Incorporate OSSEM

[Beercow]

Framework for normalizing logs.
https://github.com/Cyb3rWard0g/OSSEM

[yugoslavskiy]

Hello @Beercow ! Thank you for suggestion. We have some references to this repo (for example, here), and we are going to use it in the future.

[yugoslavskiy]

We've started working on the topic back in April 2019. There were discussions with Roberto and other guys in Hunters Forge slack workspace back in 2019, but mostly without any outcome.

Back in January 2020, we joined a call with Roberto and other folks to discuss yamlizatiom of OSSEM data.

There were 3-4 YAML-structured templates presented, and some of them looked like they can fulfill our needs. We've provided our feedback on that.

I am not quite sure that the final YAML template is actually one of those we voted for. The main reason is that we need most of the field that we have in our Data Needed template, but some of the presented templates were not including some of these fields.

So, this topic needs to be investigated.
If format fits — let's incorporate it.
If not — let's provide details and try to change the format.

I believe that if we will provide a transparent and detailed explanation of what is required from our side, Roberto and guys who were working on YAML translation script will change it, or apply our changes that we will push to their md->yaml translation scripts using Pull Request here on GitHub.