Merge pull request #35 from redBorder/development

Release 1.5.0

packaging/rpm/Makefile

@@ -38,6 +38,7 @@ srpm: build_prepare
 rpm: srpm
 	/usr/bin/mock \
 		-r $(MOCK_CONFIG) \
+		--enable-network \
 		--define "__version $(VERSION)"\
 		--define "__release $(BUILD_NUMBER)"\
 		--resultdir=$(RESULT_DIR) \

packaging/rpm/synthetic-producer.spec

@@ -8,6 +8,8 @@ Source0: %{name}-%{version}.tar.gz
 
 BuildRequires: maven java-devel
 
+%global debug_package %{nil}
+
 Summary: synthetic-producer module
 Requires: java
 
@@ -24,8 +26,7 @@ export MAVEN_OPTS="-Xmx512m -Xms256m -Xss10m -XX:MaxPermSize=512m" && mvn clean
 mkdir -p %{buildroot}/usr/share/%{name}
 mkdir -p %{buildroot}/etc/%{name}/config
 install -D -m 644 target/%{name}-*-selfcontained.jar %{buildroot}/usr/share/%{name}/%{name}.jar
-install -D -m 644 yamls/rb_flow.yml %{buildroot}/etc/%{name}/config
-install -D -m 644 yamls/rb_state.yml %{buildroot}/etc/%{name}/config
+install -D -m 644 yamls/*.yml %{buildroot}/etc/%{name}/config
 
 %clean
 rm -rf %{buildroot}
@@ -47,7 +48,12 @@ exit 0
 /usr/share/%{name}/%{name}.jar
 /etc/%{name}/config/rb_flow.yml
 /etc/%{name}/config/rb_state.yml
+/etc/%{name}/config/rb_event.yml
 
 %changelog
+* Mon Jul 15 2024 Luis Blanco <ljblanco@redborder.com> - 1.5.0-1
+- add all yamls in directory to include rb_event 
+* Wed Oct 4 2023 David Vanhoucke <dvanhoucke@redborder.com> - 1.5.0-1
+- sped update
 * Wed Jan 26 2022 Eduardo Reyes <eareyes@redborder.com> - 0.0.1
 - first spec version

yamls/rb_event.yml

@@ -0,0 +1,145 @@
+topic: rb_event
+fields:
+  timestamp:
+    type: timestamp
+  sensor_id_snort:
+    type: constant
+    value: 0
+  action: 
+    type: constant
+    value: 'alert'
+  sig_generator:
+    type: constant
+    value: 1
+  sig_id:
+    type: constant
+    value: 2027397
+  rev:
+    type: constant
+    value: 2
+  priority:
+    type: collection
+    values:
+      - 'high'
+  classification:
+    type: constant
+    value: 'Not Suspicious Traffic'
+  msg:
+    type: collection
+    values:
+      - 'ET DNS Query for .to TLD'
+      - 'ET POLICY Spotify P2P Client'
+  payload:
+    type: constant
+    value: "4554205041434b4554204f5645524c4f41442041545441434b2044455445435445442046524f4d2031302e302e302e31"
+  l4_proto:
+    type: constant
+    value: 17
+  l4_proto_name:
+    type: constant
+    value: 'udp'
+  ethsrc:
+    type: constant
+    value: '00:00:00:00:00:00'
+  ethdst:
+    type: constant
+    value: '00:00:00:00:00:00'
+  ethsrc_vendor:
+    type: constant
+    value: 'XEROX CORPORATION'
+  ethdst_vendor:
+    type: constant
+    value: 'XEROX CORPORATION'
+  ethtype:
+    type: integer
+    min: 16384
+    max: 32767
+  vlan:
+    type: constant
+    value: 0
+  vlan_name:
+    type: constant
+    value: '0'
+  udplength:
+    type: constant
+    value: 60674
+  ethlength:
+    type: constant
+    value: 0
+  ethlength_range:
+    type: constant
+    value: '0(0-64]'
+  src_port:
+    type: constant
+    value: 57621
+  src_port_name:
+    type: constant
+    value: '57621'
+  dst_port:
+    type: constant
+    value: 57621
+  dst_port_name:
+    type: constant
+    value: '57621'
+  src_asnum:
+    type: integer
+    min: 1000000000
+    max: 4000000000
+  src:
+    type: ip
+    network: '10.1.32.0/24'
+  dst_asnum:
+    type: constant
+    value: '4280287498'
+  dst:
+    type: constant
+    value: '10.1.32.255'
+  dst_name:
+    type: constant
+    value: '10.1.32.255'
+  ttl:
+    type: constant
+    value: 64
+  tos:
+    type: constant
+    value: 0
+  id:
+    type: integer
+    min: 0
+    max: 65535
+  iplen:
+    type: constant
+    value: 72
+  iplen_range:
+    type: constant
+    value: '[64-128)'
+  dgmlen:
+    type: constant
+    value: 72
+  group_uuid:
+    type: constant
+    value: '0277c7e0-aca7-42e9-807e-ed37dafb9d33'
+  group_name:
+    type: constant
+    value: 'default'
+  sensor_type:
+    type: constant
+    value: 'ips'
+  domain_name:
+    type: constant
+    value: 'root'
+  sensor_ip:
+    type: constant
+    value: '10.1.203.204'
+  index_partitions:
+    type: constant
+    value: 5
+  index_replicas:
+    type: constant
+    value: 1
+  sensor_uuid:
+    type: constant
+    value: '8d4ba045-5420-489f-86e6-e2512d094a44'
+  sensor_name:
+    type: constant
+    value: 'ips'