File: README.md

package info (click to toggle)
golang-github-jasonish-go-idsrules 0.0~git20170503.0.c646b91-2
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 96 kB
  • sloc: makefile: 3
file content (16 lines) | stat: -rw-r--r-- 500 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
 
# IDS rule parse for the Go language

The package provides a parser for Suricata and Snort style IDS rules.

## Usage

    line := "alert tcp $TELNET_SERVERS 23 -> $EXTERNAL_NET any (msg:"GPL TELNET TELNET login failed"; flow:from_server,established; content:"Login failed"; nocase; classtype:bad-unknown; sid:2100492; rev:10;)"
    rule, err := idsrules.Parse(line)
    if err != nil {
        log.Fatal(err)
    }
    log.Printf("Rule [%s] is enable: %v", rule.Msg, rule.Enabled)

## License

MIT.