Extract HTTP data from snort

[Akhil Koul <akhil.koul8 () gmail com>]

Hello

I am working as part of GSoC under the organization Modsecurity.
Modsecurity v3(latest version) has 2 parts : Connector and Core. Core has
the basic modsecurity functionality while connectors are used to interface
core with other apps.

My project is to interface snort with libmodsecurity. For that, I need to
send data fields extracted by Snort to the libmodsec function so that it
can do further processing. Some of the fields are:
- source and dest IP and port
- HTTP version and method
- URI and query params
- Request and response Body

You can find more about libmodsecurity at
https://github.com/SpiderLabs/ModSecurity/tree/libmodsecurity.

 So, how should I proceed? I have already gone through the docs and have
the basic understanding

Thanks
Akhil

------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are 
consuming the most bandwidth. Provides multi-vendor support for NetFlow, 
J-Flow, sFlow and other flows. Make informed decisions using capacity 
planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e

_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!