Skip to content

AUCR/suricataindex

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

suricataindex

suricataindex

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

requirements.txt

requirements.txt

 
 

setup.py

setup.py

 
 

ubuntu_install.sh

ubuntu_install.sh

 
 

Repository files navigation

suricataindex

What is suricataindex?

It's a simply python cli/package to easily ingest pcap data into elasticsearch.

How to install

Install local with python

    git clone https://github.com/aucr/suricataindex/
    cd suricataindex
    pip install -r requirements.txt    
    python setup.py install        



     sur_cli.py --help
        Usage: sur_cli.py [OPTIONS]
        
          suricataindex Command line interface.
        
        Options:
          -f, --input_directory TEXT   The PCAP input directory.
          -o, --output_directory TEXT  Suricata output log directory.
          -c, --config_file TEXT       Output file directory.
          -e, --elastic_url TEXT       Elasticsearch URL value
          -i, --elastic_index TEXT     Elasticsearch URL value
          --help                       Show this message and exit.

Install with Docker

    git clone https://github.com/aucr/suricataindex/
    cd suricataindex
    docker build . -t suricataindex

Run CLI with docker

    docker run -v /local/path/to/pcaps/:/opt/pcaps/ -it suricataindex -e http://elasticsearchurl:9200

About

A simple suricata indexing tool

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

1 star

Watchers

8 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages