meer
meer copied to clipboard
beave
Meer (GPLv2) is a dedicated "spooler" for the Suricata & Sagan EVE output formats.
Meer should insert into the database the "program" (if applicable ... if Sagan) into the EVE file. Please see Sagan feature request: https://github.com/beave/sagan/issues/124
** README ** Repo has moved to https://github.com/quadrantsec/meer !
gcc -DHAVE_CONFIG_H -I. -I.. -I.. -I/opt/local/include -g -O2 -D__Darwin__ -MT meer-decode-json-alert.o -MD -MP -MF .deps/meer-decode-json-alert.Tpo -c -o meer-decode-json-alert.o `test -f 'decode-json-alert.c' || echo './'`decode-json-alert.c decode-json-alert.c:341:21: warning: '__builtin___strlcpy_chk' will always overflow...
Hello, When i try to execute meer with /usr/local/bin/meer --config /usr/local/etc/meer.yaml I have this error : Erreur de segmentation (core dumped)
First off, this project is AMAZING. Coming from a DBA background, and being a huge fan of Suricata, thank you! As you know, the line ending in windows is different....
Create a PCAP based off the data that is stored in an EVE alerts. Possibly create the packet with libdnet/libpcap then write out to file? Obviously would just be a...
Noticed the note in the source about barnyard wanting the hostname with interface like hostname:if# I have not experienced this problem however even when using your awesome fork of by2...
Come up with a schema to support Suricata and Sagan "stats". This way, from a UI , you could query the health of the sensor. Trigger on the event_type of...