graylog-plugin-threatintel
graylog-plugin-threatintel copied to clipboard
Graylog2
Stab at a minemeld adapter
- Copied the abusech adapter and string replaced for the most part.
- Commented instructions on how to get the output url within minemeld.
- This is not tested. I do not have a graylog instance to test with at this time but this seems fairly straight forward. I saw a request on the forums for this sort of thing so here you go.
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.
:white_check_mark: ChrisForsythe
:x: Chris Forsythe
Chris Forsythe seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.
@ChrisForsythe The build output was as follows:
[INFO] --- maven-compiler-plugin:3.7.0:compile (default-compile) @ graylog-plugin-threatintel ---
[INFO] Compiling 48 source files to /var/lib/jenkins/workspace/graylog-project-pr-snapshot/.repos/graylog-plugin-threatintel/target/classes
[INFO] -------------------------------------------------------------
[ERROR] COMPILATION ERROR :
[INFO] -------------------------------------------------------------
[ERROR] /var/lib/jenkins/workspace/graylog-project-pr-snapshot/.repos/graylog-plugin-threatintel/src/main/java/org/graylog/plugins/threatintel/adapters/minemeld/BlockListMineMeld.java:[37,8] class MineMeldBlockListAdapter is public, should be declared in a file named MineMeldBlockListAdapter.java
[ERROR] /var/lib/jenkins/workspace/graylog-project-pr-snapshot/.repos/graylog-plugin-threatintel/src/main/java/org/graylog/plugins/threatintel/adapters/tor/TorExitNodeDataAdapter.java:[141,71] package AutoValue_TorExitNodeDataAdapter_Config does not exist
[ERROR] /var/lib/jenkins/workspace/graylog-project-pr-snapshot/.repos/graylog-plugin-threatintel/src/main/java/org/graylog/plugins/threatintel/adapters/spamhaus/SpamhausEDROPDataAdapter.java:[197,73] package AutoValue_SpamhausEDROPDataAdapter_Config does not exist
[ERROR] /var/lib/jenkins/workspace/graylog-project-pr-snapshot/.repos/graylog-plugin-threatintel/src/main/java/org/graylog/plugins/threatintel/adapters/abusech/AbuseChRansomAdapter.java:[163,69] package AutoValue_AbuseChRansomAdapter_Config does not exist
[ERROR] /var/lib/jenkins/workspace/graylog-project-pr-snapshot/.repos/graylog-plugin-threatintel/src/main/java/org/graylog/plugins/threatintel/adapters/minemeld/BlockListMineMeld.java:[161,73] package AutoValue_MineMeldBlockListAdapter_Config does not exist
You should be able to get the same build output by using the "pedantic" profile in Maven (via mvn -Pedantic [...]).
Thanks, looking at it I can see I missed a lot in this. I'll submit a new pull request once I'm done.
@ChrisForsythe I've just re-activated Travis CI builds for this repository with the "pedantic" build profile (7cbe1272fd048f803e36c893a4849ab690bc11e3, 4764b20744a0f268b24d43014f9fadefd29adda0).
If you rebase your branch on current master, this should be picked up automatically.
I'm having the same problem building with maven locally that it appears the travis-ci is having with the -Pedantic switch. It looks like it's -X. This is my first time using maven and I can't seem to get the relativepath to work out correctly.
Thanks for all the help by the way.
Everything should be fixed in 837663f for minemeld. The build is failing for me and on travis-ci for a spamhaus testing plugin you folks probably know about already.
Ideally this is something where the url is configurable in a UI and not in a source file.
Thank you! I will review and test this after work on the Greynoise adapter concluded.
Thanks! I haven't tested this in the UI itself, if you need help with setting up mm for testing let me know. :)