32 lines
936 B
Markdown
32 lines
936 B
Markdown
# cef-parser
|
|
|
|
A Clojure library designed to parse CEF.
|
|
|
|
## Usage
|
|
|
|
~~~clojure
|
|
> (require '[cef-parser.core :refer :all])
|
|
> (parse-cef (str "2016-07-04T10:09:33 CEF:0|Sec\\|urity|threat\\\\manager|1.0|100|worm successfully stopped|10|"
|
|
~ "src\\\\he=10.0.0.1 dst=2.1.2.2 spt=1232 filePath=/user/username/dir/my file name.txt "
|
|
~ "E\\=mc2=Einstein formula my\\ file=foo bar"))
|
|
{:version "Sec|urity"
|
|
:device-vendor "threat\\manager"
|
|
:device-product "1.0"
|
|
:device_event_class_id "100"
|
|
:name "worm successfully stopped"
|
|
:severity "10"
|
|
:extension {"spt" "1232"
|
|
"dst" "2.1.2.2"
|
|
"filePath" "/user/username/dir/my file name.txt"
|
|
"src\\he" "10.0.0.1"
|
|
"my file" "foo bar"
|
|
"E=mc2" "Einstein formula"}}
|
|
~~~
|
|
|
|
## License
|
|
|
|
Copyright © 2016 Cisco
|
|
|
|
Distributed under the Eclipse Public License either version 1.0 or (at
|
|
your option) any later version.
|