suricata2pcap(suricata rule -> pcap)

s2p.py

usage: s2p.py [-h] config rules

positional arguments:
  config      Suricata config file
  rules       Suricata rule file

optional arguments:
  -h, --help  show this help message and exit

util/compare.py

usage: compare.py [-h] [-o SID_FILE] json_file

positional arguments:
  json_file             the target file(json) to parse sid

optional arguments:
  -h, --help            show this help message and exit
  -o SID_FILE, --output SID_FILE
                        Drop list of SIDs as a file

Input
- a part of eve file (json log file)
Output
- pcaps that were included in input json log
Options
- Drop list of sids from given Input as a

Name		Name	Last commit message	Last commit date
Latest commit History 44 Commits
builder		builder
protocol		protocol
rules		rules
util		util
.gitignore		.gitignore
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
requirements.txt		requirements.txt
s2p.py		s2p.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

suricata2pcap(suricata rule -> pcap)

s2p.py

util/compare.py

About

Uh oh!

Releases

Packages

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

License

onsoim/suricata2pcap

Folders and files

Latest commit

History

Repository files navigation

suricata2pcap(suricata rule -> pcap)

s2p.py

util/compare.py

About

Resources

License

Code of conduct

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Uh oh!

Contributors

Uh oh!

Languages

Packages