|
STATL Parser
|
A tool, implemented in Java,
that translates STATL scenarios into C++ scenario
plugins. The scenario plugins can then be compiled and
loaded into a STAT-based application.
|
|
STAT Core
|
The STAT core is the runtime of the STATL
language, which implements the domain-independent
characteristics of STATL. The STAT Core performs
the actual runtime intrusion detection analysis process by matching
an incoming stream of events against a number of scenario
plugins. A running instance of the STAT Core is dynamically
extended to build a STAT-based application.
|
|
STATed Editor
|
A graphical editor for STATL scenarios. STATed is written in Java.
|
|
xSTAT
|
A generic STAT-based application. xSTAT can be
extended with other modules to create a complete STAT-based application
without having to develop a single line of code.
|
|
Test Extension
|
An example STATL language extension. This
extension can be used as a guideline to develop new language
extensions.
|
|
Test Provider
|
An example STAT event provider
module. This provider can be used as a guideline to develop new event
providers.
|
|
Test Scenarios
|
Some example STAT scenario plugin
modules. These scenarios can be used as a guideline to understand how
STATL scenarios are translated into executable code.
|
|
STAT Responses
|
Some example STAT response modules that
provide simple response functions, such as logging to a file or
producing IDMEF alerts.
|