Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- require 'rubygems'
- require 'json'
- require 'socket'
- require 'time'
- def make_clean(str)
- str.force_encoding("ASCII-8BIT") if str.respond_to? :force_encoding
- regex = Regexp.new('[\x00-\x1f\x7f-\xff]', nil, 'n')
- str.to_s.gsub(regex,'.')
- end
- s = TCPSocket.open('localhost',9999)
- f = File.open('out')
- c = 4
- f.each_line { |x|
- c += 1
- y = x.split(/,/)
- srcdata = y[14].split("=",2)
- dstdata = y[15].split("=",2)
- sd = srcdata.count > 1 ? srcdata[0] + '="' + make_clean(srcdata[1].unpack('m')[0]) + '"' : ''
- dd = dstdata.count > 1 ? dstdata[0] + '="' + make_clean(dstdata[1].unpack('m')[0]) + '"' : ''
- jobj = {
- :StartTime => y[0],
- :Proto => y[1],
- :SrcMac => y[2],
- :DstMac => y[3],
- :SrcAddr => y[4],
- :Sport => y[5],
- :Dir => y[6],
- :DstAddr => y[7],
- :Dport => y[8],
- :SrcPkts => y[9],
- :DstPkts => y[10],
- :SrcBytes => y[11],
- :DstBytes => y[12],
- :State => y[13],
- :srcUdata => sd,
- :dstUdata => dd
- }
- s.write(jobj.to_json)
- puts Time.now.to_s + ": currently at #{c} - #{y[0]}" if (c % 100000) == 0
- }
- s.close
Add Comment
Please, Sign In to add comment
