[ https://issues.apache.org/jira/browse/METRON-185?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Sirota updated METRON-185: -------------------------------- Assignee: Casey Stella > Create McAfee NSM Firewall Parser > --------------------------------- > > Key: METRON-185 > URL: https://issues.apache.org/jira/browse/METRON-185 > Project: Metron > Issue Type: New Feature > Reporter: Jonathan Rider > Assignee: Casey Stella > Priority: Minor > Labels: ParserExtension > > Create a parser for the McAfee NSM Firewall Parser. How they should be parsed > is specified below. > <188>Apr 15 16:35:41 GMT mabm011q AclLog: mabm011q matched Outbound ACL rule > (COM Baseline Firewall/#3) 60.210.64.70 -> 200.60.213.21:443 (ssl/SSL/TLS > (HTTPS)) = ->PERMIT|N/A|N/A > { > "priority":188, > "timestamp":1460738141000, > "hostname":"mabm011q", > "firewall_rule":"COM Baseline Firewall/#3", > "firewall_direction":"Outbound", > "ip_src_addr":"60.210.64.70", > "ip_dst_addr":"200.60.213.21", > "ip_dst_port":"443", > "protocol":"ssl", > "subprotocol":"SSL/TLS (HTTPS)", > "action":"PERMIT" > } -- This message was sent by Atlassian JIRA (v6.3.4#6332)