Skip to content

mitre/ocsf_ilf_translator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
ilf-ocsf-macro
ilf-ocsf-macro
 
 
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.rs
build.rs
 
 

Repository files navigation

MITRE Intermediate Log Format (ILF) Open Cybersecurity Schema Format (OCSF) Protobuf

ILF to OCSF Protobuf translates OCSF json logs to ILF logs using the OCSF protobuf schema.

Important Note: This program is designed to operate on one OCSF log file at a time to test the mapping from OCSF events to ILF. It is not designed to be used in production environments.

Version

0.2.1

Usage

Run cargo build to build the binary file.

USAGE:
    json_to_ilf --ocsf-file-path <ocsf-file-path>

Pass the path to an ILF file as input. The tool will print errors if it fails to parse the OCSF json

json_to_ilf --ilf-file /path/to/file.ilf

Updating OCSF Schema

To update the OCSF schema, replace the ocsf.proto file located at src/protos

The default included version is OCSF v1.2.0

License

This software is licensed under the Apache 2.0 license.

Public Release

Note

Approved for Public Release; Distribution Unlimited. Public Release Case Number 24-3961.

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages