README
¶
IDS rule parse for the Go language
The package provides a parser for Suricata and Snort style IDS rules.
Usage
line := "alert tcp $TELNET_SERVERS 23 -> $EXTERNAL_NET any (msg:"GPL TELNET TELNET login failed"; flow:from_server,established; content:"Login failed"; nocase; classtype:bad-unknown; sid:2100492; rev:10;)"
rule, err := idsrules.Parse(line)
if err != nil {
log.Fatal(err)
}
log.Printf("Rule [%s] is enable: %v", rule.Msg, rule.Enabled)
License
MIT.
Documentation
¶
There is no documentation for this package.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.