parsuricata


Nameparsuricata JSON
Version 0.4.1 PyPI version JSON
download
home_pagehttps://github.com/theY4Kman/parsuricata
SummaryParse Suricata rules
upload_time2023-08-01 20:16:29
maintainer
docs_urlNone
authorZach "theY4Kman" Kanzler
requires_python>=3.6,<4.0
licenseMIT
keywords suricata security
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls. 
            # parsuricata

Parse Suricata rules


# Installation

```bash
pip install parsuricata
```


# Usage

```python
from parsuricata import parse_rules

source = '''
  alert http $HOME_NET any -> !$HOME_NET any (msg: "hi mum!"; content: "heymum"; http_uri; sid: 1;)
'''

rules = parse_rules(source)
print(rules)
#
# alert http $HOME_NET any -> !$HOME_NET any ( \
#   msg: hi mum!; \
#   content: heymum; \
#   http_uri; \
#   sid: 1; \
# )

rule = rules[0]

print(rule.action)
# alert

print(rule.protocol)
# http

print(rule.src)
# $HOME_NET

print(rule.src_port)
# any

print(rule.direction)
# ->

print(rule.dst)
# !$HOME_NET

print(rule.dst_port)
# any

for option in rule.options:
    print(f'{option.keyword} = {option.settings}')
#
# msg = hi mum!
# content = heymum
# http_uri = None
# sid = 1
```

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/theY4Kman/parsuricata",
    "name": "parsuricata",
    "maintainer": "",
    "docs_url": null,
    "requires_python": ">=3.6,<4.0",
    "maintainer_email": "",
    "keywords": "suricata,security",
    "author": "Zach \"theY4Kman\" Kanzler",
    "author_email": "they4kman@gmail.com",
    "download_url": "https://files.pythonhosted.org/packages/29/9e/7e79812e15b634698b527e6b6c88f9ea79dca856588e1ebfbf9568d9e3f6/parsuricata-0.4.1.tar.gz",
    "platform": null,
    "description": "# parsuricata\n\nParse Suricata rules\n\n\n# Installation\n\n```bash\npip install parsuricata\n```\n\n\n# Usage\n\n```python\nfrom parsuricata import parse_rules\n\nsource = '''\n  alert http $HOME_NET any -> !$HOME_NET any (msg: \"hi mum!\"; content: \"heymum\"; http_uri; sid: 1;)\n'''\n\nrules = parse_rules(source)\nprint(rules)\n#\n# alert http $HOME_NET any -> !$HOME_NET any ( \\\n#   msg: hi mum!; \\\n#   content: heymum; \\\n#   http_uri; \\\n#   sid: 1; \\\n# )\n\nrule = rules[0]\n\nprint(rule.action)\n# alert\n\nprint(rule.protocol)\n# http\n\nprint(rule.src)\n# $HOME_NET\n\nprint(rule.src_port)\n# any\n\nprint(rule.direction)\n# ->\n\nprint(rule.dst)\n# !$HOME_NET\n\nprint(rule.dst_port)\n# any\n\nfor option in rule.options:\n    print(f'{option.keyword} = {option.settings}')\n#\n# msg = hi mum!\n# content = heymum\n# http_uri = None\n# sid = 1\n```\n",
    "bugtrack_url": null,
    "license": "MIT",
    "summary": "Parse Suricata rules",
    "version": "0.4.1",
    "project_urls": {
        "Homepage": "https://github.com/theY4Kman/parsuricata",
        "Issues": "https://github.com/theY4Kman/parsuricata/issues",
        "Repository": "https://github.com/theY4Kman/parsuricata"
    },
    "split_keywords": [
        "suricata",
        "security"
    ],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "96fcdfe0d0458c7c2843ffd1be5da1b4a6b2f790dd5c4a74a97a4a5b73597d02",
                "md5": "b1c6b40f22dbf42fbba344a7ccb1a7ae",
                "sha256": "e6c4c46e2447d7067e67e170823a9a6fc7ae1faa8405333c9fb9c965dc481134"
            },
            "downloads": -1,
            "filename": "parsuricata-0.4.1-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "b1c6b40f22dbf42fbba344a7ccb1a7ae",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": ">=3.6,<4.0",
            "size": 5724,
            "upload_time": "2023-08-01T20:16:28",
            "upload_time_iso_8601": "2023-08-01T20:16:28.193971Z",
            "url": "https://files.pythonhosted.org/packages/96/fc/dfe0d0458c7c2843ffd1be5da1b4a6b2f790dd5c4a74a97a4a5b73597d02/parsuricata-0.4.1-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "blake2b_256": "299e7e79812e15b634698b527e6b6c88f9ea79dca856588e1ebfbf9568d9e3f6",
                "md5": "a0dc73d90be9028281b75a3c240d2440",
                "sha256": "3757f4dac68625642e9a053f3fa8fe008b1f79406a3763c51efd16fa60db09ca"
            },
            "downloads": -1,
            "filename": "parsuricata-0.4.1.tar.gz",
            "has_sig": false,
            "md5_digest": "a0dc73d90be9028281b75a3c240d2440",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": ">=3.6,<4.0",
            "size": 8158,
            "upload_time": "2023-08-01T20:16:29",
            "upload_time_iso_8601": "2023-08-01T20:16:29.156649Z",
            "url": "https://files.pythonhosted.org/packages/29/9e/7e79812e15b634698b527e6b6c88f9ea79dca856588e1ebfbf9568d9e3f6/parsuricata-0.4.1.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2023-08-01 20:16:29",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "theY4Kman",
    "github_project": "parsuricata",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "lcname": "parsuricata"
}
Zach "theY4Kman" Kanzler
Elapsed time: 0.11642s