[Oisf-devel] filemd5?
Victor Julien
victor at inliniac.net
Thu Feb 16 20:23:34 UTC 2012
On 02/16/2012 09:05 PM, Brant Wells wrote:
> On Thu, Feb 16, 2012 at 2:36 PM, Victor Julien <victor at inliniac.net> wrote:
>
>> On 02/16/2012 08:08 PM, Brant Wells wrote:
>>>>
>>>>>> The first one: a growing single file or socket of JSON lines which a
>>>>>> script can read from and execute actions based on. I'd be happy to
>>>>>> write such a script for plugins like CIF, Virustotal and malwr.com.
>>>>
>>>
>>> I submitted a (set) of scripts to the list a few days ago, but have not
>>> heard anything back. I had the scripts attached as text files to the
>>> message (are we not allowed to do that?).
>>
>> There are no pending moderator request. Are you sure you sent it to the
>> correct list?
>
>
> That's always possible... I've reattached them to this email. I have been
> using the scripts for several weeks now. The surilog script is where the
> magic happens with the FIFO, et al.
>
> The startsuricata is a script I use for starting Surilog, Suricata (and
> BY2) since I'm terrible with init scripts, lol.
>
> And the logrotate one is for log rotation. I have mine set at 300megs /
> daily.
>
> See if those will work for what he's wanting.
Brant, have you looked at the unix socket support for http.log as well?
Might make it even easier.
--
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------
More information about the Oisf-devel
mailing list