npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

pigsty

v0.1.8

Published

Pigsty is parser and output plugin framework for your Snort unified2 files.

Downloads

2

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

jandrejandre

Keywords

Readme

Pigsty

Pigsty is designed as a replacement for Barnyard2. It's written in Javascript using Node.js.

Why?

We wanted something that was a little more extensible than Barnyard2. Thus, Pigsty was born.

Pigsty's output architecture is plugin based. You must install Pigsty, then install and configure any output plugins. you need.

Installation

Requirements

Pigsty requires libpcap (apt get install libpcap-dev on ubuntu). You also need to install node.js for your platform. We recommend v.10.x. Instructions for doing so are here: https://github.com/joyent/node/wiki/Installing-Node.js-via-package-manager

Ordinary people

$ install node.js for your platform
$ npm install pigsty -g
$ sudo pigsty setup
$ <edit /etc/pigsty/pigsty.config.js>
$ npm install pigsty-<pluginname> -g   # repeat for any plugins you need
$ pigsty                               # run pigsty!

For developers

$ install node.js for your platform
$ git clone [email protected]:threatstack/pigsty.git
$ cd ./pigsty && npm install
$ pigsty setup                         # setup your config. 
$ ./bin/pigsty

Output Plugins

Currently, the following plugins are available:

To install, type npm install <plugin> -g, e.g. npm install pigsty-mysql -g

Usage

	       ,.
	      (_|,.
	     ,' /, )_______   _
	  __j o``-'        `.'-)'
	 (")                 '
	  `-j                |
	    `-._(           /
	       |_  |--^.  /
	      /_]'|_| /_)_/
	         /_]'  /_]'
	         
	Pigsty by Threat Stack, Inc
	https://www.threatstack.com


   Usage: pigsty [-options]

	 -c, --config     Pigsty configuration file. Default path: /etc/pigsty.config.js
	 -D, --daemon     Run Pigsty in daemon mode.
	     --validate   Check your Pigsty configuration file for errors.
	 -V, --verbose    Turn on verbose logging.
	 -v, --version    Application version.
	 -h, --help       Application usage.

   Sensor Information:
	 -n, --name       Sensor name.
	 -i, --interface  Sensor interface.

   Log Configurations
	 -d, --dir        Log directory.
	 -m, --match      Logs file must match express to be processed.
	 -M, --mode       Processing mode (continuous|read). Default: continuous
	 -b, --bookmark   Bookmark file path.

   References:
	 -R, --reference        Reference file.
	 -C, --classification   Classification file.
	 -G, --gen-msg          Gen-msg.map file.
	 -S, --sid-msg          Sid-msg.map file.

	 Example: pigsty -i en1 -n "Pigsty" -d /logs/ -m unified2.alert.* -c ~/pigsty.config.js -D

Performance

Currently, the unified2 spooler reads at about 7000eps. Running w/ the pigsty-mysql output plugin, you'll get ~1000eps. This should be more than adequate for most installations, but we're actively working to make this faster.

Contributing

Plugins

To write your own output plugin, please refer to: https://github.com/threatstack/pigsty-example-plugin

Full documentation on writing plugins coming soon.

Issues

FAQ

Q. Can't install; npm install pigsty -g is reporting pcap errors:
make: Entering directory `/usr/lib/node_modules/pigsty/node_modules/unified2/node_modules/pcap/build'
  CXX(target) Release/obj.target/pcap_binding/pcap_binding.o
../pcap_binding.cc:5:23: fatal error: pcap/pcap.h: No such file or directory
compilation terminated.
make: *** [Release/obj.target/pcap_binding/pcap_binding.o] Error 1
make: Leaving directory `/usr/lib/node_modules/pigsty/node_modules/unified2/node_modules/pcap/build'
gyp ERR! build error
gyp ERR! stack Error: `make` failed with exit code: 2
gyp ERR! stack     at ChildProcess.onExit (/usr/lib/node_modules/npm/node_modules/node-gyp/lib/build.js:267:23)
gyp ERR! stack     at ChildProcess.EventEmitter.emit (events.js:98:17)
gyp ERR! stack     at Process.ChildProcess._handle.onexit (child_process.js:789:12)
gyp ERR! System Linux 3.5.0-17-generic
  SOLINK_MODULE(target) Release/obj.target/binding.node

A. Make sure you install libpcap

Q. I installed pigsty using npm install pigsty -g but I don't have the pigsty binary

A. Usually, it will get symlinked to /usr/bin. Depending on your platform, npm bin/ path is probably not in your path.
You can look for it using find / -name "pigsty".

Reporting

Use the git issues, or send an email to [email protected]

License

Copyright (C) 2013 Threat Stack, Inc (https://www.threatstack.com)

This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see http://www.gnu.org/licenses/.