[jira] [Commented] (NIFI-2341) Create a processor to parse logs formated using CEF

ASF GitHub Bot (JIRA) Thu, 04 Aug 2016 06:38:08 -0700

    [ 
https://issues.apache.org/jira/browse/NIFI-2341?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15407771#comment-15407771
 ]


ASF GitHub Bot commented on NIFI-2341:
--------------------------------------

GitHub user trixpan opened a pull request:

    https://github.com/apache/nifi/pull/785

    NIFI-2341 - Introduce ParseCEF processor

    * Implements a processor to parse HPE's highly popular Common Event Format
    
    * Please note this code relies on a Parser written outside the NiFi source 
tree. This was done with the intent of allowing code reuse, given that many 
Open Source projects tend to tackle the CEF format in a myriad of ways and some 
are still trying to implement a solid parser (e.g. METRON-157). The Parser is 
functional but feedback over its implementation is welcome as well.
    


You can merge this pull request into a Git repository by running:

    $ git pull https://github.com/trixpan/nifi NIFI-2341

Alternatively you can review and apply these changes as the patch at:

    https://github.com/apache/nifi/pull/785.patch

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #785
    
----
commit be2c1e83f7f486b1b6a1e148bc828acf3865a8de
Author: Andre F de Miranda <[email protected]>
Date:   2016-08-04T13:30:37Z

    NIFI-2341 - Introduce ParseCEF processor

----


> Create a processor to parse logs formated using CEF
> ---------------------------------------------------
>
>                 Key: NIFI-2341
>                 URL: https://issues.apache.org/jira/browse/NIFI-2341
>             Project: Apache NiFi
>          Issue Type: Improvement
>            Reporter: Andre
>            Assignee: Andre
>
> As NiFi continue to increase its abilities to complement SIEM, Splunk and ELK 
> deployments, a number of users will be looking to parse CEF formatted 
> logs[1][2].
> CEF is a format specified by Arcsight (now part of HPE) and is described in 
> detail in here:
> https://www.protect724.hpe.com/docs/DOC-1072
> [1] 
> http://apache-nifi.1125220.n5.nabble.com/Suggestion-of-processors-td9795.html
> [2] 
> https://community.hortonworks.com/questions/43185/which-processor-is-used-to-parse-cef-format-logs.html



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (NIFI-2341) Create a processor to parse logs formated using CEF

Reply via email to