about summary refs log tree commit diff
path: root/nixpkgs/pkgs/by-name/zi/zircolite/package.nix
diff options
context:
space:
mode:
Diffstat (limited to 'nixpkgs/pkgs/by-name/zi/zircolite/package.nix')
-rw-r--r--nixpkgs/pkgs/by-name/zi/zircolite/package.nix60
1 files changed, 60 insertions, 0 deletions
diff --git a/nixpkgs/pkgs/by-name/zi/zircolite/package.nix b/nixpkgs/pkgs/by-name/zi/zircolite/package.nix
new file mode 100644
index 000000000000..799f2002963c
--- /dev/null
+++ b/nixpkgs/pkgs/by-name/zi/zircolite/package.nix
@@ -0,0 +1,60 @@
+{ lib
+, fetchFromGitHub
+, makeWrapper
+, python3
+}:
+
+python3.pkgs.buildPythonApplication rec {
+  pname = "zircolite";
+  version = "2.10.0";
+  format = "other";
+
+  src = fetchFromGitHub {
+    owner = "wagga40";
+    repo = "Zircolite";
+    rev = "refs/tags/${version}";
+    hash = "sha256-r5MIoP+6CnAGsOtK4YLshLBVSZN2NVrwnkuHHDdLZrQ=";
+  };
+
+  __darwinAllowLocalNetworking = true;
+
+  nativeBuildInputs = [
+    makeWrapper
+  ];
+
+  propagatedBuildInputs = with python3.pkgs; [
+    aiohttp
+    colorama
+    elastic-transport
+    elasticsearch
+    evtx
+    jinja2
+    lxml
+    orjson
+    requests
+    tqdm
+    urllib3
+    xxhash
+  ] ++ elasticsearch.optional-dependencies.async;
+
+  installPhase = ''
+    runHook preInstall
+
+    mkdir -p $out/bin $out/share $out/share/zircolite
+    cp -R . $out/share/zircolite
+
+    makeWrapper ${python3.interpreter} $out/bin/zircolite \
+      --set PYTHONPATH "$PYTHONPATH:$out/bin/zircolite.py" \
+      --add-flags "$out/share/zircolite/zircolite.py"
+
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    description = "SIGMA-based detection tool for EVTX, Auditd, Sysmon and other logs";
+    homepage = "https://github.com/wagga40/Zircolite";
+    changelog = "https://github.com/wagga40/Zircolite/releases/tag/${version}";
+    license = licenses.gpl3Only;
+    maintainers = with maintainers; [ fab ];
+  };
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-05 04:56:22 +0000