pkgs/by-name/zi/zircolite/package.nix at devShellTools-shell

tjh.dev / nixpkgs

fork atom

nixpkgs mirror (for testing) github.com/NixOS/nixpkgs

nix

fork atom

nixpkgs / pkgs / by-name / zi / zircolite / package.nix

at devShellTools-shell 65 lines 1.4 kB view raw

wrap content

 1{
 2  lib,
 3  fetchFromGitHub,
 4  makeWrapper,
 5  python3,
 6}:
 7
 8python3.pkgs.buildPythonApplication rec {
 9  pname = "zircolite";
10  version = "2.40.0";
11  format = "other";
12
13  src = fetchFromGitHub {
14    owner = "wagga40";
15    repo = "Zircolite";
16    tag = version;
17    hash = "sha256-11jNd7Ids2aB+R+Hv6n8Wfm2hDuKCxC0EMZSBWJfDos=";
18  };
19
20  __darwinAllowLocalNetworking = true;
21
22  build-system = [
23    makeWrapper
24  ];
25
26  dependencies =
27    with python3.pkgs;
28    [
29      aiohttp
30      colorama
31      elastic-transport
32      elasticsearch
33      evtx
34      jinja2
35      lxml
36      orjson
37      requests
38      tqdm
39      urllib3
40      xxhash
41    ]
42    ++ elasticsearch.optional-dependencies.async;
43
44  installPhase = ''
45    runHook preInstall
46
47    mkdir -p $out/bin $out/share $out/share/zircolite
48    cp -R . $out/share/zircolite
49
50    makeWrapper ${python3.interpreter} $out/bin/zircolite \
51      --set PYTHONPATH "$PYTHONPATH:$out/bin/zircolite.py" \
52      --add-flags "$out/share/zircolite/zircolite.py"
53
54    runHook postInstall
55  '';
56
57  meta = with lib; {
58    description = "SIGMA-based detection tool for EVTX, Auditd, Sysmon and other logs";
59    mainProgram = "zircolite";
60    homepage = "https://github.com/wagga40/Zircolite";
61    changelog = "https://github.com/wagga40/Zircolite/releases/tag/${src.tag}";
62    license = licenses.gpl3Only;
63    maintainers = with maintainers; [ fab ];
64  };
65}