Pastein: import json EVE_LOG = "/usr/local/var/log/suricata/eve.json" with open(EVE_LOG) as f: for line in f: try: e = json.loads(line) if e.get("event

Загрузка данных

import json

EVE_LOG = "/usr/local/var/log/suricata/eve.json"

with open(EVE_LOG) as f:
    for line in f:
        try:
            e = json.loads(line)

            if e.get("event_type") == "alert":

                print(f"time   : {e['timestamp']}")
                print(f"action : {e['alert']['action']}")
                print(f"rule   : {e['alert']['signature']}")
                print(f"src    : {e['src_ip']}:{e.get('src_port', '')}")
                print(f"dst    : {e['dest_ip']}:{e.get('dest_port', '')}")
                print()

        except:
            pass

Больше возможностей при регистрации: