0.1.5 • Published 5 years ago
ids-parser v0.1.5
IDS Parser
WARNING!
This is beta version (just for demonstration), not for real work! Author is not responsible if something goes wrong ;)
Official website
Functions
- Parses log files of well-known Intrusion Detection Systems (IDS), such as Snort, Dallas Lock, Zeek (ex. Bro), etc.
- Shows diagram of legal, illegal & unknown traffic
- Shows traffic description in human-readable format
- Can export all parsed information to PDF
Download materials
Auto install script (for Ubuntu 16+/Debian 8+)
Auto run script (for Ubuntu 16+/Debian 8+)
Demo Log Files - also included in this repository, demo
folder
Minimal browser requirements
Name | Version | Platform |
---|---|---|
Internet Explorer | 10 | Windows 7 SP1 |
Edge | 17 | Windows 10, build 1803 |
Firefox | 52.9 | Windows XP SP2/Ubuntu 14.04/Mac OS X 10.9 |
Chrome | 49 | Windows XP SP3/Ubuntu 14.04/Mac OS X 10.10 |
Safari | 5.1.7 | Windows XP SP3/Mac OS X 10.6 |
Opera | 36 | Windows XP SP3/ Ubuntu 16.04 (x64)/Mac OS X 10.10 |
iOS Safari | 11 | iOS 11.4 |
Android Browser | 67 | Android 6 |
Chrome for Android | 71 | Android 4.1 |
Firefox for Android | 64 | Android 4.1 |
How to start
.zip archives (local server)
- Make sure you have successfully connected to MongoDB database (usually localhost:27017).
- Unzip files where you need. Open terminal there.
- If you have downloaded archive without node_modules, run
npm i
command to download libraries for this app. - Run nodemon command. When message Parser was started, using port 3000 is shown, go to
http://localhost:3000/install
and follow all the instructions, after that go tohttp://localhost:3000
.
Shell scripts (if you have remote server, VPS, etc) - Ubuntu 16+/Debian 8+ only
- Make sure you have successfully connected to MongoDB database (port is usually 27017).
- Put
ids-parser-install.sh
file to your server, run this file as sudo. This file will download and unpack libraries that are needed to run the app. Before running, you should delete packages such asapache
,mysql-server
,php-*
. - Put
ids-parser-autorun.sh
, make it run when the OS of your server boots up (use file/etc/rc.local
) - Download and unzip the files of parser, put them to your server root (usually
/var/www/html
). If you have downloaded archive without node_modules, runnpm i
command at the server root folder to download libraries for this app. - Run nodemon command at the server root folder. When message Parser was started, using port 3000 is shown, go to
http://remote.ip:3000/install
and follow all the instructions, after that go tohttp://remote.ip:3000
. - If you had binded a domain to your VPS, consider using nginx proxy for node.js (to get rid of
:3000
port in the address bar).
License
Copyright
© SIV, 2019
Libraries & frameworks used
Stolzl-Regular Copyright © 2015 by Mariya Pigoulevskaya. All rights reserved.
Font Awesome (free license) © 2017 Fonticons, Inc. - Icons — CC BY 4.0 License, Fonts — SIL OFL 1.1 License, Code — MIT License
- jQuery 1.9.1 © 2013-2019 The jQuery Foundation - MIT License
- jQuery File Upload v9.25.1 © 2019 Sebastian Tschan - MIT License
- StyleFix 1.0.3 & PrefixFree 1.0.7 © 2017 Lea Verou - MIT License
- Modernizr 3.6.0 © 2019 Faruk Ateş, Paul Irish, Alex Sexton, Ryan Seddon, Patrick Kettner, Stu Cox, Richard Herrera - MIT License
- Moment.js 2.24.0 © 2019 JS Foundation and other contributors - MIT License
- d3.js 5.9.1 © 2019 Mike Bostock - BSD license
- d3pie 0.2.1 © 2014-2015 Benjamin Keen - MIT License
- mongodb 2.2.33 © 2009-2012 Christian Amor Kvalheim, 2012-present MongoDB Contributors - Apache 2.0 License
- xml2js 0.4.19 © 2017 @Leonidas-from-XIV - MIT License
- Twig 2.x © 2010-2019 Symfony - BSD License
- Twig 2.x - version for node.js
- Helmet 3.18.0 © 2019 Adam Baldwin - CC 3.0 License
- x-xss-protection 1.1.0 © 2019 Evan Hahn - MIT License
- dont-sniff-mimetype 1.0.0 © 2019 Evan Hahn - MIT License
- PDFKit © @devongonett 2019 - MIT license
- svg-to-pdfkit © @alafr 2019 - MIT license