Parse Suricata rules
Project description
parsuricata
Parse Suricata rules
Installation
pip install parsuricata
Usage
from parsuricata import parse_rules source = ''' alert http $HOME_NET any -> !$HOME_NET any (msg: "hi mum!"; content: "heymum"; http_uri; sid: 1;) ''' rules = parse_rules(source) print(rules) # # alert http $HOME_NET any -> !$HOME_NET any ( \ # msg: hi mum!; \ # content: heymum; \ # http_uri; \ # sid: 1; \ # ) rule = rules[0] print(rule.action) # alert print(rule.protocol) # http print(rule.src) # $HOME_NET print(rule.src_port) # any print(rule.direction) # -> print(rule.dst) # !$HOME_NET print(rule.dst_port) # any for option in rule.options: print(f'{option.keyword} = {option.settings}') # # msg = hi mum! # content = heymum # http_uri = None # sid = 1
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
parsuricata-0.3.2.tar.gz
(8.0 kB
view hashes)
Built Distribution
Close
Hashes for parsuricata-0.3.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 2eb175c5e387f33a0ae6f7cc3120fe41a0f19dc95ebc7c47705187c233f8437a |
|
MD5 | 41b1c3e9a6340fc230e5d5b5291a05af |
|
BLAKE2-256 | 6e5d5ec91e26931eb6636f7034140e923dfb9bcc6a50c4e268a85ebf3e43e896 |