+1 in need of. No current effort because it is not our primary kerb realm, but we could use it.
On Mon, Oct 3, 2016, 17:18 James Sirota <[email protected]> wrote: > I've seen traffic come through about multiple efforts for writing the AD > parser for Metron. I'd like to consolidate these efforts so that we can > come up with a generic parser that is suitable for everyone's needs and > that we don't duplicate effort. Please post to this thread if you are > working or are in need of the AD parser. We can then throw a working group > together and get the parser written and tested with everyone's telemetry. > Also, please indicate if you are able to provide sample (anonymized) logs. > If you are getting these logs from your corporate environment please check > with your security office first prior to posting them. > > ------------------- > Thank you, > > James Sirota > PPMC- Apache Metron (Incubating) > jsirota AT apache DOT org > -- Jon
