How to use python with snort?
Question
I need snort to check incoming traffic for malicious activity but using my machine learning model. I want to use python but I do not know how to do it. Any help is much appreciated. Thank you.
1 answers
solution1
0 2020-03-20 10:37:58
As an option to get started, you can use such Bash script. If the number of snort alerts has increased, it runs your Python script. (PS I did not check the syntax, maybe I need to tweak it a little)
#!/bin/bash
alertsOldNumber=0
while true
do
# save the number of alerts
alertsNewNumber=$(wc -l /var/log/snort/your_log_file.log | awk -F" " '{print $1}'
if [[ "$alertsNewNumber" -gt "$alertsOldNumber" ]]
then
./your_python_script.py # do what you want
fi
let alertsOldNumber = alertsNewNumber
sleep 5 # save your resources
done
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Convert Snort string to Python timestamp
Python script to convert snort alert to csv
Reading/Parsing Snort Alert File Using Python
Regex in Python 2.7 for extraction of information from Snort log files
Parsing Snort Logs with PyParsing
Execute script on Snort alert
How to use cookies in python 3?
How to use comparison and ' if not' in python?
How to use hist() in python?
How to use Python distutils?
Related Tags