msg.map which 
would be nice if all is included in the gen-msg.map as well.

Original issue reported on code.google.com by [email protected] on 9 Nov 2013 at 12:11

[GoogleCodeExporter]

Sorry the 3 Value should be a 1 Value

cat /etc/snort/rules/sid-msg.map | awk -F '|' '{print "1 || "$1" || "$3}' > 
/etc/snort/rules/gen-msg.map


But then for any preprocesses are excluded from the sig-msg generation 
initially? so you have to combine and modify the syntax to have all the correct 
information in the gen-msg.map

Original comment by [email protected] on 9 Nov 2013 at 12:26