suricata_check.utils.regex

The suricata_check.utils.regex module contains regular expressions for matching various parts of rules.

Functions

`get_options_regex`(→ regex.Pattern)	Returns a regular expression that can match any of the provided options.
`get_regex_provider`()	Returns the regex provider to be used.
`get_rule_body`(→ str)	Returns the body of a rule.
`get_rule_group_entries`(→ collections.abc.Sequence[str])	Returns a list of entries in a group.
`get_variable_groups`(→ collections.abc.Sequence[str])	Returns a list of variable groups such as $HTTP_SERVERS in a variable.
`is_valid_rule`(→ bool)	Checks if a rule is valid.

suricata_check.utils.regex.get_options_regex(options: collections.abc.Iterable[str]) → regex.Pattern[source]: Returns a regular expression that can match any of the provided options.

suricata_check.utils.regex.get_regex_provider()[source]

Returns the regex provider to be used.

If regex is installed, it will return that module. Otherwise, it will return the re module instead.

suricata_check.utils.regex.get_rule_body(rule: idstools.rule.Rule) → str[source]: Returns the body of a rule.

suricata_check.utils.regex.get_rule_group_entries(group: str) → collections.abc.Sequence[str][source]: Returns a list of entries in a group.

suricata_check.utils.regex.get_variable_groups(value: str) → collections.abc.Sequence[str][source]: Returns a list of variable groups such as $HTTP_SERVERS in a variable.

suricata_check.utils.regex.is_valid_rule(rule: idstools.rule.Rule) → bool[source]: Checks if a rule is valid.