pub trait LeefToHashMap {
// Required method
fn to_hashmap(&self, preserve_orig: bool) -> Result<HashMap<String, String>>;
}
Expand description
A Simple LEEF Parser to a Standardised HashMap
Required Methods§
Sourcefn to_hashmap(&self, preserve_orig: bool) -> Result<HashMap<String, String>>
fn to_hashmap(&self, preserve_orig: bool) -> Result<HashMap<String, String>>
Converts a LEEF &str or String into a HashMap. Also accepts syslog strings.
§
Example LEEF Strings:
- <134>2022-02-14T03:17:30-08:00 TEST LEEF:2.0|Vendor|Product|Version|EventID|src=127.0.0.1 suser=Admin
- <134>Feb 14 19:04:54 LEEF:3.0|Vendor|Product|Version|EventID|src=127.0.0.1
- LEEF:1.0|Vendor|Product|Version|EventID|delimiter|src=127.0.0.1 suser=Admin
§
§Example Usage:
use leef2hashmap::LeefToHashMap;
let leef_str = "LEEF:1.0|Vendor|Product|20.0.560|600|User Signed In|3|src=127.0.0.1 suser=Admin";
assert!(leef_str.to_hashmap(true).is_ok())