[Snort-users] Process Snort alerts on real time

Nora Aron valeparatodo at ...11827...
Wed Feb 22 10:31:51 EST 2017


>
>
> are you getting "Failed to encode record as JSON: __init__() got an
> unexpected keyword argument 'encoding'"?
> i think this is due to https://github.com/jasonish/py-idstools/issues/36
> Fetch the latest python-idstools or just remove , encoding="latin-1" from
> the highlighted line from /usr/lib/python2.7/site-
> packages/idstools/scripts/u2eve.py (or where it lives on your
> distribution):
> https://github.com/jasonish/py-idstools/blob/
> 5862a936af07b37458b1fc3719f9ade065b283f1/idstools/scripts/u2eve.py#L302
>
>
>
> Hi,
I'm not getting any error, I just need to get the packet data , converting
it from the format this tool provides, which is unified2. The rest of the
fields in the json are ready to use, it is just the packet in the "data"
field.
Thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-users/attachments/20170222/8e8bda84/attachment.html>


More information about the Snort-users mailing list