Re: Process Snort alerts on real time

[Nora Aron <valeparatodo () gmail com>]

> are you getting "Failed to encode record as JSON: __init__() got an
> unexpected keyword argument 'encoding'"?
> i think this is due to https://github.com/jasonish/py-idstools/issues/36
> Fetch the latest python-idstools or just remove , encoding="latin-1" from
> the highlighted line from /usr/lib/python2.7/site-
> packages/idstools/scripts/u2eve.py (or where it lives on your
> distribution):
> https://github.com/jasonish/py-idstools/blob/
> 5862a936af07b37458b1fc3719f9ade065b283f1/idstools/scripts/u2eve.py#L302
>
>
>
> Hi,
I'm not getting any error, I just need to get the packet data , converting
it from the format this tool provides, which is unified2. The rest of the
fields in the json are ready to use, it is just the packet in the "data"
field.
Thanks.

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users

Please visit http://blog.snort.org to stay current on all the latest Snort news!