Commit fe408174 authored by Cool Fire's avatar Cool Fire

Send out abuse mails for all suricata Priority 1 alerts and brute force attempts.

parent 25f38f85
......@@ -20,7 +20,7 @@ fh = File.open(fw_logfile, 'r')
fh.each_line do |line|
# Check if it's a relevant entry
if(line =~ /(ET DOS|ET EXPLOIT|ET SHELLCODE|brute|Bash CGI)/i)
if(line =~ /(brute|Priority: 1)/i)
# Parse out variables
chunks = line.split('[')
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment