You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed a previous issue reported that the KeyValue formats are not consistant. The comments related said the issue was fixed however I am still observing issues with less than 8% of our logs (in that population was the MALWARE group of logs)
Here is the siem.py file that we changed to fix the consistency issues. Appears that if the value of a key is null the key is dropped and the order is not consistent. With trying to fix the issue I ran into some encoding issues which I fixed by changing the characters that could not be encoded as ascii characters to xml.
This is now working with our SIEM and thought we would pass on the code.
I noticed a previous issue reported that the KeyValue formats are not consistant. The comments related said the issue was fixed however I am still observing issues with less than 8% of our logs (in that population was the MALWARE group of logs)
Here is the siem.py file that we changed to fix the consistency issues. Appears that if the value of a key is null the key is dropped and the order is not consistent. With trying to fix the issue I ran into some encoding issues which I fixed by changing the characters that could not be encoded as ascii characters to xml.
This is now working with our SIEM and thought we would pass on the code.
Enjoy,
siem.txt
The text was updated successfully, but these errors were encountered: