[Snort-users] Process Snort alerts on real time
marcin.dulak at ...11827...
Wed Feb 22 10:57:44 EST 2017
On Wed, Feb 22, 2017 at 4:31 PM, Nora Aron <valeparatodo at ...11827...> wrote:
>> are you getting "Failed to encode record as JSON: __init__() got an
>> unexpected keyword argument 'encoding'"?
>> i think this is due to https://github.com/jasonish/py-idstools/issues/36
>> Fetch the latest python-idstools or just remove , encoding="latin-1" from
>> the highlighted line from /usr/lib/python2.7/site-packages/idstools/scripts/u2eve.py
>> (or where it lives on your distribution):
> I'm not getting any error, I just need to get the packet data , converting
> it from the format this tool provides, which is unified2. The rest of the
> fields in the json are ready to use, it is just the packet in the "data"
actually this problem is already being discussed at
If you use python3 try with python2 - this makes a difference for me for
idstools-u2eve, not sure about SpoolEventReader.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users