suricata: hardcode the twid width

stratosphereips · Oct 29, 2024 · 520b110 · 520b110
1 parent a6f4670
commit 520b110
Showing 1 changed file with 5 additions and 6 deletions.
diff --git a/parsers/suricata.py b/parsers/suricata.py
@@ -1,5 +1,4 @@
 from utils.timestamp_handler import TimestampHandler
-from parsers.config import ConfigurationParser
 from utils.hash import Hash
 from abstracts.parsers import Parser
 
@@ -22,8 +21,7 @@ def init(self,
 
 
     def read_config(self):
-        config = ConfigurationParser('config.yaml')
-        self.twid_width = float(config.timewindow_width())
+        self.twid_width = 3600
 
     def extract_flow(self, line: str) -> dict:
         """
@@ -68,8 +66,10 @@ def label_tw(self, ts: float, srcip: str, label: str):
 
     def print_stats(self):
         self.log('', "-" * 30)
-        self.log(f"Total malicious labels: ", self.db.get_flows_count('suricata', 'malicious'))
-        self.log(f"Total benign labels: ", self.db.get_flows_count('suricata', 'benign'))
+        self.log(f"Total malicious labels: ",
+                 self.db.get_flows_count('suricata', 'malicious'))
+        self.log(f"Total benign labels: ",
+                 self.db.get_flows_count('suricata', 'benign'))
         self.log('', "-" * 30)
 
         print()
@@ -87,7 +87,6 @@ def parse(self):
                     # only read benign flows and alert events
                     continue
 
-
                 flow: dict = self.extract_flow(line)
                 original_ts = flow['timestamp']
                 timestamp = self.timestamp_handler.convert_iso_8601_to_unix_timestamp(flow['timestamp'])