Berikut
#!/usr/bin/perl
#program: id-cert snort log parser;
#by: khaerul
$file_name = $ARGV[0];
$target_file_name = $ARGV[1];
$row = "";
open(LOGFILE, $file_name) || die "Error, file doesn't exist!!!";
while($content = <LOGFILE>) {
if($content =~/\[\*\*\]/i){ # column 1; attack name
$content =~ s/[\[\:0-9\:0-9\:0-9\]\*\r\n]//g;
$row .= $content;
}
if($content =~/classification/i || $content =~/priority/i ){ # column 2; classification
$content =~ s/[\[\:0-9\:0-9\:0-9\]\*\r\n]//ig;
$content =~ s/Priority//g;
$content =~ s/Classification//g;
$row .= ",". $content;
}
if($content =~/\-\>/i){ # column 3, 4, 5; date, attacker, target
$row .= ",". substr $content, 0, 5;
$content=~ s/\-\>/\,/ig;
$content=~ s/[\r\n]//ig;
$row .= ",". substr $content, 22, 100;
$row .= "\r\n";
}
}
close(LOGFILE);
open(OUTFILE, ">$target_file_name.csv"); # save to csv file
print OUTFILE $row;
close(OUTFILE);
__END__
Semoga bermanfaat.
NB: Kalau ada yang ingin bertanya atau memberi koreksi silahkan posting di bagian komentar.
Tidak ada komentar:
Posting Komentar