amorfo77/parsedmarc
1
0
Fork 0
mirror of https://github.com/domainaware/parsedmarc.git synced 2026-06-11 04:59:43 +00:00
Code Issues Projects Releases Wiki Activity

Add interval_begin, interval_end, and normalized_timespan to the Splunk report

Browse Source
This commit is contained in:
Sean Whalen
2025-11-29 21:32:33 -05:00
parent 434bd49eb3
commit 9e4ffdd54c
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
parsedmarc/splunk.py
+3 -1
View File
@@ -78,7 +78,9 @@ class HECClient(object):
new_report = dict()
for metadata in report["report_metadata"]:
new_report[metadata] = report["report_metadata"][metadata]
new_report["interval_begin"] = report ["interval_begin"]
new_report["interval_begin"] = record["interval_begin"]
new_report["interval_end"] = record["interval_end"]
new_report["normalized_timespan"] = record["normalized_timespan"]
new_report["published_policy"] = report["policy_published"]
new_report["source_ip_address"] = record["source"]["ip_address"]
new_report["source_country"] = record["source"]["country"]