[jira] [Created] (METRON-185) Create McAfee NSM Firewall Parser

Jonathan Rider (JIRA) Tue, 24 May 2016 11:33:39 -0700

Jonathan Rider created METRON-185:
-------------------------------------

             Summary: Create McAfee NSM Firewall Parser
                 Key: METRON-185
                 URL: https://issues.apache.org/jira/browse/METRON-185
             Project: Metron
          Issue Type: New Feature
            Reporter: Jonathan Rider
            Priority: Minor



Create a parser for the McAfee NSM Firewall Parser. How they should be parsed 
is specified below.

<188>Apr 15 16:35:41 GMT mabm011q AclLog: mabm011q matched Outbound ACL rule 
(COM Baseline Firewall/#3) 60.210.64.70 -> 200.60.213.21:443 (ssl/SSL/TLS 
(HTTPS)) = ->PERMIT|N/A|N/A


{
  "priority":188,
  "timestamp":1460738141000,
  "hostname":"mabm011q",
  "firewall_rule":"COM Baseline Firewall/#3",
  "firewall_direction":"Outbound",
  "ip_src_addr":"60.210.64.70",
  "ip_dst_addr":"200.60.213.21",
  "ip_dst_port":"443",
  "protocol":"ssl",
  "subprotocol":"SSL/TLS (HTTPS)",
  "action":"PERMIT"
}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (METRON-185) Create McAfee NSM Firewall Parser

Reply via email to