I need snort to check incoming traffic for malicious activity but using my machine learning model. I want to use python but I do not know how to do it. Any help is much appreciated. Thank you.
As an option to get started, you can use such Bash script. If the number of snort alerts has increased, it runs your Python script. (PS I did not check the syntax, maybe I need to tweak it a little)
#!/bin/bash
alertsOldNumber=0
while true
do
# save the number of alerts
alertsNewNumber=$(wc -l /var/log/snort/your_log_file.log | awk -F" " '{print $1}'
if [[ "$alertsNewNumber" -gt "$alertsOldNumber" ]]
then
./your_python_script.py # do what you want
fi
let alertsOldNumber = alertsNewNumber
sleep 5 # save your resources
done
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.