Skip to content
/ go-snortunsock Public

A Go listener to capture Snort events via the UNIX Socket.

License

MIT license
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

0x6a61/go-snortunsock

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
examples
examples
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.go
main.go
 
 

Repository files navigation

go-snortunsock

A Go listener to capture Snort events via the UNIX Socket.

Snort

Add to snort.conf:

output alert_unixsock

Example

for packet := range snortunsock.Start_socket(os.Args[1]) {
		fmt.Printf("Alert name: %s \n", packet.Name)
		goPacket := gopacket.NewPacket(packet.PcapData, layers.LayerTypeEthernet, gopacket.Default)
		fmt.Printf("Packet: %s", goPacket.String())
}

Full example.

Miscellaneous

If you know/find the exact format of alert_unixsocks (or a good documentation), please write me an email.

About

A Go listener to capture Snort events via the UNIX Socket.

Topics

go golang snort capture-snort-events snort-socket snort-listener

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages