[
https://issues.apache.org/jira/browse/CAMEL-22903?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrea Cosentino updated CAMEL-22903:
-------------------------------------
Description:
This feature adds a new DataFormat component for marshalling and unmarshalling
security events following the [Open Cybersecurity Schema Framework
(OCSF)|https://schema.ocsf.io/] specification.
OCSF is an open-source standard for cybersecurity event logging and data
normalization. It provides a vendor-neutral schema for security events,
enabling interoperability between different security tools and platforms. Major
cloud providers like AWS (Security Hub, Security Lake) now output findings in
OCSF format.
- Marshal/Unmarshal OCSF Events - Convert between Java POJOs and JSON following
OCSF 1.7.0 specification
- Type-safe Event Classes - Generated POJOs for OCSF event classes and object
types
- Jackson-based - Uses Jackson for JSON processing with configurable options
- Schema Validation - Optional validation against OCSF schema during
unmarshalling
Details:
- Java POJOs are generated from JSON Schema files using jsonschema2pojo Maven
plugin
- A Python script ({{generate-ocsf-schemas.py}}) is provided to regenerate
schemas from official OCSF specification for future version updates
- Generated classes are placed in {{src/generated/java}} following Camel
conventions
- Schemas use file-based {{$ref}} references and {{allOf}} pattern for
inheritance
was:
This feature adds a new DataFormat component for marshalling and unmarshalling
security events following the [Open Cybersecurity Schema Framework
(OCSF)|https://schema.ocsf.io/] specification.
OCSF is an open-source standard for cybersecurity event logging and data
normalization. It provides a vendor-neutral schema for security events,
enabling interoperability between different security tools and platforms. Major
cloud providers like AWS (Security Hub, Security Lake) now output findings in
OCSF format.
- Marshal/Unmarshal OCSF Events - Convert between Java POJOs and JSON following
OCSF 1.7.0 specification
- Type-safe Event Classes - Generated POJOs for 34 OCSF event classes and 68
object types
- Jackson-based - Uses Jackson for JSON processing with configurable options
- Schema Validation - Optional validation against OCSF schema during
unmarshalling
Details:
- Java POJOs are generated from JSON Schema files using jsonschema2pojo Maven
plugin
- A Python script ({{generate-ocsf-schemas.py}}) is provided to regenerate
schemas from official OCSF specification for future version updates
- Generated classes are placed in {{src/generated/java}} following Camel
conventions
- Schemas use file-based {{$ref}} references and {{allOf}} pattern for
inheritance
> Add OCSF (Open Cybersecurity Schema Framework) DataFormat component
> -------------------------------------------------------------------
>
> Key: CAMEL-22903
> URL: https://issues.apache.org/jira/browse/CAMEL-22903
> Project: Camel
> Issue Type: New Feature
> Reporter: Andrea Cosentino
> Assignee: Andrea Cosentino
> Priority: Major
> Fix For: 4.18.0
>
>
> This feature adds a new DataFormat component for marshalling and
> unmarshalling security events following the [Open Cybersecurity Schema
> Framework (OCSF)|https://schema.ocsf.io/] specification.
> OCSF is an open-source standard for cybersecurity event logging and data
> normalization. It provides a vendor-neutral schema for security events,
> enabling interoperability between different security tools and platforms.
> Major cloud providers like AWS (Security Hub, Security Lake) now output
> findings in OCSF format.
> - Marshal/Unmarshal OCSF Events - Convert between Java POJOs and JSON
> following OCSF 1.7.0 specification
> - Type-safe Event Classes - Generated POJOs for OCSF event classes and object
> types
> - Jackson-based - Uses Jackson for JSON processing with configurable options
> - Schema Validation - Optional validation against OCSF schema during
> unmarshalling
> Details:
> - Java POJOs are generated from JSON Schema files using jsonschema2pojo Maven
> plugin
> - A Python script ({{generate-ocsf-schemas.py}}) is provided to regenerate
> schemas from official OCSF specification for future version updates
> - Generated classes are placed in {{src/generated/java}} following Camel
> conventions
> - Schemas use file-based {{$ref}} references and {{allOf}} pattern for
> inheritance
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
