[jira] [Updated] (METRON-185) Create McAfee NSM Firewall Parser

Casey Stella (JIRA) Wed, 02 Nov 2016 12:07:18 -0700

     [ 
https://issues.apache.org/jira/browse/METRON-185?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Casey Stella updated METRON-185:
--------------------------------
    Fix Version/s:     (was: 0.2.2BETA)

> Create McAfee NSM Firewall Parser
> ---------------------------------
>
>                 Key: METRON-185
>                 URL: https://issues.apache.org/jira/browse/METRON-185
>             Project: Metron
>          Issue Type: New Feature
>            Reporter: Jonathan Rider
>            Assignee: James Sirota
>            Priority: Minor
>              Labels: ParserExtension, platform
>
> Create a parser for the McAfee NSM Firewall Parser. How they should be parsed 
> is specified below.
> <188>Apr 15 16:35:41 GMT mabm011q AclLog: mabm011q matched Outbound ACL rule 
> (COM Baseline Firewall/#3) 60.210.64.70 -> 200.60.213.21:443 (ssl/SSL/TLS 
> (HTTPS)) = ->PERMIT|N/A|N/A
> {
>   "priority":188,
>   "timestamp":1460738141000,
>   "hostname":"mabm011q",
>   "firewall_rule":"COM Baseline Firewall/#3",
>   "firewall_direction":"Outbound",
>   "ip_src_addr":"60.210.64.70",
>   "ip_dst_addr":"200.60.213.21",
>   "ip_dst_port":"443",
>   "protocol":"ssl",
>   "subprotocol":"SSL/TLS (HTTPS)",
>   "action":"PERMIT"
> }



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (METRON-185) Create McAfee NSM Firewall Parser

Reply via email to