Snort mailing list archives

Previous By Date Next
Previous By Thread Next

snortUnixDomainSocket.py

From: "Arn Vollebregt" <arn.vollebregt () xs4all nl>
Date: Wed, 26 May 2010 13:08:37 +0200
For those who wish to play around a bit with unsock (Unix Domain Socket)
logging in Snort, I have attached a simple Python script which processes
the Alertpkt's send by Snort.

root@x-test:~/snortUnixDomainSocket# ./snortUnixDomainSocket.py
<Alertpkt(msg=owned, pkth=<pcap_pkthdr(ts=<timeval(tv_sec=1274339172,
tv_usec=369146)>, caplen=47, len=47)>, dlthdr=0, nethdr=14, transhdr=34,
datasize=42, val=0, pkt=<PACKET_STRUCT>, event=<Event(sig_generator=1,
sig_id=7, sig_rev=0, classification=0, priority=0, event_id=1,
event_reference=1, ref_time=<sf_timeval32(tv_sec=1274339172,
tv_usec=369146)>)>)>

Regards,

Arn Vollebregt

Attachment: snortUnixDomainSocket.py
Description: 

------------------------------------------------------------------------------


_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Previous By Date Next
Previous By Thread Next

Current thread: