用于将snort警报转换为csv的Python脚本

Question

I'm new to python. So please support me I want to convert from snort alert to csv with some specific value

Here are the snort alert (can read by notepad):

[**] [1:2015665:1] ET CURRENT_EVENTS NeoSploit - TDS [**]
[Classification: Attempted User Privilege Gain] [Priority: 1] 
03/14-14:13:24.731076 192.168.52.10:1060 -> 67.196.50.144:80
TCP TTL:57 TOS:0x0 ID:34187 IpLen:20 DgmLen:258 DF
***A**** Seq: 0xBB770235  Ack: 0x9A83A217  Win: 0x3CB8  TcpLen: 20

[**] [1:2021076:1] ET INFO SUSPICIOUS Dotted Quad Host MZ Response [**]
[Classification: Potentially Bad Traffic] [Priority: 2] 
03/14-14:13:24.845200 67.196.50.144:80 -> 192.168.52.10:1060
TCP TTL:128 TOS:0x0 ID:1442 IpLen:20 DgmLen:5880 DF
***A**** Seq: 0x9A83C2E5  Ack: 0xBB77030F  Win: 0xFFFF  TcpLen: 20

alert.full ,

I want to filter some information such as Alert, Src IP, Src port, Dst IP, Dst port, Protocol DgmLen and save to a csv file.

Alert                 SrcIP          Srcport    DstIP          Dstport  Protocol   DgmLen
ET Current event...  192.168.52.10   1060       67.196.50.144    80        TCP      258
ET INFO SUSPICIOUS   67.196.50.144    80        192.168.52.10   1060       TCP      5880

Answer 1

1. Read 6 lines to a array
2. Create a dict to hold the data you want.
3. Extract Column Alert from array[0]
4. Extract Column SrcIP, Srcport, DstIP, Dstport, Protocol , DgmLen from array[2] and array[3]
5. Write to CSV file using csv.DictWriter