04-27-2020 09:15 PM - edited 04-27-2020 09:45 PM
Hi PAN Community,
How's everything going? I hope everyone is well and safe.
I know there are plenty of MineMeld fans out there but just in case MineMeld deployment is an overkill for your organization and Office 365 security is a burning item in your task list, I thought I'd share a simple and elegant solution that has been running in my setup for over a year now.
o365-json-to-flatfile-converter is a Python-based script that feeds my PAN FWs' External Dynamic Lists and a Splunk instance. The generated flatfiles are in a universal format, so they can be used with other security solutions and appliances like Cisco, Forcepoint, RSA, etc. For more details please see README.
URL: https://github.com/ivang-coder/o365-json-to-flatfile-converter.git
Dear moderators, in case this post is in the wrong location, please move it to the right one or advise the right way of posting.
Cheers,
IvanG
04-30-2020 10:11 AM
Thanks for posting this.. Things like this is what makes the LIVEcommunity a GREAT place to be. We are here for each other.
Little Tips and Tricks like this can really help when people are looking for help, so thanks.
I just suggest tagging with different "key words" like EDL or EBL to help others find this.
Thanks again!! Keep it up!
04-30-2020 04:01 PM
Hi Jdelio, thanks for your suggestions and the tags that you've added.
Cheers,
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
