Various examples of IDMEFv2 clients and servers based on python-idmefv2 and python-idmefv2-transport.
This repository is part of the SECEF project and serves both as an illustration of the libraries' usage and as unit and integration tests for the libraries.
You can find more information about the previous version (v1) of the Intrusion Detection Message Exchange Format in RFC 4765.
The following prerequisites must be installed on your system in order to use the examples contained in this repository:
- The
makecommand (usually available from the system package namedmake) - Python 3.6 or later
- The Python idmefv2 package
- The Python idmefv2-transport package
- A working (local) Kafka installation (only required if you want to try the Kafka transport implementation). It is expected that the Kafka server is using the default configuration (no ACLs, default network ports, automatic topic creation/configuration, etc.)
The simplest way to run the examples in this repository is to run the make
command with no arguments:
makeFor each available transport implementation, the command will:
- Start a server for the given transport
- Wait until the server is fully initialized
- Spawn a client that sends an IDMEFv2 message using that transport
- Make sure that the IDMEFv2 message was properly received by the server
Alternatively, you can pass the name of a specific transport implementation (in lowercase) to only run the example associated with the given transport, e.g.
make httpSee the contents of the "examples/" folder for a list of transport names
supported by the make command.
All contributions must be licensed under the BSD 2-clause license. See the LICENSE file inside this repository for more information.
To improve coordination between the various contributors, we kindly ask that new contributors subscribe to the SECEF mailing list as a way to introduce themselves.