This repository has been archived by the owner on Apr 19, 2021. It is now read-only.
Parser additions #15
Merged
Parser additions #15
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Added two parsers for a couple other Cisco ASA deny logs I have seen a lot of lately.
Used to parse AV, HIPS, Anti-Malware, and other host based intrusion protection logs into.
Parse AV, Anti-Malware, HIPS, and logs from other host intrusion prevention tools into.
Symantec process block parser.
add another parser to handle a slight variation on the first Symantec parser
|
Odd after rebasing I can now update the iis parser without it complaining. I left the iis parser formatting alone so its a little messy. Still have a lot to learn... |
|
Thanks, Brian! |
|
Added SQL updates to create new CITRIX_NETSCALER class and parsers for Citrix NetScaler syslog sent to OSSEC via syslog. Used "type" field to subdivide the NetScaler syslog message types into their subgroups. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Added a couple Cisco deny log parsers.
Added MS DHCP parsers.
Added a new ELSA class for HIPS/HIDS logs.
I tried to add a new IIS log parser but that is causing merge problems. Will revisit.