Georges Toth

Hi @galexey Thanks for your PR! That is quite a big one to review though ;-) Could you please make sure to rebase from master and cleanup your code according...

A couple of change requests: - please do fix linting issues (too many newlines, no newline at end of file etc) - do not use data_type in docstrings. either *data...

Hi, I cloned your changes into a local branch and spend some time cleaning things up a bit, namely docstrings and typing. Could you please rebase your PR on that...

would indeed be nice to update the pypi package instead of removing it :-)

In case anybody else is struggeling with this, make sure you have the openssl-dev package installed before installing yara-python. On Debian this is called libssl-dev. Uninstall / re-install yara-python and...

Thanks for your analysis. I agree that 27257 does not seem to be related. I unfortunately don't recall this exactly, but I probably meant another one instead. Regarding the workaround,...

> With the modification to the Python 3.7 email._header_value_parser.py, the following is my output. This causes test_headeremail2list_2 to fail, as intended, because the default Python header parser succeeds. > >...

> Translate CEF Key Names to Full Name. Example: "act" to "deviceAction" I would not do that. *act", in this example, is the short name as defined in the CEF...

> I'm looking at the CEF v26 specification from here: https://www.microfocus.com/documentation/arcsight/arcsight-smartconnectors-8.3/pdfdoc/cef-implementation-standard/cef-implementation-standard.pdf > > I'm not very familiar with this format, but the documentation seems to imply the most common format...

> > @fuchsnj shouldn't one use the syslog source (or parse_syslog) in that case to parse the syslog part of the message and use parse_cef for the CEF part ?...