Skip to content

Instantly share code, notes, and snippets.

@Zobber
Created April 5, 2020 02:52
Show Gist options
  • Select an option

  • Save Zobber/669a29778a555cf7aa8d2a7c1fd24426 to your computer and use it in GitHub Desktop.

Select an option

Save Zobber/669a29778a555cf7aa8d2a7c1fd24426 to your computer and use it in GitHub Desktop.
cat eve.json | jq -c 'select((.http or .tls) and .alert) | [.flow_id,.http.hostname,.http.http_method,.alert.signature,.src_ip,.dest_ip]'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment