local flow = require("suricata.flow")
local logger = require("suricata.log")
+local config = require("suricata.config")
function init (args)
local needs = {}
end
function setup (args)
- filename = SCLogPath() .. "/" .. name
+ filename = config.log_path() .. "/" .. name
file = assert(io.open(filename, "a"))
logger.info("Log Filename " .. filename)
http = 0
local flow = require("suricata.flow")
local logger = require("suricata.log")
+local config = require("suricata.config")
function init(args)
local needs = {}
end
function setup(args)
- filename = SCLogPath() .. "/" .. name
+ filename = config.log_path() .. "/" .. name
file = assert(io.open(filename, "a"))
logger.info("lua SCFlowStats Log Filename " .. filename)
end
-- simple SCFlowTuple log test
local flow = require("suricata.flow")
local logger = require("suricata.log")
+local config = require("suricata.config")
name = "scflow-tuple.log"
function setup(args)
- filename = SCLogPath() .. "/" .. name
+ filename = config.log_path() .. "/" .. name
file = assert(io.open(filename, "a"))
logger.notice("lua SCFlowTuple Log Filename " .. filename)
end
local packet = require("suricata.packet")
local dns = require("suricata.dns")
local logger = require("suricata.log")
+local config = require "suricata.config"
filename = "lua-dns.log"
function setup (args)
logger.notice("lua: setup()")
- file = assert(io.open(SCLogPath() .. "/" .. filename, "w"))
+ file = assert(io.open(config.log_path() .. "/" .. filename, "w"))
end
function log(args)
local packet = require "suricata.packet"
local http = require("suricata.http")
local logger = require("suricata.log")
+local config = require("suricata.config")
name = "http_lua.log"
end
function setup (args)
- filename = SCLogPath() .. "/" .. name
+ filename = config.log_path() .. "/" .. name
file = assert(io.open(filename, "a"))
logger.info("HTTP Log Filename " .. filename)
http_tx = 0
local packet = require "suricata.packet"
local http = require("suricata.http")
local logger = require("suricata.log")
+local config = require("suricata.config")
name = "http_lua.log"
end
function setup (args)
- filename = SCLogPath() .. "/" .. name
+ filename = config.log_path() .. "/" .. name
file = assert(io.open(filename, "a"))
logger.info("HTTP Log Filename " .. filename)
http_tx = 0
local flow = require("suricata.flow")
local http = require("suricata.http")
local logger = require("suricata.log")
+local config = require("suricata.config")
name = "http_lua.log"
end
function setup (args)
- filename = SCLogPath() .. "/" .. name
+ filename = config.log_path() .. "/" .. name
file = assert(io.open(filename, "a"))
http_tx = 0
end
local packet = require "suricata.packet"
local smtp = require "suricata.smtp"
local logger = require("suricata.log")
+local config = require "suricata.config"
name = "smtp_lua.log"
end
function setup (args)
- filename = SCLogPath() .. "/" .. name
+ filename = config.log_path() .. "/" .. name
file = assert(io.open(filename, "a"))
logger.info("Log Filename " .. filename)
count = 0
--- /dev/null
+Tests the output of stats being logged by Lua.
+
+PCAPs created by Jason Ish.
--- /dev/null
+%YAML 1.1
+---
+
+outputs:
+ - lua:
+ enabled: yes
+ scripts-dir: .
+ scripts:
+ - test.lua
--- /dev/null
+filename = "lua-stats.log"
+
+function init (args)
+ local needs = {}
+ needs["type"] = "stats"
+ return needs
+end
+
+function setup (args)
+ file = assert(io.open(SCLogPath() .. "/" .. filename, "w"))
+end
+
+function log(args)
+ for n, v in ipairs(args) do
+ --print(n .. " - " .. v["name"] .. " == " .. v["value"]);
+ if (v["name"] == "decoder.pkts") then
+ msg = string.format("packets %u", v["value"]);
+ write(msg)
+ end
+ end
+end
+
+function deinit(args)
+ file:close(file)
+end
+
+function write(msg)
+ file:write(msg .. "\n")
+end
--- /dev/null
+requires:
+ lt-version: 8
+ features:
+ - HAVE_LUA
+
+checks:
+ - shell:
+ args: grep 'packets 10' lua-stats.log | wc -l
+ expect: 1
+local config = require("suricata.config")
+
filename = "lua-stats.log"
function init (args)
end
function setup (args)
- file = assert(io.open(SCLogPath() .. "/" .. filename, "w"))
+ file = assert(io.open(config.log_path() .. "/" .. filename, "w"))
end
function log(args)
requires:
- features:
- - HAVE_LUA
+ min-version: 8
checks:
- shell:
local flow = require "suricata.flow"
local logger = require("suricata.log")
+local config = require "suricata.config"
function init (args)
local needs = {}
end
function setup (args)
- filepath = SCLogPath()
+ filepath = config.log_path()
end
function log(args)
local flow = require("suricata.flow")
+local config = require("suricata.config")
function init (args)
local needs = {}
end
function setup (args)
- filepath = SCLogPath()
+ filepath = config.log_path()
alerts = 0
end
local filelib = require("suricata.file")
local logger = require("suricata.log")
+local config = require("suricata.config")
-- Output test for SCFileInfo
file_name = "scfileinfo.log"
end
function setup(args)
- filename = SCLogPath() .. "/" .. file_name
+ filename = config.log_path() .. "/" .. file_name
output = assert(io.open(filename, "w"))
logger.info("lua SCFileInfo Log Filename " .. filename)
end
local packet = require "suricata.packet"
local logger = require("suricata.log")
+local config = require "suricata.config"
-- simple SCPacketTuple log test
name = "scpacket-tuple.log"
end
function setup(args)
- filename = SCLogPath() .. "/" .. name
+ filename = config.log_path() .. "/" .. name
file = assert(io.open(filename, "a"))
logger.info("Lua SCPacketTuple Log Filename " .. filename)
packets = 0
local packet = require "suricata.packet"
local rule = require "suricata.rule"
local logger = require "suricata.log"
+local config = require "suricata.config"
name = "lua-scrule-ids.log"
end
function setup(args)
- filename = SCLogPath() .. "/" .. name
+ filename = config.log_path() .. "/" .. name
file = assert(io.open(filename, "a"))
logger.info("lua SCRuleIds Log Filename " .. filename)
end
local base64 = require("suricata.base64")
local dns = require("suricata.dns")
local logger = require("suricata.log")
+local config = require("suricata.config")
local expected_base64 = "d3d3LnN1cmljYXRhLWlkcy5vcmc="
function setup (args)
logger.notice("lua: setup()")
- file = assert(io.open(SCLogPath() .. "/" .. filename, "w"))
+ file = assert(io.open(config.log_path() .. "/" .. filename, "w"))
end
function log(args)
local packet = require("suricata.packet")
local rule = require("suricata.rule")
+local config = require("suricata.config")
function init()
local needs = {}
end
function setup()
- filename = SCLogPath() .. "/fast.log"
+ filename = config.log_path() .. "/fast.log"
file = assert(io.open(filename, "a"))
alert_count = 0
end
local hashlib = require("suricata.hashlib")
local dns = require("suricata.dns")
local logger = require("suricata.log")
+local config = require("suricata.config")
-- We don't actually use, but the script will fail to run if it fails
-- to "require".
function setup (args)
logger.notice("lua: setup()")
- file = assert(io.open(SCLogPath() .. "/" .. filename, "w"))
+ file = assert(io.open(config.log_path() .. "/" .. filename, "w"))
end
function log(args)
local tls = require("suricata.tls")
local logger = require("suricata.log")
+local config = require("suricata.config")
function init (args)
local needs = {}
end
function setup (args)
- filename = SCLogPath() .. "/" .. name
+ filename = config.log_path() .. "/" .. name
file = assert(io.open(filename, "a"))
logger.info("Log Filename " .. filename)
http = 0
local ssh = require("suricata.ssh")
local logger = require("suricata.log")
+local config = require("suricata.config")
filename = "results.log"
function setup (args)
logger.notice("lua: setup()")
- file = assert(io.open(SCLogPath() .. "/" .. filename, "w"))
+ file = assert(io.open(config.log_path() .. "/" .. filename, "w"))
end
function log(args)
projects / thirdparty / suricata-verify.git / commitdiff
