midas_patch

MIDAS Patch to generate ArcSight CEF formatted syslog output. The updated midas.py will look for [syslog] stanza in the midas-settings.cfg. If found it will set the variable do_syslog to true to enable logging. Example stanza below: [syslog] loghost = 192.168.1.10 logport = 514

The patch will also enable varaibles to be set for the CEF log under the settings stanza.

deviceVendor: MIDAS deviceProduct: YARA deviceVersion: 1

Modified to move files and rename with the MD5 hash of the file.

MIDASv22_CEF.patch

Add the following to midas-settings.cfg to enable syslog output.

[cef] loghost = logport = 514 vendor = product = MIDAS version = 22

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
MIDASV22_cef.patch		MIDASV22_cef.patch
MIDAS_cef_syslog_output		MIDAS_cef_syslog_output
MIDASv22_CEF.patch		MIDASv22_CEF.patch
MIDASv22_cef.patch		MIDASv22_cef.patch
README.md		README.md
midas_cef_syslog.patch		midas_cef_syslog.patch

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

midas_patch

About

Releases

Packages

neslog/midas_patch

Folders and files

Latest commit

History

Repository files navigation

midas_patch

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Packages