A Python listener to capture Snort event via the UNIX Socket output
Project Description
Snortunsock
A Python listener to capture Snort event via the UNIX Socket output.
Snortunsock can parse and show the alert message.
Usage
The basic usage
import dpkt from snortunsock import snort_listener for msg in snort_listener.start_recv("/tmp/snort_alert"): print('alertmsg: %s' % ''.join(msg.alertmsg)) buf = msg.pkt # buf is a raw packet which can use dpkt library to parsing it # Unpack the Ethernet frame (mac src/dst, ethertype) eth = dpkt.ethernet.Ethernet(buf)
The complicated examples are in the examples folder
LICENSE
Apache License, Version 2.0
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Filename, size & hash SHA256 hash help | File type | Python version | Upload date |
---|---|---|---|
snortunsock-0.0.5.tar.gz (7.8 kB) Copy SHA256 hash SHA256 | Source | None | Mar 30, 2017 |