Commit 29e5c07
[OCSF] Zeek/Corelight pipeline
Add OCSF v1.5.0 normalization for Zeek/Corelight logs, covering 7 log
types across 5 OCSF classes (Detection Finding, Network Activity, HTTP
Activity, DNS Activity, File Hosting Activity).
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>1 parent e68961f commit 29e5c07
2 files changed
Lines changed: 3482 additions & 89 deletions
0 commit comments