A Converter for McAfee SIEM Rule Export Files to Markdown Documents

Go to file

Michael Clemens 5776df5982 added function to validate XML file		2018-06-30 12:47:00 +02:00
demo	Added screenshot and sample pdf	2018-03-22 15:44:11 +01:00
GPL.txt	added copyright information	2018-03-17 17:13:14 +01:00
README.md	Update README.md	2018-03-23 08:30:34 +01:00
esm2markdown.ini	added exception handling, put stuff into functions	2018-03-27 15:14:14 +02:00
esm2markdown.py	added function to validate XML file	2018-06-30 12:47:00 +02:00

README.md

esm2markdown

This python script is intended to be used to automatically generate use case / correlation rule documentation in Markdown format for the McAfee Enterprise Sceurity Manager (ESM). It accepts a XML file that has been exported from the correlation rule editor of the ESM, converts its contents to Markdown format and writes it into a new file. If you need any other format, you might want to use pandoc to convert to e.g. pdf, docx or HTML.

Requirements

This tool requires the following:

Python 3
lxml (XML parser that understands CDATA)
networkx (needed for creating graphs)
pydot (needed for creating graphs)
pandoc (for converting to other formats than Markdown)

On Debian you can install the dependencies with "sudo apt-get install python3-lxml python3-networkxi python3-pydot"

Usage

Please configure esm2markdown.ini to your liking and execute esm2markdown.py like this:

# python esm2markdown.py <rule xml file> <markdown output file>

Example

Convert xml to Markdown

# python esm2markdown demo.xml demo.mk

Convert to Markdown to DOCX

# pandoc -s demo.mk -o demo.docx

In the end, the result should look like this shortened output:

[...]

For a complete view of the result, please download the PDF file: demo.pdf