Announcing PyLogsParser 0.4

  • Sharebar

Wallix logo Wallix LogBox team is happy to announce version 0.4 of PyLogsParser.

New normalizers

  • Wallix AdminBastion authentication logs, written by Nassim Babaci
  • Cisco ASA logs.
  • Dansguardian logs.

Features

  • Adds Common Callbacks facility : a library of functions that are ready to
    use in normalizers. Most of them involve the parsing of various common date
    formats.
  • Adds Final Callback facility : it is now possible to call a callback function
    at the end of the normalization process (if one of the normalizer’s patterns
    has been applied successfully). This is useful to compute a tag from several
    others’ values, for example.
  • Adds “extras” library to use in callbacks. It allows to move some logic
    outside of a normalizer’s definition. This can lead to a significant
    performance boost.
  • Adds a “taxonomy” tag to existing normalizers to allow classification
    per application type.
  • Adds normalizer timing utility (contributed by Jean-Fran├žois Taltavull).
  • Adds utility to check common tagging per taxonomy. Ideally normalizers
    under the same taxonomy should have a common pool of tags.

Improvements

  • S3 normalizer is 70 times faster than before (contributed by Jean-Fran├žois Taltavull).
  • Significant speedup in URLparser and UserAgent normalizers thanks to the
    “extras” library.
  • Bing bot added to bots list
  • FTPd normalizer turned into the more generic xferlog normalizer.

Bugfixes

  • Fixes DenyAll normalizers as much as possible given the available documentation.
  • Fixes incorrect regular expression used for MAC addresses.

Removals

  • Removes faulty MySQL normalizer.

Other

  • Documentation is up to date.
  • Test suite is up to date.

Details and download

Full changelog is available on github. The tar ball version can be dowloaded on github download area.

Incoming search terms:

  • babaci wallix
  • nassim wallix
This entry was posted in development, log and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

*


+ 6 = seven

* Copy This Password *

* Type Or Paste Password Here *

58,489 Spam Comments Blocked so far by Spam Free Wordpress

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>