Thanks to visit codestin.com
Credit goes to github.com

Skip to content

pcktdmp/cef

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
.github/workflows
.github/workflows
 
 
cefevent
cefevent
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
TODO
TODO
 
 
cefevent_test.go
cefevent_test.go
 
 
go.mod
go.mod
 
 

Repository files navigation

Common Event Format in Go

Go Package for ArcSight's Common Event Format

Build Workflow Test Workflow

Motivation

Learning Go, help people who need to generate CEF events in Golang.

TL;DR

Install the package

$ go get github.com/pcktdmp/cef/cefevent

cef.go

package main

import (
	"fmt"
	"github.com/pcktdmp/cef/cefevent"
)

func main() {

	f := make(map[string]string)
	f["sourceAddress"] = "127.0.0.1"
	f["requestClientApplication"] = "Go-http-client/1.1"

	event := cefevent.CefEvent{
		Version:            "0",
		DeviceVendor:       "Cool Vendor",
		DeviceProduct:      "Cool Product",
		DeviceVersion:      "1.0",
		DeviceEventClassId: "FLAKY_EVENT",
		Name:               "Something flaky happened.",
		Severity:           "3",
		Extensions:         f}.Generate()

	fmt.Println(event)

}

Example output

$ ./cef
CEF:0|Cool Vendor|Cool Product|1.0|FLAKY_EVENT|Something flaky happened.|3|sourceAddress=127.0.0.1 requestClientApplication=Go-http-client/1.1

Not yet implemented

  • Field limits according to format standard for known CEF fields
  • Error handling
  • Mandatory header field checking

About

Go Package for ArcSight's Common Event Format (CEF)

Topics

golang cef siem arcsight common-event-format

Resources

Readme

License

MIT license
Activity

Stars

17 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 10

Refactored and deprecation of Generate() Latest
Oct 1, 2024
+ 9 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages