Repository: metron-bro-plugin-kafka Updated Branches: refs/heads/master c035becc1 -> 4db999e82
METRON-813 Migrate metron-bro-plugin-kafka to be a bro package (JonZeolla) closes apache/metron-bro-plugin-kafka#3 Project: http://git-wip-us.apache.org/repos/asf/metron-bro-plugin-kafka/repo Commit: http://git-wip-us.apache.org/repos/asf/metron-bro-plugin-kafka/commit/4db999e8 Tree: http://git-wip-us.apache.org/repos/asf/metron-bro-plugin-kafka/tree/4db999e8 Diff: http://git-wip-us.apache.org/repos/asf/metron-bro-plugin-kafka/diff/4db999e8 Branch: refs/heads/master Commit: 4db999e82cbb91e989eaf00a88e94ffd2459f3a3 Parents: c035bec Author: JonZeolla <[email protected]> Authored: Fri Nov 17 21:11:09 2017 -0500 Committer: JonZeolla <[email protected]> Committed: Fri Nov 17 21:11:09 2017 -0500 ---------------------------------------------------------------------- NOTICE | 5 +++++ README.md | 8 ++++---- bro-pkg.meta | 16 ++++++++++++++++ scripts/Bro/Kafka/__load__.bro | 2 +- tests/Baseline/kafka.show-plugin/output | 8 ++++++++ 5 files changed, 34 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/metron-bro-plugin-kafka/blob/4db999e8/NOTICE ---------------------------------------------------------------------- diff --git a/NOTICE b/NOTICE new file mode 100644 index 0000000..9505518 --- /dev/null +++ b/NOTICE @@ -0,0 +1,5 @@ + Apache Metron + Copyright 2015-2016 The Apache Software Foundation + + This product includes software developed at + The Apache Software Foundation (http://www.apache.org/). http://git-wip-us.apache.org/repos/asf/metron-bro-plugin-kafka/blob/4db999e8/README.md ---------------------------------------------------------------------- diff --git a/README.md b/README.md index 2901e18..ea8d7da 100644 --- a/README.md +++ b/README.md @@ -43,7 +43,7 @@ The goal in this example is to send all HTTP and DNS records to a Kafka topic na * Defining `logs_to_send` will ensure that only HTTP and DNS records are sent. ``` -@load Apache/Kafka/logs-to-kafka.bro +@load metron-bro-plugin-kafka/Bro/Kafka redef Kafka::logs_to_send = set(HTTP::LOG, DNS::LOG); redef Kafka::topic_name = "bro"; redef Kafka::kafka_conf = table( @@ -60,7 +60,7 @@ It is also possible to send each log stream to a uniquely named topic. The goal * Each log writer accepts a separate configuration table. ``` -@load Apache/Kafka/logs-to-kafka.bro +@load metron-bro-plugin-kafka/Bro/Kafka redef Kafka::topic_name = ""; redef Kafka::tag_json = T; @@ -98,7 +98,7 @@ You may want to configure bro to filter log messages with certain characteristic * If the log message contains a 128 byte long source or destination IP address, the log is not sent to kafka. ``` -@load Apache/Kafka/logs-to-kafka.bro +@load metron-bro-plugin-kafka/Bro/Kafka redef Kafka::topic_name = "bro"; redef Kafka::tag_json = T; @@ -237,7 +237,7 @@ ${KAFKA_HOME}/kafka-broker/bin/kafka-acls.sh --authorizer kafka.security.auth.Si The following is how the `${BRO_HOME}/share/bro/site/local.bro` looks: ``` -@load Apache/Kafka/logs-to-kafka.bro +@load metron-bro-plugin-kafka/Bro/Kafka redef Kafka::logs_to_send = set(HTTP::LOG, DNS::LOG); redef Kafka::topic_name = "bro"; redef Kafka::tag_json = T; http://git-wip-us.apache.org/repos/asf/metron-bro-plugin-kafka/blob/4db999e8/bro-pkg.meta ---------------------------------------------------------------------- diff --git a/bro-pkg.meta b/bro-pkg.meta new file mode 100644 index 0000000..a31fdaf --- /dev/null +++ b/bro-pkg.meta @@ -0,0 +1,16 @@ +[package] +description = A Bro log writer plugin that sends logging output to Kafka. +tags = log writer, bro plugin, kafka +script_dir = scripts +build_command = ./configure --bro-dist=%(bro_dist)s --with-librdkafka=%(LIBRDKAFKA_ROOT)s && make +test_command = ( cd tests && btest -d ) +plugin_dir = build +config_files = scripts/init.bro +version = 0.1 +depends = + bro >=2.5.0 + bro-pkg >=1.2 +external_depends = + librdkafka ~0.9.4 +user_vars = + LIBRDKAFKA_ROOT [/usr/local/lib] "Path to librdkafka installation tree" http://git-wip-us.apache.org/repos/asf/metron-bro-plugin-kafka/blob/4db999e8/scripts/Bro/Kafka/__load__.bro ---------------------------------------------------------------------- diff --git a/scripts/Bro/Kafka/__load__.bro b/scripts/Bro/Kafka/__load__.bro index 1df1136..2a1efa8 100644 --- a/scripts/Bro/Kafka/__load__.bro +++ b/scripts/Bro/Kafka/__load__.bro @@ -18,4 +18,4 @@ # loaded automatically at that point. # -@load ./init.bro +@load ./logs-to-kafka.bro http://git-wip-us.apache.org/repos/asf/metron-bro-plugin-kafka/blob/4db999e8/tests/Baseline/kafka.show-plugin/output ---------------------------------------------------------------------- diff --git a/tests/Baseline/kafka.show-plugin/output b/tests/Baseline/kafka.show-plugin/output new file mode 100644 index 0000000..d8b215d --- /dev/null +++ b/tests/Baseline/kafka.show-plugin/output @@ -0,0 +1,8 @@ +Apache::Kafka - Writes logs to Kafka (dynamic, version 0.1) + [Writer] KafkaWriter (Log::WRITER_KAFKAWRITER) + [Constant] Kafka::kafka_conf + [Constant] Kafka::topic_name + [Constant] Kafka::max_wait_on_shutdown + [Constant] Kafka::tag_json + [Constant] Kafka::debug +
