Parse Suricata rules
Project description
parsuricata
Parse Suricata rules
Installation
pip install parsuricata
Usage
from parsuricata import parse_rules source = ''' alert http $HOME_NET any -> !$HOME_NET any (msg: "hi mum!"; content: "heymum"; http_uri; sid: 1;) ''' rules = parse_rules(source) print(rules) # # alert http $HOME_NET any -> !$HOME_NET any ( \ # msg: hi mum!; \ # content: heymum; \ # http_uri; \ # sid: 1; \ # ) rule = rules[0] print(rule.action) # alert print(rule.protocol) # http print(rule.src) # $HOME_NET print(rule.src_port) # any print(rule.direction) # -> print(rule.dst) # !$HOME_NET print(rule.dst_port) # any for option in rule.options: print(f'{option.keyword} = {option.settings}') # # msg = hi mum! # content = heymum # http_uri = None # sid = 1
Release history Release notifications
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
| Filename, size | File type | Python version | Upload date | Hashes |
|---|---|---|---|---|
| Filename, size parsuricata-0.1.1-py3-none-any.whl (4.3 kB) | File type Wheel | Python version py3 | Upload date | Hashes View hashes |
| Filename, size parsuricata-0.1.1.tar.gz (3.8 kB) | File type Source | Python version None | Upload date | Hashes View hashes |
Close
Hashes for parsuricata-0.1.1-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | f0ac405f01f972defe281d2e4324916e80da2eb5ed5e210cbfbf966b29892295 |
|
| MD5 | fd267105f5920037365a02d966a4c0d2 |
|
| BLAKE2-256 | 442ae9596fb73882ca9d2b1c7b33d981c3881b5d4b636befc34053d829d8adda |
