From: Victor Julien <victor@inliniac.net>
Date: Thu, 20 Feb 2014 08:39:24 +0000 (+0100)
Subject: output-lua: add example packet log script
X-Git-Tag: suricata-2.1beta2~158
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=684afc7f4e223ad21a8d288e54944716fd07d9d7;p=thirdparty%2Fsuricata.git

output-lua: add example packet log script

Example packet log script that outputs to stdout in the alert-
fast log format.
---

diff --git a/lua/fast.lua b/lua/fast.lua
new file mode 100644
index 0000000000..4cb0e307d3
--- /dev/null
+++ b/lua/fast.lua
@@ -0,0 +1,38 @@
+-- simple fast-log to stdout lua module
+
+function init (args)
+    local needs = {}
+    needs["type"] = "packet"
+    needs["filter"] = "alerts"
+    return needs
+end
+
+function setup (args)
+    alerts = 0
+end
+
+function log(args)
+    sid = args['sid'];
+    rev = args['rev'];
+    gid = args['gid'];
+    msg = args['msg'];
+    srcip = args['srcip'];
+    dstip = args['dstip'];
+    ts = args['ts'];
+    class = args['class'];
+    prio = args['priority'];
+    proto = args['ipproto'];
+    sp = args['sp'];
+    dp = args['dp'];
+
+    print (ts .. "  [**] [" .. gid .. ":" .. sid .. ":" .. rev .. "] " ..
+           msg .. " [**] [Classification: " .. class .. "] [Priority: " ..
+           prio .. "] {" .. proto .. "} " ..
+           srcip .. ":" .. sp .. " -> " .. dstip .. ":" .. dp)
+
+    alerts = alerts + 1;
+end
+
+function deinit (args)
+    print ("Alerted " .. alerts .. " times");
+end