Merge branch 'SPOT-181_ODM' of https://git-wip-us.apache.org/repos/asf/incubator-spot into pr/136
Project: http://git-wip-us.apache.org/repos/asf/incubator-spot/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-spot/commit/97291e90 Tree: http://git-wip-us.apache.org/repos/asf/incubator-spot/tree/97291e90 Diff: http://git-wip-us.apache.org/repos/asf/incubator-spot/diff/97291e90 Branch: refs/heads/SPOT-181_ODM Commit: 97291e90dd1ef3dc6ccc4702edb7f67ef613482e Parents: c79aa31 e48c5f4 Author: natedogs911 <natedogs...@gmail.com> Authored: Fri Feb 9 11:43:12 2018 -0600 Committer: natedogs911 <natedogs...@gmail.com> Committed: Fri Feb 9 11:43:12 2018 -0600 ---------------------------------------------------------------------- spot-gen/README.md | 66 ++++++ spot-gen/conf/asa.yaml | 33 +++ spot-gen/conf/asa/asa.sample | 13 ++ .../conf/asa/not-supported-by-parser.sample | 40 ++++ spot-gen/conf/common/files.txt | 2 + spot-gen/conf/common/hosts.txt | 5 + spot-gen/conf/common/subjects.txt | 14 ++ spot-gen/conf/common/users.txt | 5 + spot-gen/conf/common/users_info.txt | 5 + spot-gen/conf/common/utils.py | 36 +++ spot-gen/conf/example.yaml | 35 +++ spot-gen/conf/example/domains.txt | 2 + spot-gen/conf/example/events1.txt | 2 + spot-gen/conf/example/utils.py | 19 ++ spot-gen/conf/unix.yaml | 14 ++ spot-gen/conf/unix/unix_events.sample | 4 + spot-gen/conf/windows_nxlog.yaml | 42 ++++ .../conf/windows_nxlog/windows_nxlog.sample | 25 ++ spot-gen/datagen.py | 227 +++++++++++++++++++ spot-setup/create_email_parquet.hql | 31 +++ spot-setup/create_wgdhcp_parquet.hql | 24 ++ spot-setup/create_wgtraffic_parquet.hql | 51 +++++ spot-setup/create_windows_parquet.hql | 45 ++++ spot-setup/odm/event.avsc | 4 +- .../views/hive/AdministrationActivity.sql | 131 +++++++++++ .../views/hive/FileObjectAccessedOrChanged.sql | 118 ++++++++++ spot-setup/views/hive/MessageEvent.sql | 77 +++++++ spot-setup/views/hive/NetworkConnection.sql | 86 +++++++ spot-setup/views/hive/PasswordChangeOrReset.sql | 45 ++++ .../views/hive/ProcessStartupOrShutdown.sql | 87 +++++++ .../hive/SecurityObjectAccessedOrChanged.sql | 119 ++++++++++ spot-setup/views/hive/UseOfPrivilegeCommand.sql | 89 ++++++++ .../views/hive/UserAccountAddedOrRemoved.sql | 102 +++++++++ spot-setup/views/hive/UserLogin.sql | 89 ++++++++ 34 files changed, 1685 insertions(+), 2 deletions(-) ----------------------------------------------------------------------