Supplemental Files
This is a list of miscellaneous files that accompany this blog.
- net-entropy-1.0.6.tar.bz2 – Source code for net-entropy, courtesy of Julien Olivain (olivain@lsv.ens-cachan.fr). Released under the CeCILL license.
- net-entropy-1.0.11.tar.bz2 – Updated source code for net-entropy, courtesy of Julien Olivain (olivain@lsv.ens-cachan.fr). Released under the CeCILL license. This version can accept a protospec file for all ports.
- net-entropy.zip – Device Support Package for the Cisco CS-MARS platform, containing custom parsers for net-entropy message types.
- net-entropy_agent.tcl – A net-entropy agent for Sguil. Currently uploads only RISING ALARM messages.
- net-entropy_agent.conf – A sample config file for the above.
- hMailServer_anonymise_ip_address.txt – A script for hMailServer to anonymise the hostnames and IP addresses of internal SMTP clients.
- snort.rb – A gltail parser for Snort logs.
- viewssld.rb – A gltail parser for viewssld logs.
- net-entropy.rb – A gltail parser for net-entropy logs.
- config.yaml – A sample gltail config file that demonstrates the above three parsers.
wirewatcher 