Snort_AIPreproc/pymodule/README

22 lines
572 B
Text
Raw Permalink Normal View History

2011-02-03 01:01:36 +01:00
Python module for interfacing with SnortAI. Compile it and install it through
$ python setup.py build
$ [sudo] python setup.py install
You can then access the alerts information captured by Snort simply by writing a
code like the following (also see module.py):
import snortai
alerts = snortai.alerts()
for alert in alerts:
# Access the information
2011-02-04 00:43:59 +01:00
print alert.gid, alert.sid, alert.rev
2011-02-03 01:01:36 +01:00
The alert class has the following members:
# id, gid, sid, rev, description, priority, classification, timestamp
2011-02-04 00:43:59 +01:00
# src_addr, dst_addr, src_port, dst_port, latitude, longitude
2011-02-03 01:01:36 +01:00