Created
November 1, 2018 02:12
-
-
Save traetox/ea9d7c62d7a4e70416796bda0289b709 to your computer and use it in GitHub Desktop.
named field generator usage
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "github.com/gravwell/tools/nfgen" | |
| "log" | |
| ) | |
| func main() { | |
| //create a new named fields resource using the CSV engine that knows how to deal with 2 | |
| //data types, one for login events and one for password failed events | |
| nf := nfgen.NewGen() | |
| g, err := nfgen.NewGroup("logins", "csv", ``) | |
| if err != nil { | |
| log.Fatal(err) | |
| } | |
| if err = g.AddSub(`username`, ``, 1); err != nil { | |
| log.Fatal(err) | |
| } | |
| if err = g.AddSub(`host`, ``, 2); err != nil { | |
| log.Fatal(err) | |
| } | |
| if err = g.AddSub(`srcip`, ``, 3); err != nil { | |
| log.Fatal(err) | |
| } | |
| if err = nf.AddGroup(g); err != nil { | |
| log.Fatal(err) | |
| } | |
| if g, err = nfgen.NewGroup("failedlogins", "csv", ``); err != nil { | |
| log.Fatal(err) | |
| } | |
| if err = g.AddSub(`srcip`, ``, 2); err != nil { | |
| log.Fatal(err) | |
| } | |
| if err = g.AddSub(`username`, ``, 3); err != nil { | |
| log.Fatal(err) | |
| } | |
| if err = g.AddSub(`password`, ``, 4); err != nil { | |
| log.Fatal(err) | |
| } | |
| if err = g.AddSub(`host`, ``, 5); err != nil { | |
| log.Fatal(err) | |
| } | |
| if err = nf.AddGroup(g); err != nil { | |
| log.Fatal(err) | |
| } | |
| if err = nf.Export("/tmp/lookups.json"); err != nil { | |
| log.Fatal(err) | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment