Format and syntax highlight Suricata rules
Project description
suricata-prettifier
Snake-powered pipe cleaner eats single-line Suricata rules and poops out pleasantly-spaced, vibrantly-coloured delicacies straight to your plate. Examine this exemplary example:
alert tcp $HOME_NET any -> 94.242.238.242 6565 (msg:"EmergingThreats:Indicator-2405101"; flow:to_server,established; flags:S; reference:url,doc.emergingthreats.net/bin/view/Main/BotCC; reference:url,www.shadowserver.org; threshold: type limit, track by_src, seconds 360, count 1; classtype:trojan-activity; flowbits:set,ET.Evil; flowbits:set,ET.BotccIP; sid: 533; rev:4991;)
Now watch as the snake-babies devour such fine a morsel – the last food for winter – then travel northward to return to their mates, leaving behind their season's work:
alert tcp $HOME_NET any -> 94.242.238.242 6565 ( \
msg: "EmergingThreats:Indicator-2405101"; \
flow: to_server,established; \
flags: S; \
reference: url,doc.emergingthreats.net/bin/view/Main/BotCC; \
reference: url,www.shadowserver.org; \
threshold: type limit, track by_src, seconds 360, count 1; \
classtype: trojan-activity; \
flowbits: set,ET.Evil; \
flowbits: set,ET.BotccIP; \
sid: 533; \
rev: 4991; \
)
Note: options with line continuations tested working with Suricata 4.0.4
Installation
pip install suricata-prettifier
Usage
Highlight and format right in your console. Wow.
prettify-suricata input.rules
Use it to generate sweet posts for your LiveJournal (Netscape Navigator required to view)
prettify-suricata -f html input.rules input.formatted.html style=vim full=True
Read from stdin and write to stdout to create your own pipe dream
head -n 50 input.rules | prettify-suricata -f html - - style=vim full=True | tee input.formatted.html
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file suricata-prettifier-0.0.5.tar.gz
.
File metadata
- Download URL: suricata-prettifier-0.0.5.tar.gz
- Upload date:
- Size: 5.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/42.0.1 requests-toolbelt/0.9.1 tqdm/4.39.0 CPython/3.8.0b4
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | a4fa16897410489a863520ae689ad0c0037b5bc59cd1a8c9c74d76be95b4a1e4 |
|
MD5 | d1f3e78b4118aaefbafe8b57d37cbb24 |
|
BLAKE2b-256 | 67c65adcce1e824b7e7a0c77a70f8e591d8c6927e7024c2f348815f537852d03 |