[Oisf-users] Does anyone have a recommend tool or process for "pretty-printing" suricata text logs in color?

Cooper F. Nelson cnelson at ucsd.edu
Thu Jan 28 21:30:23 UTC 2016

Hash: SHA1

Basically I'm merging the DNS/HTTP logs with the alerts; so I was
thinking something like bright green for the DNS/HTTP lines; yellow for
keyword matches and orange for the alerts themselves.

- -Coop

On 1/28/2016 12:03 PM, Alan Wanderley dos Santos wrote:
> Hi Cooper,
> Each keywork must be a uniq color or you just want highlight all events that match with any keywork of this list?
> Regards,
> -----------------------------------------------
> Alan Santos
> Analista de Seguran├ža
> Centro de Atendimento a Incidentes de Seguran├ža (CAIS)
> Rede Nacional de Ensino e Pesquisa (RNP)
> (19) 3787-3314 | alan.santos at rnp.br
> ----- Mensagem original -----
> De: "Cooper F. Nelson" <cnelson at ucsd.edu>
> Para: oisf-users at lists.openinfosecfoundation.org
> Enviadas: Quinta-feira, 28 de janeiro de 2016 16:19:40
> Assunto: [Oisf-users] Does anyone have a recommend tool or process for "pretty-printing" suricata text logs in color?
> See subject.  Basically what I want to do is put together a forensics
> tool that will pull lines from the logs based on a list of keywords,
> sort them chronologically and then display them in color for an analyst
> to look at.
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 9-11 in Washington, DC: http://oisfevents.net

- -- 
Cooper Nelson
Network Security Analyst
UCSD ACT Security Team
cnelson at ucsd.edu x41042
Version: GnuPG v2.0.17 (MingW32)


More information about the Oisf-users mailing list