[
https://issues.apache.org/jira/browse/METRON-363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15625693#comment-15625693
]
ASF GitHub Bot commented on METRON-363:
---------------------------------------
GitHub user kylerichardson reopened a pull request:
https://github.com/apache/incubator-metron/pull/276
METRON-363 Fix Cisco ASA Parser
I've rewritten the ASA parser which can be extended, as needed, to new ASA
message types by editing the bundled asa patterns file and the static map used
for grok patterns in the code. I've also tried to make it easier to deploy the
asa topology by including zookeeper config files and creating the kafka topic
during metron install. Sample data is also included for integration testing.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/kylerichardson/incubator-metron METRON-363
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/incubator-metron/pull/276.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #276
----
----
> Fix Cisco ASA Parser
> --------------------
>
> Key: METRON-363
> URL: https://issues.apache.org/jira/browse/METRON-363
> Project: Metron
> Issue Type: Improvement
> Reporter: Kyle Richardson
> Priority: Minor
>
> The current ASA parser is broken. This effort is to rework the current parser
> to support the variety of syslog messages produced by Cisco ASA devices as
> well as provide the necessary support files/configs for easier deployment of
> the Storm topology.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
