kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

security/py-iris-evtx-module: New port: Example of IRIS module, handling EVTX files

Browse source 
An interface module for Evtx2Splunk and Iris in order to ingest Microsoft EVTX
log files. The module is installed on IRIS by default. In case you needed a
procedure to install it by yourself, you can follow the one below.
This commit is contained in:
Jose Alonso Cardenas Marquez 2023-04-30 16:50:39 -05:00
parent 85d2fe1693
commit dae915d003
4 changed files with 36 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
security/Makefile
View file

@ -917,6 +917,7 @@
SUBDIR += py-htpasswd
SUBDIR += py-iris-check-module
SUBDIR += py-iris-client
SUBDIR += py-iris-evtx-module
SUBDIR += py-iris-misp-module
SUBDIR += py-iris-module-interface
SUBDIR += py-iris-vt-module

29
security/py-iris-evtx-module/Makefile Normal file
View file

@ -0,0 +1,29 @@
PORTNAME= iris-evtx-module
DISTVERSION= 1.2.0
DISTVERSIONPREFIX= v
CATEGORIES= security python
PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX}
MAINTAINER= acm@FreeBSD.org
COMMENT= Example of IRIS module, handling EVTX files
WWW= https://github.com/dfir-iris/iris-evtx-module
LICENSE= LGPL3
LICENSE_FILE= ${WRKSRC}/LICENSE.txt
RUN_DEPENDS= ${PYTHON_PKGNAMEPREFIX}celery>0:devel/py-celery@${PY_FLAVOR} \
${PYTHON_PKGNAMEPREFIX}pyunpack>0:archivers/py-pyunpack@${PY_FLAVOR} \
${PYTHON_PKGNAMEPREFIX}evtx2splunk>0:textproc/py-evtx2splunk@${PY_FLAVOR} \
${PYTHON_PKGNAMEPREFIX}iris-module-interface>0:security/py-iris-module-interface@${PY_FLAVOR}
USE_GITHUB= yes
GH_ACCOUNT= dfir-iris
GH_PROJECT= ${PORTNAME}
GH_TAGNAME= 4845709c26bc1a5aa2528077749ec1f61985175f
USES= python:3.8+
USE_PYTHON= autoplist distutils
NO_ARCH= yes
.include <bsd.port.mk>

3
security/py-iris-evtx-module/distinfo Normal file
View file

@ -0,0 +1,3 @@
TIMESTAMP = 1682890639
SHA256 (dfir-iris-iris-evtx-module-v1.2.0-4845709c26bc1a5aa2528077749ec1f61985175f_GH0.tar.gz) = 7ce45d2d8dd71ed4c8bac7d89f0bab300e2db3d3fecf5306c7a5691f735f186d
SIZE (dfir-iris-iris-evtx-module-v1.2.0-4845709c26bc1a5aa2528077749ec1f61985175f_GH0.tar.gz) = 17041

3
security/py-iris-evtx-module/pkg-descr Normal file
View file

@ -0,0 +1,3 @@
An interface module for Evtx2Splunk and Iris in order to ingest Microsoft EVTX
log files. The module is installed on IRIS by default. In case you needed a
procedure to install it by yourself, you can follow the one below.