Support Questions
Find answers, ask questions, and share your expertise

what data flow or processor should I use Convert JSON to CEF log file in nifi

Highlighted

what data flow or processor should I use Convert JSON to CEF log file in nifi

Explorer

I need some help in Nifi, please

I have bunch of logs that are in JSON format but I need it in CEF format.what processor should I use in nifi?

or

is there anything else I can do as changing the format from json to csv to cef,?

what are my best options

Thank you

2 REPLIES 2
Highlighted

Re: what data flow or processor should I use Convert JSON to CEF log file in nifi

Hi @Suhas Fox

I am not aware of any processor to write CEF. There's a ParseCEF but it's not what you are looking for. Since your data is json, you can try to write your CEF event using the json indexation like this "$.header_version | $.header_deviceVendor | etc"

This assumes that your JSON has fields named header_version, header_deviceVendor, etc

Re: what data flow or processor should I use Convert JSON to CEF log file in nifi

Explorer

Hey Abdelkrim,

Thanks for your response, I have tried the indexation like this "$.header_version | $.header_deviceVendor | etc" but there are bunch of logs with different headers, Some headers are Identical but some are different. I just don't want null values.