[Snort-users] Snort Unixsock

patricio paponcio6 at ...11827...
Wed Jan 23 13:00:11 EST 2013


Em 22/01/2013 12:00, patricio escreveu:
> Hi all, I write the following Java code to read snort alerts using 
> unixsock.
> The problem is that i just can read the alert message. Someone know 
> how can i read the entire alert message?
>
> thank you very much.
>
>
>
>
> package com.google.code.juds.test;
>
> import java.io.File;
> import java.io.FileOutputStream;
> import java.io.IOException;
> import java.io.InputStream;
> import java.io.OutputStream;
> import java.nio.charset.Charset;
> import java.nio.charset.CharsetDecoder;
>
> import com.google.code.juds.*;
>
> public class TestUnixDomainSocket {
>
>     public static void main(String[] args) throws IOException {
>
>
>         byte[] b = new byte[1024];
>
>         String socketFile = "/var/log/snort/snort_alert";
>         File file = new File(socketFile);
>         if (file.exists()){
>             file.delete();
>         }
>
>         System.out.println("Testcase 2.2: Test UnixDomainSocketServer 
> with "
>                 + "a datagram socket...");
>         UnixDomainSocketServer ssocket = new 
> UnixDomainSocketServer(socketFile,
>                 UnixDomainSocket.SOCK_DGRAM);
>         System.out.println("Socket created");
>         InputStream in;
>         String str;
>
>
>         while(true){
>             in = ssocket.getInputStream();
>
>             in.read(b);
>
>             str = new String(b);
>             System.out.println("byte-Text received: \"" + str + "\"");
>             if(str=="END")break;
>         }
>         ssocket.unlink();
>         ssocket.close();
>
>     }
> }
>
>





More information about the Snort-users mailing list