[Snort-users] Snort Unixsock

patricio paponcio6 at ...11827...
Tue Jan 22 10:00:53 EST 2013


Hi all, I write the following Java code to read snort alerts using 
unixsock.
The problem is that i just can read the alert message. Someone know how 
can i read the entire alert message?

thank you very much.




package com.google.code.juds.test;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.Charset;
import java.nio.charset.CharsetDecoder;

import com.google.code.juds.*;

public class TestUnixDomainSocket {

     public static void main(String[] args) throws IOException {


         byte[] b = new byte[1024];

         String socketFile = "/var/log/snort/snort_alert";
         File file = new File(socketFile);
         if (file.exists()){
             file.delete();
         }

         System.out.println("Testcase 2.2: Test UnixDomainSocketServer 
with "
                 + "a datagram socket...");
         UnixDomainSocketServer ssocket = new 
UnixDomainSocketServer(socketFile,
                 UnixDomainSocket.SOCK_DGRAM);
         System.out.println("Socket created");
         InputStream in;
         String str;


         while(true){
             in = ssocket.getInputStream();

             in.read(b);

             str = new String(b);
             System.out.println("byte-Text received: \"" + str + "\"");
             if(str=="END")break;
         }
         ssocket.unlink();
         ssocket.close();

     }
}






More information about the Snort-users mailing list