convert your JSON events to CEF format
The program converts JSON to CEF. This was built to generate CEF events to be passed to arcsight from Metron.
Download the contents and perform mvn install.
java -classpath jsontocef-V1.1.jar org.hortonworks.com.jsontocef.CefWriter
argument4: output directory to write cef file.
The program can run as individual job or can be called.
By default the program will look for below fields for CEF HEADERS
CEF:0|deviceVendor|deviceProduct|deviceVersion|deviceEvent|Name|severity|
If your JSON field names for headers are different than above, you can modify the code in CefWriter.java between lines 141-156