coolacid · August 29, 2015 14:14
diff --git a/1.Readme b/1.Readme
 This is just a collection of different outputs from Event Augmentation Filters. 

 TLD - Breaks apart TLD data and reports information based on that
 OUI - Takes a MAC address and reports the manufacturer details based on OUI lookup
 GeoIP - Find the Geo Information from an IP address
diff --git a/GeoIP b/GeoIP
 {
       "message" => "8.8.8.8",
      "@version" => "1",
    "@timestamp" => "2015-01-27T13:24:12.201Z",
          "type" => "test1",
          "host" => "homer",
      "sequence" => 0,
         "geoip" => {
                      "ip" => "8.8.8.8",
           "country_code2" => "US",
           "country_code3" => "USA",
            "country_name" => "United States",
          "continent_code" => "NA",
             "region_name" => "CA",
               "city_name" => "Mountain View",
             "postal_code" => "94043",
                "latitude" => 37.41919999999999,
               "longitude" => -122.0574,
                "dma_code" => 807,
               "area_code" => 650,
                "timezone" => "America/Los_Angeles",
        "real_region_name" => "California",
                "location" => [
            [0] -122.0574,
            [1] 37.41919999999999
        ]
    }
 }
diff --git a/OUI b/OUI
 {
       "message" => "00:50:56:c0:00:01",
      "@version" => "1",
    "@timestamp" => "2015-01-27T13:22:15.320Z",
          "type" => "test1",
          "host" => "homer",
      "sequence" => 0,
           "oui" => {
                  "id" => 20566,
        "organization" => "VMware, Inc.",
            "address1" => "3401 Hillview Avenue",
            "address2" => "PALO ALTO CA 94304",
            "address3" => nil,
             "country" => "UNITED STATES"
    }
 }

diff --git a/tld b/tld
 {
       "message" => "www.google.com",
      "@version" => "1",
    "@timestamp" => "2015-01-27T02:50:07.080Z",
          "type" => "test1",
          "host" => "homer",
      "sequence" => 0,
           "tld" => {
              "tld" => "com",
              "sld" => "google",
              "trd" => "www",
           "domain" => "google.com",
        "subdomain" => "www.google.com"
    }
 }
	This is just a collection of different outputs from Event Augmentation Filters.

	TLD - Breaks apart TLD data and reports information based on that
	OUI - Takes a MAC address and reports the manufacturer details based on OUI lookup
	GeoIP - Find the Geo Information from an IP address
	{
	"message" => "8.8.8.8",
	"@version" => "1",
	"@timestamp" => "2015-01-27T13:24:12.201Z",
	"type" => "test1",
	"host" => "homer",
	"sequence" => 0,
	"geoip" => {
	"ip" => "8.8.8.8",
	"country_code2" => "US",
	"country_code3" => "USA",
	"country_name" => "United States",
	"continent_code" => "NA",
	"region_name" => "CA",
	"city_name" => "Mountain View",
	"postal_code" => "94043",
	"latitude" => 37.41919999999999,
	"longitude" => -122.0574,
	"dma_code" => 807,
	"area_code" => 650,
	"timezone" => "America/Los_Angeles",
	"real_region_name" => "California",
	"location" => [
	[0] -122.0574,
	[1] 37.41919999999999
	]
	}
	}
	{
	"message" => "00:50:56:c0:00:01",
	"@version" => "1",
	"@timestamp" => "2015-01-27T13:22:15.320Z",
	"type" => "test1",
	"host" => "homer",
	"sequence" => 0,
	"oui" => {
	"id" => 20566,
	"organization" => "VMware, Inc.",
	"address1" => "3401 Hillview Avenue",
	"address2" => "PALO ALTO CA 94304",
	"address3" => nil,
	"country" => "UNITED STATES"
	}
	}
	{
	"message" => "www.google.com",
	"@version" => "1",
	"@timestamp" => "2015-01-27T02:50:07.080Z",
	"type" => "test1",
	"host" => "homer",
	"sequence" => 0,
	"tld" => {
	"tld" => "com",
	"sld" => "google",
	"trd" => "www",
	"domain" => "google.com",
	"subdomain" => "www.google.com"
	}
	}