[Snort-devel] snortUnixDomainSocket.py

Arn Vollebregt arn.vollebregt at ...349...
Wed May 26 07:08:37 EDT 2010


For those who wish to play around a bit with unsock (Unix Domain Socket)
logging in Snort, I have attached a simple Python script which processes
the Alertpkt's send by Snort.

root at ...3092...:~/snortUnixDomainSocket# ./snortUnixDomainSocket.py
<Alertpkt(msg=owned, pkth=<pcap_pkthdr(ts=<timeval(tv_sec=1274339172,
tv_usec=369146)>, caplen=47, len=47)>, dlthdr=0, nethdr=14, transhdr=34,
datasize=42, val=0, pkt=<PACKET_STRUCT>, event=<Event(sig_generator=1,
sig_id=7, sig_rev=0, classification=0, priority=0, event_id=1,
event_reference=1, ref_time=<sf_timeval32(tv_sec=1274339172,
tv_usec=369146)>)>)>

Regards,

Arn Vollebregt
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: snortUnixDomainSocket.py
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20100526/a69c0fdb/attachment.ksh>


More information about the Snort-devel mailing list