| Name | suricataparser JSON |
| Version |
1.0.0
JSON |
| download |
| home_page | |
| Summary | Package for parsing and generating Snort/Suricata rules. |
| upload_time | 2022-10-22 13:53:13 |
| maintainer | |
| docs_url | None |
| author | Mikhail Tsyganov |
| requires_python | >=3.7,<4.0 |
| license | Apache-2.0 |
| keywords |
suricata
snort
rules
|
| VCS |
|
| bugtrack_url |
|
| requirements |
No requirements were recorded.
|
| Travis-CI |
No Travis.
|
| coveralls test coverage |
No coveralls.
|
# suricataparser
[](https://pypi.org/project/suricataparser)
[](https://pypi.org/project/suricataparser)
[](https://github.com/m-chrome/py-suricataparser/blob/master/LICENSE)
[](https://github.com/m-chrome/py-suricataparser/actions)
Pure python package for parsing and generating Snort/Suricata rules.
## Installation
via pip:
```shell
pip install suricataparser
```
via Poetry:
```shell
poetry add suricataparser
```
## Project status
Suricataparser completed, api is stable and frozen. If you found a bug,
create an [issue](https://github.com/m-chrome/py-suricataparser/issues/new).
## Usage examples
Parse file with rules:
```python
from suricataparser import parse_file
rules = parse_file("suricata.rules")
```
Parse raw rule:
```python
from suricataparser import parse_rule
rule = parse_rule('alert tcp any any -> any any (sid:1; gid:1;)')
```
Parse string with many rules:
```python
from suricataparser import parse_rules
rules_object = "..."
rules = parse_rules(rules_object)
```
View rule properties:
```
>>> rule.sid
1
>>> rule.action
alert
>>> rule.header
tcp any any -> any any
>>> rule.msg
'"Msg"'
```
Turn on/off rule:
```
>>> rule.enabled
True
>>> rule.enabled = False
>>> print(rule)
# alert tcp any any -> any any (msg:"Msg"; sid:1; gid:1;)
```
Modify options:
```
>>> rule.add_option("http_uri")
>>> rule.add_option("key", "value")
>>> print(rule)
alert tcp any any -> any any (msg: "Msg"; sid: 1; gid: 1; http_uri; key: value;)
>>> rule.pop_option("key")
>>> print(rule)
alert tcp any any -> any any (msg: "Msg"; sid: 1; gid: 1; http_uri;)
```
Raw data
{
"_id": null,
"home_page": "",
"name": "suricataparser",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7,<4.0",
"maintainer_email": "",
"keywords": "suricata,snort,rules",
"author": "Mikhail Tsyganov",
"author_email": "tsyganov.michail@yandex.ru",
"download_url": "https://files.pythonhosted.org/packages/f0/ee/ce1835f4b70da00ac05794b7c50bc247010609d772c0d49621424a3e9a0d/suricataparser-1.0.0.tar.gz",
"platform": null,
"description": "# suricataparser\n\n[](https://pypi.org/project/suricataparser)\n[](https://pypi.org/project/suricataparser)\n[](https://github.com/m-chrome/py-suricataparser/blob/master/LICENSE)\n[](https://github.com/m-chrome/py-suricataparser/actions)\n\nPure python package for parsing and generating Snort/Suricata rules.\n\n## Installation\n\nvia pip:\n\n```shell\npip install suricataparser\n```\n\nvia Poetry:\n\n```shell\npoetry add suricataparser\n```\n\n## Project status\n\nSuricataparser completed, api is stable and frozen. If you found a bug, \ncreate an [issue](https://github.com/m-chrome/py-suricataparser/issues/new).\n\n## Usage examples\n\nParse file with rules:\n\n```python\nfrom suricataparser import parse_file\n\nrules = parse_file(\"suricata.rules\")\n```\n\nParse raw rule:\n\n```python\nfrom suricataparser import parse_rule\n\nrule = parse_rule('alert tcp any any -> any any (sid:1; gid:1;)')\n```\n\nParse string with many rules:\n\n```python\nfrom suricataparser import parse_rules\n\nrules_object = \"...\"\nrules = parse_rules(rules_object)\n```\n\nView rule properties:\n\n```\n>>> rule.sid\n1\n\n>>> rule.action\nalert\n\n>>> rule.header\ntcp any any -> any any\n\n>>> rule.msg\n'\"Msg\"'\n```\n\nTurn on/off rule:\n\n```\n>>> rule.enabled\nTrue\n\n>>> rule.enabled = False\n>>> print(rule)\n# alert tcp any any -> any any (msg:\"Msg\"; sid:1; gid:1;)\n```\n\nModify options:\n\n```\n>>> rule.add_option(\"http_uri\")\n>>> rule.add_option(\"key\", \"value\")\n>>> print(rule)\nalert tcp any any -> any any (msg: \"Msg\"; sid: 1; gid: 1; http_uri; key: value;)\n\n>>> rule.pop_option(\"key\")\n>>> print(rule)\nalert tcp any any -> any any (msg: \"Msg\"; sid: 1; gid: 1; http_uri;)\n```\n",
"bugtrack_url": null,
"license": "Apache-2.0",
"summary": "Package for parsing and generating Snort/Suricata rules.",
"version": "1.0.0",
"split_keywords": [
"suricata",
"snort",
"rules"
],
"urls": [
{
"comment_text": "",
"digests": {
"md5": "1fa739255eee2a62bc53d81526e05ce3",
"sha256": "e36d2bdae14d3b7be79d2412a2753a36fc30a2ddd702f357f4e3688a9b011d53"
},
"downloads": -1,
"filename": "suricataparser-1.0.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "1fa739255eee2a62bc53d81526e05ce3",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7,<4.0",
"size": 8657,
"upload_time": "2022-10-22T13:53:12",
"upload_time_iso_8601": "2022-10-22T13:53:12.032141Z",
"url": "https://files.pythonhosted.org/packages/9d/d2/065d97b6212fafabc05da7c7d563fcb6fe6a796f1dde0274936b7ad774d0/suricataparser-1.0.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"md5": "3e7bedeca0eba09c9879da62693b64c5",
"sha256": "d293c320c446cb4cefb6a5b9ede271d5e4621bfa82e3d76e111074c06297b7fa"
},
"downloads": -1,
"filename": "suricataparser-1.0.0.tar.gz",
"has_sig": false,
"md5_digest": "3e7bedeca0eba09c9879da62693b64c5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7,<4.0",
"size": 8144,
"upload_time": "2022-10-22T13:53:13",
"upload_time_iso_8601": "2022-10-22T13:53:13.739433Z",
"url": "https://files.pythonhosted.org/packages/f0/ee/ce1835f4b70da00ac05794b7c50bc247010609d772c0d49621424a3e9a0d/suricataparser-1.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2022-10-22 13:53:13",
"github": false,
"gitlab": false,
"bitbucket": false,
"lcname": "suricataparser"
}
