Open sonnens opened 1 week ago
pront
commented
1 week ago Thank you, this is an excellent idea. It needs a bit of thought on how to semi-standardize this so that the repo is easily searchable. This can be a big enhancement in the VRL playground as well. Imagine something like the https://go.dev/play/ but with VRL source loaded from this community repo.
brittonhayes
commented
1 week ago Let me know if ya want help if there's a push to load community VRL into the playground!
Would be happy to do more playground work 😊
pront
commented
6 days ago Let me know if ya want help if there's a push to load community VRL into the playground!
Would be happy to do more playground work 😊
That's awesome, thanks!
If it helps you get inspired, we can do this in multiple phases:
(1) is easier and not blocked by (2)
there's a bunch of scripts scattered around the internet for coercing log data in to various useful formats ( OCSF , ECS , etc )
Here's one example : https://github.com/crowdalert/ocsf-vrl ( this one is from us )
Another: https://github.com/matanolabs/matano/tree/main/data/managed/log_sources
It would be great to have a central repository in the vectordotdev org to contribute these to so the community can use & share instead of duplicating work