This project consists in a program that will sort logs by IDs, add actions, time, calculate duration, and log several other attributes such as emails, in order for them to be digested by a SIEM.
The output will be a JSON print which will appear on console.
2021-04-30T23:55:00.127629 886715E6D6C9D4FB status=rejected
2021-04-30T23:55:00.791921 F8F63278A6A3AD87 from=<sarah.smith@example.com>
2021-04-30T23:55:01.470432 418512384DDDD2C6 from=<robert.rodriguez@example.com>
{
"time": {
"start": "2021-05-01T00:04:28.579964",
"duration": "0:00:30.1025000"
},
"sessionid": "C5A7F41C60258E80",
"client": "10.38.239.99",
"messageid": "7eecc249-f07a-4fb4-8304-ed0c6eebcf2a@FFJ6FNVCKS",
"address": {
"from": "jessica.jones@example.com",
"to": "charles.jones@example.com"
},
"status": "sent"
}
In order to use this program, you may build a binary (you're going to need at least Go 1.21.4 installed) with:
go build .
// Run the binary
./go-log-analyzer
Or you can straight execute it like this:
go run .