hrbrmstr/porc
Tools to Work with 'Snort' Rules, Logs and Data

Package index
Search the hrbrmstr/porc package
Vignettes
Functions
9
Source code
9
Man pages
8
Home
/
GitHub
/
hrbrmstr/porc
/
R/rule-vars.R

R/rule-vars.R
In hrbrmstr/porc: Tools to Work with 'Snort' Rules, Logs and Data 

#' Extract all the `$`-named variables from Snort rules
#'
#' @param rules a Snort rules data frame read in with [read_rules()].
#' @export
#' @examples
#' rules <- read_rules(
#'   system.file("extdata", "emerging-telnet.rules", package="porc")
#' )
#'
#' rule_vars(rules)
rule_vars <- function(rules) {

  if (!inherits(rules, "snort_rule_df")) stop("Not a Snort rules data frame", call.=FALSE)

  unlist(
    list(rules$src_addr, rules$src_ports, rules$dst_addr, rules$dst_ports),
    use.names=FALSE
  ) -> x

  x <- stri_extract_all_regex(x, "(\\$[[:alpha:]_]+)")
  x <- unlist(x, use.names=FALSE)
  x <- as.vector(x)
  unique(sort(x))

}
hrbrmstr/porc documentation built on May 28, 2019, 5:43 a.m.

R Package Documentation

rdrr.io home R language documentation Run R code online

Browse R Packages

CRAN packages Bioconductor packages R-Forge packages GitHub packages

We want your feedback!

Note that we can't provide technical support on individual packages. You should contact the package authors for that.
GitHub issue tracker
ian@mutexlabs.com
Personal blog

 
Embedding an R snippet on your website

Add the following code to your website.

For more information on customizing the embed code, read Embedding Snippets.

Close