framework/src/suricata/lua/fast.lua


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34

-- simple fast-log to stdout lua module

function init (args)
    local needs = {}
    needs["type"] = "packet"
    needs["filter"] = "alerts"
    return needs
end

function setup (args)
    alerts = 0
end

function log(args)
    ts = SCPacketTimeString()
    sid, rev, gid = SCRuleIds()
    ipver, srcip, dstip, proto, sp, dp = SCPacketTuple()
    msg = SCRuleMsg()
    class, prio = SCRuleClass()
    if class == nil then
        class = "unknown"
    end

    print (ts .. "  [**] [" .. gid .. ":" .. sid .. ":" .. rev .. "] " ..
           msg .. " [**] [Classification: " .. class .. "] [Priority: " ..
           prio .. "] {" .. proto .. "} " ..
           srcip .. ":" .. sp .. " -> " .. dstip .. ":" .. dp)

    alerts = alerts + 1;
end

function deinit (args)
    print ("Alerted " .. alerts .. " times");
end