Console output?

DigiAngel · April 30, 2021, 3:35pm

Topic…would be nice for testing to run suricata and have the results just output to the current console.

ish · April 30, 2021, 3:38pm

As a quick hack you could set the filename in the logger to /dev/stdout.

DigiAngel · April 30, 2021, 3:54pm

Hi again Jason…I figured I’d get something along those lines as a response So…feature request then…snort has this, so should suricata. Thank you!

ish · April 30, 2021, 3:57pm

What do you expect to see?

DigiAngel · April 30, 2021, 4:00pm

Hopefully the same type of thing you see with snort using -A cmg:

    04/30-09:58:53.580614 [**] [1:1000053:0] "Ping test" [**] [Classification: Potentially Bad Traffic] [Priority: 2] {ICMP} 192.168.1.9 -> 192.168.1.13
   type:0x800 len:0x62
    192.168.1.9 -> 192.168.1.13 ICMP TTL:64 TOS:0x0 ID:7548 IpLen:20 DgmLen:84 DF
    Type:8  Code:0  ID:12542   Seq:1  ECHO

    snort.raw[56]:
    - - - - - - - - - - - -  - - - - - - - - - - - -  - - - - - - - - -
    snip
    20 21 22 23 24 25 26 27  28 29 2A 2B 2C 2D 2E 2F   !"#$%&' ()*+,-./
    30 31 32 33 34 35 36 37                           01234567 
    - - - - - - - - - - - -  - - - - - - - - - - - -  - - - - - - - - -

vjulien · May 5, 2021, 7:09am

Might be a nice plugin use case?

Topic		Replies	Views
Weird result when comparing Suricata detections with snort (using same traffic) - what am I missing? Help	4	776	December 13, 2021
Suricata Logs on Splunk Help	1	435	July 31, 2023
Suricata running on a test host detected few alerts while there was no traffic on listening port Help	1	1599	January 7, 2022
Suricata not logging incoming packets Help	7	1128	December 29, 2020
Question about stream.inline Help suricata	5	267	September 6, 2023

Console output?

Related Topics