Format and syntax highlight Suricata rules
Project description
suricata-prettifier
Snake-powered pipe cleaner eats single-line Suricata rules and poops out pleasantly-spaced, vibrantly-coloured delicacies straight to your plate. Examine this exemplary example:
alert tcp $HOME_NET any -> 94.242.238.242 6565 (msg:"EmergingThreats:Indicator-2405101"; flow:to_server,established; flags:S; reference:url,doc.emergingthreats.net/bin/view/Main/BotCC; reference:url,www.shadowserver.org; threshold: type limit, track by_src, seconds 360, count 1; classtype:trojan-activity; flowbits:set,ET.Evil; flowbits:set,ET.BotccIP; sid: 533; rev:4991;)
Now watch as the snake-babies devour such fine a morsel – the last food for winter – then travel northward to return to their mates, leaving behind their season's work:
alert tcp $HOME_NET any -> 94.242.238.242 6565 ( \
msg: "EmergingThreats:Indicator-2405101"; \
flow: to_server,established; \
flags: S; \
reference: url,doc.emergingthreats.net/bin/view/Main/BotCC; \
reference: url,www.shadowserver.org; \
threshold: type limit, track by_src, seconds 360, count 1; \
classtype: trojan-activity; \
flowbits: set,ET.Evil; \
flowbits: set,ET.BotccIP; \
sid: 533; \
rev: 4991; \
)
Note: options with line continuations tested working with Suricata 4.0.4
Installation
pip install suricata-prettifier
Usage
Highlight and format right in your console. Wow.
prettify-suricata input.rules
Use it to generate sweet posts for your LiveJournal (Netscape Navigator required to view)
prettify-suricata -f html input.rules input.formatted.html style=vim full=True
Read from stdin and write to stdout to create your own pipe dream
head -n 50 input.rules | prettify-suricata -f html - - style=vim full=True | tee input.formatted.html
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Hashes for suricata-prettifier-0.0.5.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | a4fa16897410489a863520ae689ad0c0037b5bc59cd1a8c9c74d76be95b4a1e4 |
|
MD5 | d1f3e78b4118aaefbafe8b57d37cbb24 |
|
BLAKE2b-256 | 67c65adcce1e824b7e7a0c77a70f8e591d8c6927e7024c2f348815f537852d03 |