[Snort-devel] Extract HTTP data from snort

Akhil Koul akhil.koul8 at ...2499...
Sat Jun 11 02:35:35 EDT 2016


I am working as part of GSoC under the organization Modsecurity.
Modsecurity v3(latest version) has 2 parts : Connector and Core. Core has
the basic modsecurity functionality while connectors are used to interface
core with other apps.

My project is to interface snort with libmodsecurity. For that, I need to
send data fields extracted by Snort to the libmodsec function so that it
can do further processing. Some of the fields are:
- source and dest IP and port
- HTTP version and method
- URI and query params
- Request and response Body

You can find more about libmodsecurity at

 So, how should I proceed? I have already gone through the docs and have
the basic understanding

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20160611/7d0a4f5f/attachment.html>

More information about the Snort-devel mailing list