local dataset = require "suricata.dataset"
local flow = require("suricata.flow")
+local logger = require("suricata.log")
function init (args)
local needs = {}
conn_new, err = dataset.new()
ret, err = conn_new:get("conn-seen")
if err ~= nil then
- SCLogWarning("dataset warning: " .. err)
+ logger.warning("dataset warning: " .. err)
return 0
end
end
ret, err = conn_new:add(str, #str);
if ret == 1 then
- SCLogInfo(str .. " => " .. ret)
+ logger.info(str .. " => " .. ret)
end
return ret
end
local flow = require("suricata.flow")
local dataset = require("suricata.dataset")
local dns = require("suricata.dns")
+local logger = require("suricata.log")
function init (args)
local needs = {}
dns_new = dataset.new()
ret, err = dns_new:get("dns-seen")
if err ~= nil then
- SCLogWarning("dataset warning: " .. err)
+ logger.warning("dataset warning: " .. err)
return 0
end
end
ret, err = dns_new:add(str, #str);
if err ~= nil then
- SCLogWarning("lua warning " .. err)
+ logger.warning("lua warning " .. err)
return 0
end
if ret == 1 then
- SCLogNotice(str .. " => " .. ret)
+ logger.notice(str .. " => " .. ret)
end
return ret
end
name = "flow_http_lua.log"
local flow = require("suricata.flow")
+local logger = require("suricata.log")
function init (args)
local needs = {}
function setup (args)
filename = SCLogPath() .. "/" .. name
file = assert(io.open(filename, "a"))
- SCLogInfo("Log Filename " .. filename)
+ logger.info("Log Filename " .. filename)
http = 0
end
end
function deinit (args)
- SCLogInfo ("HTTP logged: " .. http);
+ logger.info ("HTTP logged: " .. http);
file:close(file)
end
name = "lua-scflowstats.log"
local flow = require("suricata.flow")
+local logger = require("suricata.log")
function init(args)
local needs = {}
function setup(args)
filename = SCLogPath() .. "/" .. name
file = assert(io.open(filename, "a"))
- SCLogInfo("lua SCFlowStats Log Filename " .. filename)
+ logger.info("lua SCFlowStats Log Filename " .. filename)
end
function log(args)
-- simple SCFlowTuple log test
local flow = require("suricata.flow")
+local logger = require("suricata.log")
name = "scflow-tuple.log"
function setup(args)
filename = SCLogPath() .. "/" .. name
file = assert(io.open(filename, "a"))
- SCLogNotice("lua SCFlowTuple Log Filename " .. filename)
+ logger.notice("lua SCFlowTuple Log Filename " .. filename)
end
function log(args)
local flow = require("suricata.flow")
-local packet = require "suricata.packet"
-local dns = require "suricata.dns"
+local packet = require("suricata.packet")
+local dns = require("suricata.dns")
+local logger = require("suricata.log")
filename = "lua-dns.log"
end
function setup (args)
- SCLogNotice("lua: setup()")
+ logger.notice("lua: setup()")
file = assert(io.open(SCLogPath() .. "/" .. filename, "w"))
end
local flow = require("suricata.flow")
local packet = require "suricata.packet"
local http = require("suricata.http")
+local logger = require("suricata.log")
name = "http_lua.log"
function setup (args)
filename = SCLogPath() .. "/" .. name
file = assert(io.open(filename, "a"))
- SCLogInfo("HTTP Log Filename " .. filename)
+ logger.info("HTTP Log Filename " .. filename)
http_tx = 0
end
end
function deinit (args)
- SCLogInfo ("HTTP transactions logged: " .. http_tx);
+ logger.info ("HTTP transactions logged: " .. http_tx);
file:close(file)
end
local flow = require("suricata.flow")
local packet = require "suricata.packet"
local http = require("suricata.http")
+local logger = require("suricata.log")
name = "http_lua.log"
function setup (args)
filename = SCLogPath() .. "/" .. name
file = assert(io.open(filename, "a"))
- SCLogInfo("HTTP Log Filename " .. filename)
+ logger.info("HTTP Log Filename " .. filename)
http_tx = 0
end
end
function deinit (args)
- SCLogInfo ("HTTP transactions logged: " .. http_tx);
+ logger.info ("HTTP transactions logged: " .. http_tx);
file:close(file)
end
local packet = require "suricata.packet"
local flow = require("suricata.flow")
local http = require("suricata.http")
+local logger = require("suricata.log")
name = "http_lua.log"
end
function deinit (args)
- SCLogInfo ("HTTP transactions logged: " .. http_tx);
+ logger.info ("HTTP transactions logged: " .. http_tx);
file:close(file)
end
-- simple fast-log to file lua module
local packet = require "suricata.packet"
local smtp = require "suricata.smtp"
+local logger = require("suricata.log")
name = "smtp_lua.log"
function setup (args)
filename = SCLogPath() .. "/" .. name
file = assert(io.open(filename, "a"))
- SCLogInfo("Log Filename " .. filename)
+ logger.info("Log Filename " .. filename)
count = 0
end
end
function deinit (args)
- SCLogInfo ("transactions logged: " .. count);
+ logger.info ("transactions logged: " .. count);
file:close(file)
end
local flow = require "suricata.flow"
+local logger = require("suricata.log")
function init (args)
local needs = {}
ts = f:timestring_legacy()
ipver, srcip, dstip, proto, sp, dp = f:tuple()
data, data_open, data_close = SCStreamingBuffer()
- SCLogNotice("called with data_open " .. tostring(data_open) .. " data_close " .. tostring(data_close));
+ logger.notice("called with data_open " .. tostring(data_open) .. " data_close " .. tostring(data_close));
filename = filepath .. "/http-" .. proto .. "-" .. srcip .. "-" .. dstip .. "-" .. sp .. "-" .. dp
file_mode = "a"
local filelib = require("suricata.file")
+local logger = require("suricata.log")
-- Output test for SCFileInfo
file_name = "scfileinfo.log"
function setup(args)
filename = SCLogPath() .. "/" .. file_name
output = assert(io.open(filename, "w"))
- SCLogInfo("lua SCFileInfo Log Filename " .. filename)
+ logger.info("lua SCFileInfo Log Filename " .. filename)
end
function log(args)
end
function deinit(args)
- SCLogInfo ("SCFileInfo logging finished");
+ logger.info ("SCFileInfo logging finished");
output:close()
end
local packet = require "suricata.packet"
+local logger = require("suricata.log")
-- simple SCPacketTuple log test
name = "scpacket-tuple.log"
function setup(args)
filename = SCLogPath() .. "/" .. name
file = assert(io.open(filename, "a"))
- SCLogInfo("Lua SCPacketTuple Log Filename " .. filename)
+ logger.info("Lua SCPacketTuple Log Filename " .. filename)
packets = 0
end
end
function deinit(args)
- SCLogInfo ("Packets logged: " .. packets);
+ logger.info ("Packets logged: " .. packets);
file:close(file)
end
-- lua_pushinteger output test for SCRuleIds and ...
local packet = require "suricata.packet"
local rule = require "suricata.rule"
+local logger = require "suricata.log"
name = "lua-scrule-ids.log"
function setup(args)
filename = SCLogPath() .. "/" .. name
file = assert(io.open(filename, "a"))
- SCLogInfo("lua SCRuleIds Log Filename " .. filename)
+ logger.info("lua SCRuleIds Log Filename " .. filename)
end
function log(args)
local base64 = require("suricata.base64")
local dns = require("suricata.dns")
+local logger = require("suricata.log")
local expected_base64 = "d3d3LnN1cmljYXRhLWlkcy5vcmc="
end
function setup (args)
- SCLogNotice("lua: setup()")
+ logger.notice("lua: setup()")
file = assert(io.open(SCLogPath() .. "/" .. filename, "w"))
end
local hashlib = require("suricata.hashlib")
local dns = require("suricata.dns")
+local logger = require("suricata.log")
-- We don't actually use, but the script will fail to run if it fails
-- to "require".
end
function setup (args)
- SCLogNotice("lua: setup()")
+ logger.notice("lua: setup()")
file = assert(io.open(SCLogPath() .. "/" .. filename, "w"))
end
local hashlib = require("suricata.hashlib")
local dns = require("suricata.dns")
+local logger = require("suricata.log")
local expected_sha256 = "080bdfdfcd8c2c7fce747f9be4603ced6253caac70894ad89d605309588c60f6"
local expected_sha1 = "00f495ffd50c8b5ef3645f61486dae496db0fe2e"
local rrname = tx:rrname()
if not test_sha256(rrname) then
- SCLogError("test_sha256 failed")
+ logger.error("test_sha256 failed")
return 0
end
if not test_sha1(rrname) then
- SCLogError("test_sha1 failed")
+ logger.error("test_sha1 failed")
return 0
end
if not test_md5(rrname) then
- SCLogError("test_md5 failed")
+ logger.error("test_md5 failed")
return 0
end
local packet = require "suricata.packet"
+local logger = require "suricata.log"
function init (args)
local needs = {}
for line in payload:gmatch("([^\r\n]*)[\r\n]+") do
if line == "GET /index.html HTTP/1.0" then
ipver, srcip, dstip, proto, sp, dp = p:tuple()
- SCLogNotice(string.format("%s %s->%s %d->%d (pcap_cnt:%d) match! %s", ts, srcip, dstip, sp, dp, p:pcap_cnt(), line));
+ logger.notice(string.format("%s %s->%s %d->%d (pcap_cnt:%d) match! %s", ts, srcip, dstip, sp, dp, p:pcap_cnt(), line));
return 1
end
end
local packet = require "suricata.packet"
+local logger = require("suricata.log")
function init (args)
local needs = {}
for line in payload:gmatch("([^\r\n]*)[\r\n]+") do
if line == "GET /index.html HTTP/1.0" then
ipver, srcip, dstip, proto, sp, dp = p:tuple()
- SCLogNotice(string.format("%s %s->%s %d->%d (pcap_cnt:%d) match! %s", ts, srcip, dstip, sp, dp, p:pcap_cnt(), line));
+ logger.notice(string.format("%s %s->%s %d->%d (pcap_cnt:%d) match! %s", ts, srcip, dstip, sp, dp, p:pcap_cnt(), line));
return 1
end
end
local packet = require "suricata.packet"
+local logger = require("suricata.log")
function init (args)
local needs = {}
if p:sp() == 6666 and p:dp() == 63 then
ts = p:timestring_iso8601()
- SCLogNotice(string.format("%s %d->%d (pcap_cnt:%d) match!", ts, p:sp(), p:dp(), p:pcap_cnt()));
+ logger.notice(string.format("%s %d->%d (pcap_cnt:%d) match!", ts, p:sp(), p:dp(), p:pcap_cnt()));
return 1
end
local packet = require "suricata.packet"
+local logger = require("suricata.log")
function init (args)
local needs = {}
sp, err = p:sp()
if err == nil then
- SCLogError("sp() should have failed for icmp")
+ logger.error("sp() should have failed for icmp")
return 0
end
if err ~= "sp only available for tcp, udp and sctp" then
- SCLogError("sp() error message mismatch")
+ logger.error("sp() error message mismatch")
return 0
end
local packet = require "suricata.packet"
+local logger = require("suricata.log")
function init (args)
local needs = {}
for line in payload:gmatch("([^\r\n]*)[\r\n]+") do
if line == "GET /index.html HTTP/1.0" then
ipver, srcip, dstip, proto, sp, dp = p:tuple()
- SCLogNotice(string.format("%s %s->%s %d->%d (pcap_cnt:%d) match! %s", ts, srcip, dstip, sp, dp, p:pcap_cnt(), line));
+ logger.notice(string.format("%s %s->%s %d->%d (pcap_cnt:%d) match! %s", ts, srcip, dstip, sp, dp, p:pcap_cnt(), line));
return 1
end
end
name = "tlslib_lua.log"
local tls = require("suricata.tls")
+local logger = require("suricata.log")
function init (args)
local needs = {}
function setup (args)
filename = SCLogPath() .. "/" .. name
file = assert(io.open(filename, "a"))
- SCLogInfo("Log Filename " .. filename)
+ logger.info("Log Filename " .. filename)
http = 0
end
local dataset = require("suricata.dataset")
+local logger = require("suricata.log")
function thread_init(args)
dataset_new, err = dataset.new()
if err ~= nil then
- SCLogWarning("dataset warning: " .. err)
+ logger.warning("dataset warning: " .. err)
return 0
end
ret, err = dataset_new:get("versions-seen")
if err ~= nil then
- SCLogWarning("dataset warning: " .. err)
+ logger.warning("dataset warning: " .. err)
return 0
end
end
function transform(input, args)
ret, err = dataset_new:add(input, #input)
if err ~= nil then
- SCLogWarning("lua warning: " .. err)
+ logger.warning("lua warning: " .. err)
return 0
end
if ret == 1 then
- SCLogNotice(input .. " => " .. ret)
+ logger.notice(input .. " => " .. ret)
end
return ret
end
local ssh = require("suricata.ssh")
+local logger = require("suricata.log")
filename = "results.log"
end
function setup (args)
- SCLogNotice("lua: setup()")
+ logger.notice("lua: setup()")
file = assert(io.open(SCLogPath() .. "/" .. filename, "w"))
end
projects / thirdparty / suricata-verify.git / commitdiff
