Commit c63ef620 authored by Ad Schellevis's avatar Ad Schellevis

(ids) work in progress query alert log configd action

parent e8da11e2
...@@ -37,7 +37,7 @@ import ujson ...@@ -37,7 +37,7 @@ import ujson
from lib.log import reverse_log_reader from lib.log import reverse_log_reader
from lib.params import updateParams from lib.params import updateParams
suricata_log = '/tmp/eve.json' suricata_log = '/var/log/suricata/eve.json'
# handle parameters # handle parameters
parameters = {'limit':'0','offset':'0', 'filter':''} parameters = {'limit':'0','offset':'0', 'filter':''}
......
...@@ -16,6 +16,12 @@ parameters: ...@@ -16,6 +16,12 @@ parameters:
type:script type:script
message:install suricata rules message:install suricata rules
[query.alerts]
command:/usr/local/opnsense/scripts/suricata/queryAlertLog.py
parameters:/limit %s /offset %s /filter %s
type:script_output
message:query suricata alerts
[stop] [stop]
command:/usr/local/etc/rc.d/suricata stop command:/usr/local/etc/rc.d/suricata stop
parameters: parameters:
...@@ -39,3 +45,4 @@ command:/usr/local/etc/rc.d/suricata status ...@@ -39,3 +45,4 @@ command:/usr/local/etc/rc.d/suricata status
parameters: parameters:
type:script_output type:script_output
message:get suricata daemon status message:get suricata daemon status
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment