metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Casey Stella <ceste...@gmail.com>
Subject Re: log parsers-
Date Thu, 15 Sep 2016 16:08:22 GMT
Just to tack onto the parser thread (love it, btw :).  I'd love to see a
couple of general ones:

   - Arbitrary XML with the ability to map xpaths to columns in the JSON
   - Pass through parser (in the situation where your data is a JSON map
   already)


On Thu, Sep 15, 2016 at 11:36 AM, Zeolla@GMail.com <zeolla@gmail.com> wrote:

> I would love to tack onto this thread - we are also working on some parsers
> for various technologies and plan to contribute them back.  If others are
> not working on it we will do it ourselves, but it would be great to speed
> things up with help from the community.
>
> - Shibboleth v2 (link
> <https://wiki.shibboleth.net/confluence/display/SHIB2/IdPLogging>)
> - 389 Directory Server (link
> <https://wiki.shibboleth.net/confluence/display/SHIB2/IdPLogging>)
> - OpenLDAP (link <http://www.openldap.org/>)
> - Aruba ClearPass
> - sshd
> - FreeRADIUS
>
> Jon
>
> On Thu, Sep 15, 2016 at 9:57 AM Joe Gumke <joegumke@gmail.com> wrote:
>
> > Let me know if I can be of any assistance. Ill need documentation and
> such
> > to help build the parsers.
> >
> > On Sep 14, 2016 17:58, "Satish Abburi" <Satish.Abburi@sstech.us> wrote:
> >
> > >
> > > Thanks, timelines are 2 weeks from now. Thanks.
> > >
> > > From: Poornima Ravindra Mulukutla <gprmulukutla@gmail.com<mailto:
> > > gprmulukutla@gmail.com>>
> > > Reply-To: "user@metron.incubator.apache.org<mailto:user@metron.
> > > incubator.apache.org>" <user@metron.incubator.apache.org<mailto:
> > > user@metron.incubator.apache.org>>
> > > Date: Wednesday, September 14, 2016 at 3:26 PM
> > > To: "user@metron.incubator.apache.org<mailto:user@metron.
> > > incubator.apache.org>" <user@metron.incubator.apache.org<mailto:
> > > user@metron.incubator.apache.org>>
> > > Cc: "dev@metron.incubator.apache.org<mailto:dev@metron.
> > > incubator.apache.org>" <dev@metron.incubator.apache.org<mailto:
> > dev@metron.
> > > incubator.apache.org>>
> > > Subject: Re: log parsers-
> > >
> > > Thank you
> > >
> > > I am happy to take up ASA log file analyser, what is the timeline you
> are
> > > looking for so that I will plan accordingly?
> > >
> > > In the past I have done BlueCoat log analyser when I was doing research
> > on
> > > HTTP specification (published a patent has created big change in HTTP
> > > designs), recently adopted for the Microsoft IE 11
> > >
> > > On Wed, Sep 14, 2016 at 6:54 PM, Satish Abburi <
> Satish.Abburi@sstech.us<
> > > mailto:Satish.Abburi@sstech.us>> wrote:
> > >
> > > Hi, we are trying to build parsers for our Phase1 demo on Metron
> > platform.
> > > Would like to find, if anyone already has these parsers developed.
> > > We already started working on  Windows parser, rest planning to start
> > this
> > > week. We can leverage if some thing avaialble or collaborate
> > appropriately.
> > >
> > >
> > >   *   ASA (Firewall) Metron-363
> > >   *   Windows (Desktop) - METRON-165
> > >   *   Unix (OS) Metron-175
> > >   *   Email
> > >   *   BlueCoat(Proxy) METRON-162
> > >
> > > Thanks for your help!
> > > Satish
> > >
> > >
> >
> --
>
> Jon
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message