{"id":19788342,"url":"https://github.com/graylog2/graylog-plugin-cef","last_synced_at":"2025-05-01T00:31:01.433Z","repository":{"id":47743778,"uuid":"65764691","full_name":"Graylog2/graylog-plugin-cef","owner":"Graylog2","description":"[DEPRECATED] CEF (Common Event Format) input plugin for Graylog","archived":false,"fork":false,"pushed_at":"2021-08-15T13:57:41.000Z","size":291,"stargazers_count":10,"open_issues_count":3,"forks_count":10,"subscribers_count":23,"default_branch":"master","last_synced_at":"2024-04-15T00:39:05.911Z","etag":null,"topics":["cef","common-event-format","graylog","graylog-plugin","input","syslog"],"latest_commit_sha":null,"homepage":"https://www.graylog.org/","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Graylog2.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-08-15T21:00:11.000Z","updated_at":"2024-01-03T14:14:00.000Z","dependencies_parsed_at":"2022-08-23T11:40:22.339Z","dependency_job_id":null,"html_url":"https://github.com/Graylog2/graylog-plugin-cef","commit_stats":null,"previous_names":[],"tags_count":39,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog-plugin-cef","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog-plugin-cef/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog-plugin-cef/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Graylog2%2Fgraylog-plugin-cef/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Graylog2","download_url":"https://codeload.github.com/Graylog2/graylog-plugin-cef/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224229140,"owners_count":17277137,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cef","common-event-format","graylog","graylog-plugin","input","syslog"],"created_at":"2024-11-12T06:26:56.394Z","updated_at":"2024-11-12T06:26:57.062Z","avatar_url":"https://github.com/Graylog2.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# DEPRECATION NOTICE\n\nThis project has been merged into [graylog2-server](https://github.com/Graylog2/graylog2-server), see [#21](https://github.com/Graylog2/graylog-plugin-cef/issues/21)\n\nPlease use the [issue tracker in the graylog2-server repository](https://github.com/Graylog2/graylog2-server/issues) for any feature requests or bug reports.\n\n----\n\n# Graylog CEF message input\n\n[![Build Status](https://travis-ci.org/Graylog2/graylog-plugin-cef.svg?branch=master)](https://travis-ci.org/Graylog2/graylog-plugin-cef)\n\nGraylog input plugin to receive CEF logs via UDP or TCP. Install the plugin and launch a new CEF input from `System -\u003e Inputs` in your Graylog Web Interface.\n\nThis plugin is strictly following the CEF standard and will probably not work with non-compliant messages. Please open an issue in this repository in case of any problems.\n\n![](https://github.com/Graylog2/graylog-plugin-cef/blob/master/screenshot.png)\n\n**Required Graylog version:** 2.4.x and later\n\n## Installation\n\u003e Since Graylog Version 2.4.0 this plugin is already included in the Graylog server installation package as default plugin.\n\n[Download the plugin](https://github.com/Graylog2/graylog-plugin-cef/releases)\nand place the `.jar` file in your Graylog plugin directory. The plugin directory\nis the `plugins/` folder relative from your `graylog-server` directory by default\nand can be configured in your `graylog.conf` file.\n\nRestart `graylog-server` and you are done.\n\n## Usage\n\n### Reading CEF embedded in syslog envelopes\n\nSome systems will send CEF as part of a RFC compliant syslog message. In this case, you can just start a CEF Message Input from `System -\u003e Inputs` and you are done.\n\n### Parsing raw CEF or CEF embedded in any other envelopes\n\nIf the envelope is not syslog or the CEF message is not in an envelope at all, you can use the [Graylog Processing Pipelines](http://docs.graylog.org/en/latest/pages/pipelines.html) and the `parse_cef` function this plugin provides:\n\n1. Use a pipeline rule to parse out the CEF part of the message (for example, using regex) and then apply the `parse_cef()` function on that extracted string.\n1. If desired, use a second pipeline step to rename the `cef_` prefixed message fields to something easier to use and easier to remember.\n\n## Development\n\nThis project is using Maven 3 and requires Java 8 or higher.\n\n* Clone this repository.\n* Run `mvn package` to build a JAR file.\n* Optional: Run `mvn jdeb:jdeb` and `mvn rpm:rpm` to create a DEB and RPM package respectively.\n* Copy generated JAR file in target directory to your Graylog plugin directory.\n* Restart Graylog.\n\n## Plugin Release\n\nWe are using the maven release plugin:\n\n```\n$ mvn release:prepare\n[...]\n$ mvn release:perform\n```\n\nThis sets the version numbers, creates a tag and pushes to GitHub. Travis CI will build the release artifacts and upload to GitHub automatically.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgraylog2%2Fgraylog-plugin-cef","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgraylog2%2Fgraylog-plugin-cef","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgraylog2%2Fgraylog-plugin-cef/lists"}