[Oisf-users] Does anyone have a recommend tool or process for "pretty-printing" suricata text logs in color?

Alan Wanderley dos Santos alan.santos at rnp.br
Thu Jan 28 20:03:46 UTC 2016


Hi Cooper,

Each keywork must be a uniq color or you just want highlight all events that match with any keywork of this list?

Regards,

-----------------------------------------------
Alan Santos
Analista de Seguran├ža
Centro de Atendimento a Incidentes de Seguran├ža (CAIS)
Rede Nacional de Ensino e Pesquisa (RNP)
(19) 3787-3314 | alan.santos at rnp.br

----- Mensagem original -----
De: "Cooper F. Nelson" <cnelson at ucsd.edu>
Para: oisf-users at lists.openinfosecfoundation.org
Enviadas: Quinta-feira, 28 de janeiro de 2016 16:19:40
Assunto: [Oisf-users] Does anyone have a recommend tool or process for "pretty-printing" suricata text logs in color?

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

See subject.  Basically what I want to do is put together a forensics
tool that will pull lines from the logs based on a list of keywords,
sort them chronologically and then display them in color for an analyst
to look at.

- -- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)

iQEcBAEBAgAGBQJWqlu8AAoJEKIFRYQsa8FW2ZYH/iwnMfp+e4e9bXFPChTTR6J1
vusvS9yoBOtKwAuUJwfUGJfRNnHJ/nDN8wOg1OKzkCdQtgPCgG1xhCIwLa2/cv85
bzXeO9VVF+glNZmhRk40+Y6C/D69KSrlZdebXT0gZfmSpsYc6ik4e7VMa3SG2tzs
3GV2EOSJTmiYw13FTIkfN7QmRz9DCDzVb85BEQVB/A7VuZkvww+n8kv2M6ejDGVx
zdklxQlQ2j7wLiMIViPsYiMT+hF5lwERZ/TPznxT3VLZ6nc/oxjRApfEgiUmV7CF
Z0uWzToo8A0gyjuHSdEBbcvDl4ZVAZZtK3I8vLVOTrVMNU48aZN0qm0x+CZpo7M=
=fFYE
-----END PGP SIGNATURE-----
_______________________________________________
Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
Suricata User Conference November 9-11 in Washington, DC: http://oisfevents.net



More information about the Oisf-users mailing list