Snort mailing list archives
Extract HTTP data from snort
From: Akhil Koul <akhil.koul8 () gmail com>
Date: Sat, 11 Jun 2016 12:05:35 +0530
Hello I am working as part of GSoC under the organization Modsecurity. Modsecurity v3(latest version) has 2 parts : Connector and Core. Core has the basic modsecurity functionality while connectors are used to interface core with other apps. My project is to interface snort with libmodsecurity. For that, I need to send data fields extracted by Snort to the libmodsec function so that it can do further processing. Some of the fields are: - source and dest IP and port - HTTP version and method - URI and query params - Request and response Body You can find more about libmodsecurity at https://github.com/SpiderLabs/ModSecurity/tree/libmodsecurity. So, how should I proceed? I have already gone through the docs and have the basic understanding Thanks Akhil
------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. https://ad.doubleclick.net/ddm/clk/305295220;132659582;e
_______________________________________________ Snort-devel mailing list Snort-devel () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-devel Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- Extract HTTP data from snort Akhil Koul (Jun 10)