GitHub user liuy-tnz opened a pull request:
https://github.com/apache/metron/pull/1171
METRON-1740 make parser support CONFIG and SYSTEM log types
## Contributor Comments
The current PaloAlto parser (BasicPaloAltoFirewallParser) doesn't support
PanOS Config and System syslog.
The PR improves the parser to support these two log types.
## Pull Request Checklist
Thank you for submitting a contribution to Apache Metron.
Please refer to our [Development
Guidelines](https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=61332235)
for the complete guide to follow for contributions.
Please refer also to our [Build Verification
Guidelines](https://cwiki.apache.org/confluence/display/METRON/Verifying+Builds?show-miniview)
for complete smoke testing guides.
In order to streamline the review of the contribution we ask you follow
these guidelines and ask you to double check the following:
### For all changes:
- [x] Is there a JIRA ticket associated with this PR? If not one needs to
be created at [Metron
Jira](https://issues.apache.org/jira/browse/METRON/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel).
- [x] Does your PR title start with METRON- where is the JIRA
number you are trying to resolve? Pay particular attention to the hyphen "-"
character.
- [x] Has your PR been rebased against the latest commit within the target
branch (typically master)?
### For code changes:
- [ ] Have you included steps to reproduce the behavior or problem that is
being changed or addressed?
- [ ] Have you included steps or a guide to how the change may be verified
and tested manually?
- [ ] Have you ensured that the full suite of tests and checks have been
executed in the root metron folder via:
```
mvn -q clean integration-test install &&
dev-utilities/build-utils/verify_licenses.sh
```
- [ ] Have you written or updated unit tests and or integration tests to
verify your changes?
- [ ] If adding new dependencies to the code, are these dependencies
licensed in a way that is compatible for inclusion under [ASF
2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] Have you verified the basic functionality of the build by building
and running locally with Vagrant full-dev environment or the equivalent?
### For documentation related changes:
- [ ] Have you ensured that format looks appropriate for the output in
which it is rendered by building and verifying the site-book? If not then run
the following commands and the verify changes via
`site-book/target/site/index.html`:
```
cd site-book
mvn site
```
Note:
Please ensure that once the PR is submitted, you check travis-ci for build
issues and submit an update to your PR as soon as possible.
It is also recommended that [travis-ci](https://travis-ci.org) is set up
for your personal repository such that your branches are built there before
submitting a pull request.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/Cognevo/metron
feature/METRON-1740-PaloAltoParserSupportsConfigAndSystemLogs
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/metron/pull/1171.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1171
commit 4d272083d5663d55526dd7f24b57e164cf2d0b6c
Author: Yi Liu
Date: 2018-08-21T21:15:55Z
[METRON-1740] make parser support CONFIG type log
commit 1da4a0524b4beb64faaa2ad25eb27d960a91367e
Author: Yi Liu
Date: 2018-08-21T23:02:00Z
[METRON-1740] add support for SYSTEM log type
---
