Skip to content

Commit

Permalink
Add OCSF rule and template for paloalto network traffic logs (opensea…
Browse files Browse the repository at this point in the history 
…rch-project#5087)

* Add OCSF rule and template for paloalto network traffic logs

Signed-off-by: Krishna Kondaka <krishkdk@dev-dsk-krishkdk-2c-bd29c437.us-west-2.amazon.com>

* Addressed review comments

Signed-off-by: Krishna Kondaka <krishkdk@dev-dsk-krishkdk-2c-bd29c437.us-west-2.amazon.com>

---------

Signed-off-by: Krishna Kondaka <krishkdk@dev-dsk-krishkdk-2c-bd29c437.us-west-2.amazon.com>
Co-authored-by: Krishna Kondaka <krishkdk@dev-dsk-krishkdk-2c-bd29c437.us-west-2.amazon.com>
  • Loading branch information
@kkondaka
kkondaka and Krishna Kondaka authored Oct 22, 2024
1 parent b2f51f5 commit 5bfcac8
Show file tree
Hide file tree
Showing 4 changed files with 687 additions and 1 deletion.
6 changes: 6 additions & 0 deletions data-prepper-plugins/ocsf/build.gradle
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@

dependencies {
implementation project(':data-prepper-api')
}


6 changes: 6 additions & 0 deletions ...in/resources/org/opensearch/dataprepper/transforms/rules/ocsf-v1.1-panw-traffic-rule.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
plugin_name: "ocsf-v1.1-panw-traffic"
apply_when:
- "$..processor[?(@.ocsf.type == 'palo_alto_networks_traffic_logs')]"
- "$..processor[?(@.ocsf.version == '1.1')]"


Loading

0 comments on commit 5bfcac8

Please sign in to comment.