From 90bf5b9cde175b375f3c80d62550d8707a989794 Mon Sep 17 00:00:00 2001 From: Craig Yamato Date: Mon, 15 Oct 2018 00:41:59 +0000 Subject: [PATCH] added ESLint --- .eslintignore | 5 + .eslintrc.json | 7 + CHANGELOG.md | 2 + docs/api.md | 229 +-- docs/docco/README.md | 2945 ++++++++++++++++++--------- docs/docco/index.html | 3040 +++++++++++++++++++--------- docs/index.html | 2 +- docs/index.js.html | 2879 +++++++++++++++++--------- docs/module-SyslogPro-CEF.html | 56 +- docs/module-SyslogPro-LEEF.html | 52 +- docs/module-SyslogPro-RFC3164.html | 183 +- docs/module-SyslogPro-RFC5424.html | 208 +- docs/module-SyslogPro-Syslog.html | 82 +- docs/module-SyslogPro.html | 10 +- index.js | 2877 +++++++++++++++++--------- package-lock.json | 654 +++++- package.json | 6 +- tests/jest_test_client_pubkey.pem | 14 + tests/jest_test_server_pubkey.pem | 14 + 19 files changed, 9006 insertions(+), 4259 deletions(-) create mode 100644 .eslintignore create mode 100644 .eslintrc.json create mode 100644 CHANGELOG.md create mode 100644 tests/jest_test_client_pubkey.pem create mode 100644 tests/jest_test_server_pubkey.pem diff --git a/.eslintignore b/.eslintignore new file mode 100644 index 0000000..2ee0ee7 --- /dev/null +++ b/.eslintignore @@ -0,0 +1,5 @@ +node_modules/* +docs/* +jsdoc2md/* +coverage/* +tests/* \ No newline at end of file diff --git a/.eslintrc.json b/.eslintrc.json new file mode 100644 index 0000000..79bfcdd --- /dev/null +++ b/.eslintrc.json @@ -0,0 +1,7 @@ +{ + "extends": "strongloop", + "env": { + "node": true, + "es6": true + } +} \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..8c584fc --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,2 @@ +## 0.1.0 (September 25, 2018) +- Beta release of Syslog-Pro. \ No newline at end of file diff --git a/docs/api.md b/docs/api.md index d6117bd..9d4ec74 100644 --- a/docs/api.md +++ b/docs/api.md @@ -10,13 +10,13 @@ API convention ## SyslogPro The SyslogPro module for sending syslog messages -Most APIs will return a promise. These APIs can be used using +Most APIs will return a promise. These APIs can be used using `then(...)/catch(...)` -Syslog formatting classes can be used as input into a Syslog class to be used +Syslog formatting classes can be used as input into a Syslog class to be used simultaneously to the same Syslog server. The Syslog Class with a configured -Syslog server target can also be used as the input into each of the formatting -classes so that they may run independently. +Syslog server target can also be used as the input into each of the +formatting classes so that they may run independently. **Version**: 0.1.0 **Author**: Craig Yamato @@ -113,11 +113,11 @@ classes so that they may run independently. ### SyslogPro~Syslog -A class to work with syslog messages using UDP, TCP, or TLS transport. -There is support for Syslog message formatting RFC-3164, RFC-5424 including +A class to work with syslog messages using UDP, TCP, or TLS transport. +There is support for Syslog message formatting RFC-3164, RFC-5424 including Structured Data, IBM LEEF (Log Event Extended Format), and HP CEF (Common Event Format). -Syslog formatting classes can be used as input into a Syslog class to be used +Syslog formatting classes can be used as input into a Syslog class to be used simultaneously to the same Syslog server. * **Kind**: inner class of [SyslogPro](#module_SyslogPro) @@ -149,18 +149,18 @@ Construct a new Syslog transport object with user options | Param | Type | Default | Description | | --- | --- | --- | --- | | [options] | object | | Options object >>>Transport Configuration | -| [options.target] | string | "'localhost'" | The IP Address|FQDN of the Syslog Server, this option if set will take presidents over any target set in a formatting object | -| [options.protocol] | string | "'udp'" | L4 transport protocol (udp|tcp|tls), this option if set will take presidents over any transport set in a formatting object | -| [options.port] | number | 514 | IP port, this option if set will take presidents over any IP Port set in a formatting object | -| [options.tcpTimeout] | number | 10000 | Ignored for all other transports, this option if set will take presidents over any timeout set in a formatting object | -| [options.tlsServerCerts] | Array.<string> | | Array of authorized TLS server certificates file locations, this option if set will take presidents over any certificates set in a formatting object | -| [options.tlsClientCert] | string | | Client TLS certificate file location that this client should use, this option if set will take presidents over any certificates set in a formatting object | -| [options.tlsClientKey] | string | | Client TLS key file location that this client should use, this option if set will take presidents over any certificates set in a formatting object >>>Syslog Format Settings | -| [options.format] | string | "'none'" | Valid syslog format options for this module are 'none', 'rfc3164', 'rfc5424', 'leef', 'cef' | +| [options.target] | string | "'localhost'" | The IP Address|FQDN of the Syslog Server, this option if set will take presidents over any target set in a formatting object | +| [options.protocol] | string | "'udp'" | L4 transport protocol (udp|tcp|tls), this option if set will take presidents over any transport set in a formatting object | +| [options.port] | number | 514 | IP port, this option if set will take presidents over any IP Port set in a formatting object | +| [options.tcpTimeout] | number | 10000 | Ignored for all other transports, this option if set will take presidents over any timeout set in a formatting object | +| [options.tlsServerCerts] | Array.<string> | | Array of authorized TLS server certificates file locations, this option if set will take presidents over any certificates set in a formatting object | +| [options.tlsClientCert] | string | | Client TLS certificate file location that this client should use, this option if set will take presidents over any certificates set in a formatting object | +| [options.tlsClientKey] | string | | Client TLS key file location that this client should use, this option if set will take presidents over any certificates set in a formatting object >>>Syslog Format Settings | +| [options.format] | string | "'none'" | Valid syslog format options for this module are 'none', 'rfc3164', 'rfc5424', 'leef', 'cef' | | [options.rfc5424] | RFC3164 | | {@link module:SyslogPro~RFC5424| RFC5424 related settings} | | [options.rfc5424] | RFC5424 | | {@link module:SyslogPro~RFC5424| RFC5424 related settings} | -| [options.leef] | LEEF | | {@link module:SyslogPro~LEEF|IBM LEEF (Log Event Extended Format) object} | -| [options.cef] | CEF | | {@link module:SyslogPro~CEF|HP CEF (Common Event Format) formatting object} | +| [options.leef] | LEEF | | {@link module:SyslogPro~LEEF|IBM LEEF (Log Event Extended Format) object} | +| [options.cef] | CEF | | {@link module:SyslogPro~CEF|HP CEF (Common Event Format) formatting object} | @@ -213,16 +213,16 @@ Construct a new Syslog transport object with user options ### SyslogPro~RFC3164 -A class to work with RFC3164 formatted syslog messages. The messaging is fully configurable and ANSI foreground -colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. -Most APIs will return a promise. These APIs can be used using -`then(...)/catch(...)` +A class to work with RFC3164 formatted syslog messages. The messaging is +fully configurable and ANSI foreground colors can be added. Both ANSI 8 and +ANSI 256 color are fully supported. Most APIs will return a promise. These +APIs can be used using `then(...)/catch(...)` A Syslog class with a configured -Syslog server target can also be used as the input into the formatting +Syslog server target can also be used as the input into the formatting classes so that it may run independently. -The RFC3164 Syslog logging format is meant to be used as a stream of log data +The RFC3164 Syslog logging format is meant to be used as a stream of log data from a service or application. This class is designed to be used in this fashion where new messages are written to the class as needed. @@ -265,19 +265,19 @@ Construct a new RFC3164 formatted Syslog object with user options | [options] | object | | Options object | | [options.applacationName] | string | "'NodeJSLogger'" | Application | | [options.hostname] | string | "os.hostname" | The name of this server | -| [options.facility] | number | 23 | Facility code to use sending this message | -| [options.color] | boolean | false | Apply color coding encoding tag with syslog message text | -| [options.extendedColor] | boolean | false | Use the extended ANSI color set encoding tag with syslog message text | -| [options.colors] | object | | User defended colors for severities | -| [options.colors.emergencyColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.alertColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.criticalColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.errorColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.warningColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.noticeColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.informationalColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.debugColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.server] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | +| [options.facility] | number | 23 | Facility code to use sending this message | +| [options.color] | boolean | false | Apply color coding encoding tag with syslog message text | +| [options.extendedColor] | boolean | false | Use the extended ANSI color set encoding tag with syslog message text | +| [options.colors] | object | | User defended colors for severities | +| [options.colors.emergencyColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.alertColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.criticalColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.errorColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.warningColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.noticeColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.informationalColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.debugColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.server] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | @@ -301,14 +301,14 @@ Sets the color to be used for messages at a set priority | Param | Type | Description | | --- | --- | --- | -| [colors.emergencyColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.alertColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.criticalColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.errorColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.warningColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.noticeColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.informationalColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.debugColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.emergencyColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.alertColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.criticalColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.errorColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.warningColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.noticeColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.informationalColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.debugColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | @@ -328,13 +328,13 @@ Building a formatted message. Returns a promise with a formatted message | msg | string | | The Syslog Message | | [options] | object | | Options object | | [options.severity] | number | 7 | An array of structure | -| [options.colorCode] | number | 36 | The ANSI color code to use if message coloration is selected | +| [options.colorCode] | number | 36 | The ANSI color code to use if message coloration is selected | #### rfC3164.send(msg, [options]) ⇒ Promise -send a RFC5424 formatted message. Returns a promise with the formatted - message that was sent. If no server connection was defined when the +send a RFC5424 formatted message. Returns a promise with the formatted + message that was sent. If no server connection was defined when the class was created a default Syslog connector will be used. **Kind**: instance method of [RFC3164](#module_SyslogPro..RFC3164) @@ -555,7 +555,7 @@ Send a syslog message with a severity level of 6 (Informational) | Param | Type | Description | | --- | --- | --- | -| msg | string | The informational message to send to the Syslog server | +| msg | string | The informational message to send to the Syslog server | @@ -572,7 +572,7 @@ Send a syslog message with a severity level of 6 (Informational) | Param | Type | Description | | --- | --- | --- | -| msg | string | The informational message to send to the Syslog server | +| msg | string | The informational message to send to the Syslog server | @@ -589,7 +589,7 @@ Send a syslog message with a severity level of 6 (Informational) | Param | Type | Description | | --- | --- | --- | -| msg | string | The informational message to send to the Syslog server | +| msg | string | The informational message to send to the Syslog server | @@ -611,16 +611,17 @@ Send a syslog message with a severity level of 7 (Debug) ### SyslogPro~RFC5424 -A class to work with RFC5424 formatted syslog messages. The messaging is fully configurable and ANSI foreground -colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. -Most APIs will return a promise. These APIs can be used using +A class to work with RFC5424 formatted syslog messages. The messaging is +fully configurable and ANSI foreground * colors can be added. Both ANSI 8 +and ANSI 256 color are fully supported. +Most APIs will return a promise. These APIs can be used using `then(...)/catch(...)` A Syslog class with a configured -Syslog server target can also be used as the input into the formatting +Syslog server target can also be used as the input into the formatting classes so that it may run independently. -The RFC5424 Syslog logging format is meant to be used as a stream of log data +The RFC5424 Syslog logging format is meant to be used as a stream of log data from a service or application. This class is designed to be used in this fashion where new messages are written to the class as needed. @@ -670,23 +671,23 @@ Construct a new RFC5424 formatted Syslog object with user options | [options.applacationName] | string | "'NodeJSLogger'" | Application | | [options.hostname] | string | "os.hostname" | The name of this server | | [options.timestamp] | boolean | false | Included a Timestamp | -| [options.timestampUTC] | boolean | false | RFC standard is for local time | -| [options.timestampMS] | boolean | false | Timestamp with ms resolution | +| [options.timestampUTC] | boolean | false | RFC standard is for local time | +| [options.timestampMS] | boolean | false | Timestamp with ms resolution | | [options.timestampTZ] | boolean | true | Should the timestamp included time zone | -| [options.encludeStructuredData] | boolean | false | Included any provided structured data | +| [options.encludeStructuredData] | boolean | false | Included any provided structured data | | [options.utf8BOM] | boolean | true | Included the UTF8 | | [options.color] | boolean | false | Included the UTF8 | -| [options.extendedColor] | boolean | false | Included the UTF8 encoding tag with syslog message text | -| [options.colors] | object | | User defended colors for severities | -| [options.colors.emergencyColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.alertColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.criticalColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.errorColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.warningColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.noticeColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.informationalColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.colors.debugColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [options.server] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | +| [options.extendedColor] | boolean | false | Included the UTF8 encoding tag with syslog message text | +| [options.colors] | object | | User defended colors for severities | +| [options.colors.emergencyColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.alertColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.criticalColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.errorColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.warningColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.noticeColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.informationalColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.colors.debugColor] | string | | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [options.server] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | @@ -734,14 +735,14 @@ Sets the color to be used for messages at a set priority | Param | Type | Description | | --- | --- | --- | -| [colors.emergencyColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.alertColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.criticalColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.errorColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.warningColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.noticeColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.informationalColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | -| [colors.debugColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.emergencyColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.alertColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.criticalColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.errorColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.warningColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.noticeColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.informationalColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | +| [colors.debugColor] | string | A RGB Hex coded color in the form of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) | @@ -761,16 +762,16 @@ Building a formatted message. Returns a promise with a formatted message | msg | string | | The Syslog Message | | [options] | object | | Options object | | [options.severity] | number | 7 | An array of structure | -| [options.facility] | number | 23 | Facility code to use sending this message | -| [options.pid] | string | "'-'" | The process id of the service sending this message | -| [options.structuredData] | Array.<string> | | An array of structure data strings conforming to the IETF/IANA defined SD-IDs or IANA registered SMI Network Management Private Enterprise Code SD-ID conforming to the format [name@ parameter=value] | -| [options.colorCode] | number | 36 | The ANSI color code to use if message coloration is selected | +| [options.facility] | number | 23 | Facility code to use sending this message | +| [options.pid] | string | "'-'" | The process id of the service sending this message | +| [options.structuredData] | Array.<string> | | An array of structure data strings conforming to the IETF/IANA defined SD-IDs or IANA registered SMI Network Management Private Enterprise Code SD-ID conforming to the format [name@ parameter=value] | +| [options.colorCode] | number | 36 | The ANSI color code to use if message coloration is selected | #### rfC5424.send(msg) ⇒ Promise -send a RFC5424 formatted message. Returns a promise with the formatted - message that was sent. If no server connection was defined when the +send a RFC5424 formatted message. Returns a promise with the formatted + message that was sent. If no server connection was defined when the class was created a default Syslog connector will be used. **Kind**: instance method of [RFC5424](#module_SyslogPro..RFC5424) @@ -988,7 +989,7 @@ Send a syslog message with a severity level of 6 (Informational) | Param | Type | Description | | --- | --- | --- | -| msg | string | The informational message to send to the Syslog server | +| msg | string | The informational message to send to the Syslog server | @@ -1005,7 +1006,7 @@ Send a syslog message with a severity level of 6 (Informational) | Param | Type | Description | | --- | --- | --- | -| msg | string | The informational message to send to the Syslog server | +| msg | string | The informational message to send to the Syslog server | @@ -1022,7 +1023,7 @@ Send a syslog message with a severity level of 6 (Informational) | Param | Type | Description | | --- | --- | --- | -| msg | string | The informational message to send to the Syslog server | +| msg | string | The informational message to send to the Syslog server | @@ -1046,15 +1047,15 @@ Send a syslog message with a severity level of 7 (Debug) ### SyslogPro~LEEF A class to work with IBM LEEF (Log Event Extended Format) messages this form of system messages are designed to work with security systems. Messages can -be saved to file (Saving to file if not part of this module but a LEEF -formatted message produced by this module can be saved externally to it) or -sent via Syslog. -Most APIs will return a promise. These APIs can be used using +be saved to file (Saving to file if not part of this module but a LEEF +formatted message produced by this module can be saved externally to it) or +sent via Syslog. +Most APIs will return a promise. These APIs can be used using `then(...)/catch(...)` -A Syslog class with a configured Syslog server target can also be used as -the input into the formatting classes so that it may run independently. The -LEEF format is designed to send event data to a SIEM system and should not +A Syslog class with a configured Syslog server target can also be used as +the input into the formatting classes so that it may run independently. The +LEEF format is designed to send event data to a SIEM system and should not be as a logging stream. This class is meant to be used once per message. **Kind**: inner class of [SyslogPro](#module_SyslogPro) @@ -1083,12 +1084,12 @@ Construct a new LEEF formatting object with user options | --- | --- | --- | --- | | [options] | object | | Options object | | [options.vendor] | string | "'unknown'" | The vendor of the system that generated the event being reported | -| [options.product] | string | "'unknown'" | The product name of the system that genrated the event being reported | -| [options.version] | string | "'unknown'" | The version name of the system that genrated the event being reported | -| [options.eventId] | string | "'unknown'" | The eventId of the system that genrated the event being reported | -| [options.attributes] | object | | LEEF message attributes which defaults to all base attributes with null values, new attributes should be added as new elements to this object | -| [options.syslogHeader] | boolean | 'true' | Should the LEEF message include a Syslog header with Timestamp and source | -| [options.server] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | +| [options.product] | string | "'unknown'" | The product name of the system that genrated the event being reported | +| [options.version] | string | "'unknown'" | The version name of the system that genrated the event being reported | +| [options.eventId] | string | "'unknown'" | The eventId of the system that genrated the event being reported | +| [options.attributes] | object | | LEEF message attributes which defaults to all base attributes with null values, new attributes should be added as new elements to this object | +| [options.syslogHeader] | boolean | 'true' | Should the LEEF message include a Syslog header with Timestamp and source | +| [options.server] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | @@ -1130,23 +1131,23 @@ Build a formatted message | Param | Type | Default | Description | | --- | --- | --- | --- | -| [options] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | +| [options] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | ### SyslogPro~CEF A class to work with HP CEF (Common Event Format) messages. This form of system messages are designed to work with security systems. Messages can -be saved to file (Saving to file if not part of this module but a CEF -formatted message produced by this module can be saved externally to it) or +be saved to file (Saving to file if not part of this module but a CEF +formatted message produced by this module can be saved externally to it) or sent via Syslog. -Most APIs will return a promise. These APIs can be used using +Most APIs will return a promise. These APIs can be used using `then(...)/catch(...)` -A Syslog class with a configured Syslog server target can also be used as -the input into the formatting classes so that it may run independently. The CEF -format is designed to send event data to a SIEM system and should not be as -a logging stream. This class is meant to be used once per message. +A Syslog class with a configured Syslog server target can also be used as +the input into the formatting classes so that it may run independently. The +CEF format is designed to send event data to a SIEM system and should not be +as a logging stream. This class is meant to be used once per message. **Kind**: inner class of [SyslogPro](#module_SyslogPro) **Requires**: module:moment @@ -1175,14 +1176,14 @@ Construct a new CEF formatting object with user options | Param | Type | Default | Description | | --- | --- | --- | --- | | [options] | object | | Options object | -| [options.deviceVendor] | string | "'unknown'" | The vendor of the system that generated the event being reported | -| [options.deviceProduct] | string | "'unknown'" | The product name of the system that genrated the event being reported | -| [options.deviceVersion] | string | "'unknown'" | The version name of the system that genrated the event being reported | -| [options.deviceEventClassId] | string | "'unknown'" | The eventId of the system that genrated the event being reported | -| [options.name] | string | "'unknown'" | Name of the service generating the notice | +| [options.deviceVendor] | string | "'unknown'" | The vendor of the system that generated the event being reported | +| [options.deviceProduct] | string | "'unknown'" | The product name of the system that genrated the event being reported | +| [options.deviceVersion] | string | "'unknown'" | The version name of the system that genrated the event being reported | +| [options.deviceEventClassId] | string | "'unknown'" | The eventId of the system that genrated the event being reported | +| [options.name] | string | "'unknown'" | Name of the service generating the notice | | [options.severity] | string | "'unknown'" | Severity of the notification | | [options.extensions] | string | "{}" | Any CEF Key=Value extensions | -| [options.server] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | +| [options.server] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | @@ -1240,7 +1241,7 @@ Build a CEF formated string | Param | Type | Default | Description | | --- | --- | --- | --- | -| [options] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | +| [options] | Syslog | false | A {@link module:SyslogPro~Syslog| Syslog server connection} that should be used to send messages directly from this class. @see SyslogPro~Syslog | *docs autogenerated via [jsdoc2md] diff --git a/docs/docco/README.md b/docs/docco/README.md index cbe21fb..11bd0b2 100644 --- a/docs/docco/README.md +++ b/docs/docco/README.md @@ -12,13 +12,13 @@ INDEX.JS /** * @fileoverview The SyslogPro module for sending syslog messages - * Most APIs will return a promise. These APIs can be used using + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` * - * Syslog formatting classes can be used as input into a Syslog class to be used + * Syslog formatting classes can be used as input into a Syslog class to be used * simultaneously to the same Syslog server. The Syslog Class with a configured - * Syslog server target can also be used as the input into each of the formatting - * classes so that they may run independently. + * Syslog server target can also be used as the input into each of the + * formatting classes so that they may run independently. * @author Craig Yamato * @copyright (c) 2018 - Craig Yamato * @version 0.1.0 @@ -27,12 +27,12 @@ INDEX.JS * @exports CEF * @module SyslogPro */ -"use strict"; +'use strict'; const moment = require('moment'); -const os = require("os"); +const os = require('os'); const dns = require('dns'); let dnsPromises = dns.promises; -const fs = require("fs"); +const fs = require('fs'); /** * Format the ANSI foreground color code from a RGB hex code or ANSI color code @@ -42,9 +42,10 @@ const fs = require("fs"); * @returns {Promise} - The formatted ANSI color code * @throws {Error} - A Format Error */ -function rgbToAnsi (hex, extendedColor) { +function rgbToAnsi(hex, + extendedColor) { return new Promise((resolve, reject) => { - let colorCode = 0; // Var to hold color code + let colorCode = 0; // Var to hold color code ``` @@ -68,7 +69,7 @@ Break HEX Code up into RGB } else if ((hex > 29 && hex < 38) || (hex > 89 && hex < 98)) { resolve(hex); } else { - reject (new Error('FORMAT ERROR: Color code not in range')); + reject(new Error('FORMAT ERROR: Color code not in range')); } } else { const r = parseInt(hexParts[1], 16); @@ -91,18 +92,18 @@ Gray Scale Color ``` - if (r < 8) { - colorCode = 16; - } else if (r > 248) { - colorCode = 231; - } else { - colorCode = Math.round(((r - 8) / 247) * 24) + 232; - } + if (r < 8) { + colorCode = 16; + } else if (r > 248) { + colorCode = 231; + } else { + colorCode = Math.round(((r - 8) / 247) * 24) + 232; + } } else { colorCode = 16 - + (36 * Math.round(r / 255 * 5)) - + (6 * Math.round(g / 255 * 5)) - + Math.round(b / 255 * 5); + + (36 * Math.round(r / 255 * 5)) + + (6 * Math.round(g / 255 * 5)) + + Math.round(b / 255 * 5); } } else { colorCode = 30; @@ -131,58 +132,58 @@ Gray Scale Color } /** - * A class to work with syslog messages using UDP, TCP, or TLS transport. - * There is support for Syslog message formatting RFC-3164, RFC-5424 including + * A class to work with syslog messages using UDP, TCP, or TLS transport. + * There is support for Syslog message formatting RFC-3164, RFC-5424 including * Structured Data, IBM LEEF (Log Event Extended Format), and HP CEF (Common * Event Format). - * Syslog formatting classes can be used as input into a Syslog class to be used - * simultaneously to the same Syslog server. * + * Syslog formatting classes can be used as input into a Syslog class to be used + * simultaneously to the same Syslog server. * * @requires moment * @version 0.0.0 * @since 0.0.0 */ class Syslog { /** - * Construct a new Syslog transport object with user options + * Construct a new Syslog transport object with user options * @public * @version 0.0.0 * @since 0.0.0 * @this Syslog * @param {object} [options] - Options object * >>>Transport Configuration - * @param {string} [options.target='localhost'] - The IP Address|FQDN of the - * Syslog Server, this option if set will take presidents over any target + * @param {string} [options.target='localhost'] - The IP Address|FQDN of the + * Syslog Server, this option if set will take presidents over any target * set in a formatting object - * @param {string} [options.protocol='udp'] - L4 transport protocol - * (udp|tcp|tls), this option if set will take presidents over any transport - * set in a formatting object - * @param {number} [options.port=514] - IP port, this option if set will take + * @param {string} [options.protocol='udp'] - L4 transport protocol + * (udp|tcp|tls), this option if set will take presidents over any + * transport set in a formatting object + * @param {number} [options.port=514] - IP port, this option if set will take * presidents over any IP Port set in a formatting object - * @param {number} [options.tcpTimeout=10000] - Ignored for all other - * transports, this option if set will take presidents over any timeout + * @param {number} [options.tcpTimeout=10000] - Ignored for all other + * transports, this option if set will take presidents over any timeout * set in a formatting object * @param {string[]} [options.tlsServerCerts] - Array of authorized TLS server - * certificates file locations, this option if set will take presidents + * certificates file locations, this option if set will take presidents * over any certificates set in a formatting object - * @param {string} [options.tlsClientCert] - Client TLS certificate file - * location that this client should use, this option if set will take + * @param {string} [options.tlsClientCert] - Client TLS certificate file + * location that this client should use, this option if set will take * presidents over any certificates set in a formatting object - * @param {string} [options.tlsClientKey] - Client TLS key file - * location that this client should use, this option if set will take + * @param {string} [options.tlsClientKey] - Client TLS key file + * location that this client should use, this option if set will take * presidents over any certificates set in a formatting object * >>>Syslog Format Settings - * @param {string} [options.format='none'] - Valid syslog format options for + * @param {string} [options.format='none'] - Valid syslog format options for * this module are 'none', 'rfc3164', 'rfc5424', 'leef', 'cef' * @param {RFC3164} [options.rfc5424] - {@link module:SyslogPro~RFC5424| * RFC5424 related settings} * @param {RFC5424} [options.rfc5424] - {@link module:SyslogPro~RFC5424| * RFC5424 related settings} - * @param {LEEF} [options.leef] - {@link module:SyslogPro~LEEF|IBM LEEF - * (Log Event Extended Format) object} - * @param {CEF} [options.cef] - {@link module:SyslogPro~CEF|HP CEF - * (Common Event Format) formatting object} + * @param {LEEF} [options.leef] - {@link module:SyslogPro~LEEF|IBM LEEF + * (Log Event Extended Format) object} + * @param {CEF} [options.cef] - {@link module:SyslogPro~CEF|HP CEF + * (Common Event Format) formatting object} */ - constructor (options) { + constructor(options) { this.constructor__ = true; if (!options) { options = {}; @@ -211,21 +212,21 @@ Basic transport setup this.port = options.port || 514; /** @type {number} */ this.tcpTimeout = options.tcpTimeout || 10000; - if ((typeof options.tlsServerCerts === 'object' + if ((typeof options.tlsServerCerts === 'object' && Array.isArray(options.tlsServerCerts)) || typeof options.tlsServerCerts === 'string') { - this.addTlsServerCerts(options.tlsServerCerts); + this.addTlsServerCerts(options.tlsServerCerts); } else { /** @type {string[]} */ this.tlsServerCerts = []; } if (options.tlsClientCert) { /** @type {string} */ - this.tlsClientCert = options.tlsClientCert; + this.tlsClientCert = options.tlsClientCert; } if (options.tlsClientKey) { /** @type {string} */ - this.tlsClientKey = options.tlsClientKey; + this.tlsClientKey = options.tlsClientKey; } ``` @@ -293,9 +294,9 @@ Syslog Format this.cef = new CEF(); } } - + /** - * Add a TLS server certificate which can be used to authenticate the server + * Add a TLS server certificate which can be used to authenticate the server * this syslog client is connecting too. This function will validate the * input as a file location string and add it to an array of certificates * @private @@ -305,7 +306,7 @@ Syslog Format * @returns {Promise} - True * @throws {Error} - A Type Error */ - addTlsServerCerts (certs) { + addTlsServerCerts(certs) { return new Promise((resolve, reject) => { if (typeof certs === 'object' && Array.isArray(certs)) { /** @private @type {string[]} */ @@ -313,7 +314,8 @@ Syslog Format } else if (typeof certs === 'string') { this.tlsServerCerts = [certs]; } else { - let errMsg = 'TYPE ERROR: Server Cert file locations should be a string'; + let errMsg = + 'TYPE ERROR: Server Cert file locations should be a string'; errMsg += ' or array of strings'; reject(new Error(errMsg)); } @@ -327,16 +329,79 @@ Syslog Format * @returns {Promise} - The Syslog formatted string sent * @throws {Error} - Network Error */ - udpMessage (msg) { + udpMessage(msg) { return new Promise((resolve, reject) => { - const dgram = require('dgram');// Test for target DNS and Address Family (IPv4/6) by looking up the DNS + +``` + + + + + + + +Test for target DNS and Address Family (IPv4/6) by looking up the DNS + + + + +``` + const dgram = require('dgram'); const dnsOptions = { - verbatim: true + verbatim: true, }; dnsPromises.lookup(this.target, dnsOptions) - .then((result) => { - const udpType = result.family === 4 ? 'udp4' : 'udp6'; - let client = dgram.createSocket(udpType); + .then((result) => { + const udpType = result.family === 4 ? 'udp4' : 'udp6'; + let client = dgram.createSocket(udpType); + +``` + + + + + + + +Turn msg in to a UTF8 buffer + + + + +``` + let msgBuffer = Buffer.from(msg, 'utf8'); + client.send(msgBuffer, this.port, this.target, () => { + client.close(); + resolve(msg); + }); + }) + .catch((error) => { + reject(error); // Reject out of the sendMessage function promise + }); + }); + } + /** + * Send the Syslog message over TCP + * @private + * @param {string} msg - The formatted Syslog Message + * @returns {Promise} - The Syslog formatted string sent + * @throws {Error} - Timeout error for TCP and TLS connections + * @throws {Error} - Network Error + */ + tcpMessage(msg) { + return new Promise((resolve, reject) => { + const net = require('net'); + const dnsOptions = { + verbatim: true, + }; + dnsPromises.lookup(this.target, dnsOptions) + .then((result) => { + const tcpOptions = { + host: this.target, + port: this.port, + family: result.family, + }; + const client = net.createConnection(tcpOptions, () => { ``` @@ -353,74 +418,26 @@ Turn msg in to a UTF8 buffer ``` let msgBuffer = Buffer.from(msg, 'utf8'); - client.send(msgBuffer, this.port, this.target, (error) => { - client.close(); - resolve(msg); - }); - }) - .catch((error) => { - reject(error); // Reject out of the sendMessage function promise - }); - }); - } - /** - * Send the Syslog message over TCP - * @private - * @param {string} msg - The formatted Syslog Message - * @returns {Promise} - The Syslog formatted string sent - * @throws {Error} - Timeout error for TCP and TLS connections - * @throws {Error} - Network Error - */ - tcpMessage (msg) { - return new Promise((resolve, reject) => { - const net = require('net'); - const dnsOptions = { - verbatim: true - }; - dnsPromises.lookup(this.target, dnsOptions) - .then((result) => { - const tcpOptions = { - host: this.target, - port: this.port, - family: result.family - }; - const client = net.createConnection(tcpOptions, () => { - -``` - - - - - - - -Turn msg in to a UTF8 buffer - - - - -``` - let msgBuffer = Buffer.from(msg, 'utf8'); - client.write(msgBuffer, () => { - client.end(); - }); - }); - client.setTimeout(this.tcpTimeout); - client.on('end', () => { - resolve(msg); - }); - client.on('timeout', () => { + client.write(msgBuffer, () => { client.end(); - reject(new Error('TIMEOUT ERROR: Syslog server TCP timeout')); }); - client.on('error', (error) => { - client.destroy(); - reject(error); - }); - }) - .catch((error) => { + }); + client.setTimeout(this.tcpTimeout); + client.on('end', () => { + resolve(msg); + }); + client.on('timeout', () => { + client.end(); + reject(new Error('TIMEOUT ERROR: Syslog server TCP timeout')); + }); + client.on('error', (error) => { + client.destroy(); reject(error); }); + }) + .catch((error) => { + reject(error); + }); }); } /** @@ -431,7 +448,7 @@ Turn msg in to a UTF8 buffer * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - tlsMessage (msg) { + tlsMessage(msg) { return new Promise((resolve, reject) => { const tls = require('tls'); const tlsOptions = { @@ -453,17 +470,17 @@ Load client cert and key if requested ``` - if (typeof this.tlsClientKey === 'string' + if (typeof this.tlsClientKey === 'string' && typeof this.tlsClientCert === 'string') { tlsOptions.key = fs.readFileSync(this.tlsClientKey); - tlsOptions.cert = fs.readFileSync(this.tlsClientCert); - } else if (typeof this.tlsClientKey !== 'string' + tlsOptions.cert = fs.readFileSync(this.tlsClientCert); + } else if (typeof this.tlsClientKey !== 'string' && typeof this.tlsClientKey !== 'undefined') { let errMsg = 'TYPE ERROR: TLS Client Key is not a file'; errMsg += 'location string'; reject(new Error(errMsg)); return; - } else if (typeof this.tlsClientCert !== 'string' + } else if (typeof this.tlsClientCert !== 'string' && typeof this.tlsClientCert !== 'undefined') { let errMsg = 'TYPE ERROR: TLS Client Cert is not a file'; errMsg += 'location string'; @@ -488,7 +505,7 @@ Load any server certs if provided let tlsCerts = this.tlsServerCerts.length; if (tlsCerts > 0) { let tlsOptionsCerts = []; - for (let certIndex=0; certIndex { client.destroy(); reject(error); - }); + }); }); } /** - * Send the Syslog message to the selected target Syslog server using the + * Send the Syslog message to the selected target Syslog server using the * selected transport. * @private * @param {string} msg - The formatted Syslog Message @@ -544,37 +561,37 @@ Turn msg in to a UTF8 buffer * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - send (msg) { + send(msg) { return new Promise((resolve, reject) => { if (typeof msg !== 'string') { - reject(new Error("TYPE ERROR: Syslog message must be a string")); + reject(new Error('TYPE ERROR: Syslog message must be a string')); return; } this.protocol = this.protocol.toLowerCase(); if (this.protocol === 'udp') { this.udpMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else if (this.protocol === 'tcp') { this.tcpMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else if (this.protocol === 'tls') { this.tlsMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else { let errorMsg = 'FORMAT ERROR: Protocol not recognized, should be '; errorMsg += 'udp|tcp|tls'; @@ -583,18 +600,18 @@ Turn msg in to a UTF8 buffer }); } } - + /** - * A class to work with RFC3164 formatted syslog messages. The messaging is fully configurable and ANSI foreground - * colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. - * Most APIs will return a promise. These APIs can be used using - * `then(...)/catch(...)` - * + * A class to work with RFC3164 formatted syslog messages. The messaging is + * fully configurable and ANSI foreground colors can be added. Both ANSI 8 and + * ANSI 256 color are fully supported. Most APIs will return a promise. These + * APIs can be used using `then(...)/catch(...)` + * * A Syslog class with a configured - * Syslog server target can also be used as the input into the formatting + * Syslog server target can also be used as the input into the formatting * classes so that it may run independently. - * - * The RFC3164 Syslog logging format is meant to be used as a stream of log data + * + * The RFC3164 Syslog logging format is meant to be used as a stream of log data * from a service or application. This class is designed to be used in this * fashion where new messages are written to the class as needed. * @requires moment @@ -603,49 +620,49 @@ Turn msg in to a UTF8 buffer */ class RFC3164 { /** - * Construct a new RFC3164 formatted Syslog object with user options + * Construct a new RFC3164 formatted Syslog object with user options * @public * @this RFC3164 * @param {object} [options] - Options object * @param {string} [options.applacationName='NodeJSLogger'] - Application * @param {string} [options.hostname=os.hostname] - The name of this server - * @param {number} [options.facility=23] - Facility code to use sending this - * message - * @param {boolean} [options.color=false] - Apply color coding encoding tag - * with syslog message text - * @param {boolean} [options.extendedColor=false] - Use the extended ANSI - * color set encoding tag with syslog message text - * @param {object} [options.colors] - User defended colors for + * @param {number} [options.facility=23] - Facility code to use sending this + * message + * @param {boolean} [options.color=false] - Apply color coding encoding tag + * with syslog message text + * @param {boolean} [options.extendedColor=false] - Use the extended ANSI + * color set encoding tag with syslog message text + * @param {object} [options.colors] - User defended colors for * severities - * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) + * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.warningColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.informationalColor] - A RGB Hex coded color + * in the form of #FFFFFF or as or the ANSI color code number (30-37 + * Standard & 0-255 Extended) + * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -705,189 +722,189 @@ class RFC3164 { } /** * Sets the color to be used for messages at a set priority - * @public - * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @public + * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.alertColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.errorColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.warningColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.informationalColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [colors.debugColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) * @throws {Error} A standard error object */ - setColor (colors, extendedColor) { + setColor(colors, extendedColor) { return new Promise((resolve, reject) => { let colorPromises = []; if (colors.emergencyColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.emergencyColor, this.extendedColor) - .then((result) => { - this.emergencyColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'emergencyColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.emergencyColor, this.extendedColor) + .then((result) => { + this.emergencyColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'emergencyColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.alertColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.alertColor, this.extendedColor) - .then((result) => { - this.alertColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'alertColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.alertColor, this.extendedColor) + .then((result) => { + this.alertColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'alertColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.criticalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.criticalColor, this.extendedColor) - .then((result) => { - this.criticalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'criticalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.criticalColor, this.extendedColor) + .then((result) => { + this.criticalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'criticalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.errorColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.errorColor, this.extendedColor) - .then((result) => { - this.errorColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'errorColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.errorColor, this.extendedColor) + .then((result) => { + this.errorColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'errorColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.warningColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.warningColor, this.extendedColor) - .then((result) => { - this.warningColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'warningColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.warningColor, this.extendedColor) + .then((result) => { + this.warningColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'warningColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.noticeColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.noticeColor, this.extendedColor) - .then((result) => { - this.noticeColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'noticeColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.noticeColor, this.extendedColor) + .then((result) => { + this.noticeColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'noticeColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.informationalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.informationalColor, this.extendedColor) - .then((result) => { - this.informationalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'informationalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.informationalColor, this.extendedColor) + .then((result) => { + this.informationalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'informationalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.debugColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.debugColor, this.extendedColor) - .then((result) => { - this.debugColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'debugColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.debugColor, this.extendedColor) + .then((result) => { + this.debugColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'debugColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } Promise.all(colorPromises) - .then((results) => { - resolve(true); - }) - .catch((reson) => { - reject(reson); - }); + .then((results) => { + resolve(true); + }) + .catch((reson) => { + reject(reson); + }); }); } /** - * Building a formatted message. Returns a promise with a formatted message + * Building a formatted message. Returns a promise with a formatted message * @public * @param {string} msg - The Syslog Message * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.colorCode=36] - The ANSI color code to use if * message coloration is selected * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - buildMessage (msg, options) { + buildMessage(msg, options) { return new Promise((resolve, reject) => { options = options || {}; - let severity = typeof options.severity === 'number' ? - options.severity : 6; + let severity = typeof options.severity === 'number' ? + options.severity : 6; if (typeof msg !== 'string' || options.msgSeverity > 7) { let errMsg = 'FORMAT ERROR: Syslog message must be a string'; errMsg += ' msgSeverity must be a number between 0 and 7'; @@ -956,7 +973,7 @@ Add requested color colorCode += options.msgColor; colorCode += 'm'; // ANSI Color Closer } else { - colorCode = '[39m'; // Use terminal's default color + colorCode = '[39m'; // Use terminal's default color } msg = escapeCode + colorCode + msg + resetColor; } @@ -969,16 +986,18 @@ Add requested color -RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164 uses BSD timeformat +RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164 +uses BSD timeformat ``` - const rfc3164DateRegEx = /((A|D|F|J|M|N|O|S)(a|c|e|p|o|u)(b|c|g|l|n|p|r|t|v|y)\s)0(\d\s\d\d:\d\d:\d\d)/; + const rfc3164DateRegEx = +/((A|D|F|J|M|N|O|S)(a|c|e|p|o|u)(b|c|g|l|n|p|r|t|v|y)\s)0(\d\s\d\d:\d\d:\d\d)/; const timestamp = moment() - .format('MMM DD hh:mm:ss') - .replace(rfc3164DateRegEx, '$1 $5'); + .format('MMM DD hh:mm:ss') + .replace(rfc3164DateRegEx, '$1 $5'); ``` @@ -1004,19 +1023,19 @@ Build message }); } /** - * send a RFC5424 formatted message. Returns a promise with the formatted - * message that was sent. If no server connection was defined when the - * class was created a default Syslog connector will be used. + * send a RFC5424 formatted message. Returns a promise with the formatted + * message that was sent. If no server connection was defined when the + * class was created a default Syslog connector will be used. * @see SyslogPro~Syslog * @public * @param {string} msg - The unformatted Syslog message to send * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.colorCode=36] - The ANSI color code to use if * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - send (msg, options) { + send(msg, options) { return new Promise((resolve, reject) => { if (!this.server) { this.server = new Syslog(); @@ -1035,7 +1054,7 @@ Build message reject(error); }); }); - } + } /** * Send a syslog message with a security level of 0 (Emergency) * @public @@ -1043,10 +1062,10 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emergency (msg) { + emergency(msg) { return this.send(msg, { - severity: 0, - colorCode: this.emergencyColor + severity: 0, + colorCode: this.emergencyColor, }); } /** @@ -1056,7 +1075,7 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emer (msg) { + emer(msg) { return this.emergency(msg); } /** @@ -1066,10 +1085,10 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - alert (msg) { + alert(msg) { return this.send(msg, { - severity: 1, - colorCode: this.alertColor + severity: 1, + colorCode: this.alertColor, }); } /** @@ -1079,10 +1098,10 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - critical (msg) { + critical(msg) { return this.send(msg, { - severity: 2, - colorCode: this.criticalColor + severity: 2, + colorCode: this.criticalColor, }); } /** @@ -1092,7 +1111,7 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - crit (msg) { + crit(msg) { return this.critical(msg); } /** @@ -1102,10 +1121,10 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - error (msg) { + error(msg) { return this.send(msg, { - severity: 3, - colorCode: this.errorColor + severity: 3, + colorCode: this.errorColor, }); } /** @@ -1115,7 +1134,7 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - err (msg) { + err(msg) { return this.error(msg); } /** @@ -1125,10 +1144,10 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warning (msg) { + warning(msg) { return this.send(msg, { - severity: 4, - colorCode: this.warningColor + severity: 4, + colorCode: this.warningColor, }); } /** @@ -1138,7 +1157,7 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warn (msg) { + warn(msg) { return this.warning(msg); } /** @@ -1148,10 +1167,10 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - notice (msg) { + notice(msg) { return this.send(msg, { - severity: 5, - colorCode: this.noticeColor + severity: 5, + colorCode: this.noticeColor, }); } /** @@ -1161,40 +1180,43 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - note (msg) { + note(msg) { return this.notice(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - informational (msg) { + informational(msg) { return this.send(msg, { - severity: 6, - colorCode: this.informationalColor + severity: 6, + colorCode: this.informationalColor, }); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - info (msg) { + info(msg) { return this.informational(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - log (msg) { + log(msg) { return this.informational(msg); } /** @@ -1204,25 +1226,26 @@ Build message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - debug (msg) { + debug(msg) { return this.send(msg, { - severity: 7, - colorCode: this.debugColor + severity: 7, + colorCode: this.debugColor, }); } } /** - * A class to work with RFC5424 formatted syslog messages. The messaging is fully configurable and ANSI foreground - * colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. - * Most APIs will return a promise. These APIs can be used using + * A class to work with RFC5424 formatted syslog messages. The messaging is + * fully configurable and ANSI foreground * colors can be added. Both ANSI 8 + * and ANSI 256 color are fully supported. + *Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * + * * A Syslog class with a configured - * Syslog server target can also be used as the input into the formatting + * Syslog server target can also be used as the input into the formatting * classes so that it may run independently. - * - * The RFC5424 Syslog logging format is meant to be used as a stream of log data + * + * The RFC5424 Syslog logging format is meant to be used as a stream of log data * from a service or application. This class is designed to be used in this * fashion where new messages are written to the class as needed. * @requires moment @@ -1231,56 +1254,56 @@ Build message */ class RFC5424 { /** - * Construct a new RFC5424 formatted Syslog object with user options + * Construct a new RFC5424 formatted Syslog object with user options * @public * @this RFC5424 * @param {object} [options] - Options object * @param {string} [options.applacationName='NodeJSLogger'] - Application * @param {string} [options.hostname=os.hostname] - The name of this server * @param {boolean} [options.timestamp=false] - Included a Timestamp - * @param {boolean} [options.timestampUTC=false] - RFC standard is for + * @param {boolean} [options.timestampUTC=false] - RFC standard is for * local time - * @param {boolean} [options.timestampMS=false] - Timestamp with ms + * @param {boolean} [options.timestampMS=false] - Timestamp with ms * resolution * @param {boolean} [options.timestampTZ=true] - Should the timestamp * included time zone - * @param {boolean} [options.encludeStructuredData=false] - Included + * @param {boolean} [options.encludeStructuredData=false] - Included * any provided structured data - * @param {boolean} [options.utf8BOM=true] - Included the UTF8 - * @param {boolean} [options.color=false] - Included the UTF8 - * @param {boolean} [options.extendedColor=false] - Included the UTF8 - * encoding tag with syslog message text - * @param {object} [options.colors] - User defended colors for + * @param {boolean} [options.utf8BOM=true] - Included the UTF8 + * @param {boolean} [options.color=false] - Included the UTF8 + * @param {boolean} [options.extendedColor=false] - Included the UTF8 + * encoding tag with syslog message text + * @param {object} [options.colors] - User defended colors for * severities - * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) + * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.warningColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.informationalColor] - A RGB Hex coded color + * in the form of #FFFFFF or as or the ANSI color code number (30-37 + * Standard & 0-255 Extended) + * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -1375,198 +1398,198 @@ class RFC5424 { } /** * Sets the color to be used for messages at a set priority - * @public - * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @public + * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.alertColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.errorColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.warningColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.informationalColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [colors.debugColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) * @throws {Error} A standard error object */ - setColor (colors, extendedColor) { + setColor(colors, extendedColor) { return new Promise((resolve, reject) => { let colorPromises = []; if (colors.emergencyColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.emergencyColor, this.extendedColor) - .then((result) => { - this.emergencyColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'emergencyColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.emergencyColor, this.extendedColor) + .then((result) => { + this.emergencyColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'emergencyColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.alertColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.alertColor, this.extendedColor) - .then((result) => { - this.alertColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'alertColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.alertColor, this.extendedColor) + .then((result) => { + this.alertColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'alertColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.criticalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.criticalColor, this.extendedColor) - .then((result) => { - this.criticalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'criticalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.criticalColor, this.extendedColor) + .then((result) => { + this.criticalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'criticalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.errorColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.errorColor, this.extendedColor) - .then((result) => { - this.errorColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'errorColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.errorColor, this.extendedColor) + .then((result) => { + this.errorColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'errorColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.warningColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.warningColor, this.extendedColor) - .then((result) => { - this.warningColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'warningColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.warningColor, this.extendedColor) + .then((result) => { + this.warningColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'warningColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.noticeColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.noticeColor, this.extendedColor) - .then((result) => { - this.noticeColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'noticeColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.noticeColor, this.extendedColor) + .then((result) => { + this.noticeColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'noticeColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.informationalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.informationalColor, this.extendedColor) - .then((result) => { - this.informationalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'informationalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.informationalColor, this.extendedColor) + .then((result) => { + this.informationalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'informationalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.debugColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.debugColor, this.extendedColor) - .then((result) => { - this.debugColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'debugColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.debugColor, this.extendedColor) + .then((result) => { + this.debugColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'debugColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } Promise.all(colorPromises) - .then((results) => { - resolve(true); - }) - .catch((reson) => { - reject(reson); - }); + .then((results) => { + resolve(true); + }) + .catch((reson) => { + reject(reson); + }); }); } /** - * Building a formatted message. Returns a promise with a formatted message + * Building a formatted message. Returns a promise with a formatted message * @public * @param {string} msg - The Syslog Message * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.facility=23] - Facility code to use sending this - * message - * @param {string} [options.pid='-'] - The process id of the service sending - * this message - * @param {string[]} [options.structuredData] - An array of structure - * data strings conforming to the IETF/IANA defined SD-IDs or IANA - * registered SMI Network Management Private Enterprise Code SD-ID - * conforming to the format - * [name@ parameter=value] - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.facility=23] - Facility code to use sending this + * message + * @param {string} [options.pid='-'] - The process id of the service sending + * this message + * @param {string[]} [options.structuredData] - An array of structure + * data strings conforming to the IETF/IANA defined SD-IDs or IANA + * registered SMI Network Management Private Enterprise Code SD-ID + * conforming to the format + * [name@ parameter=value] + * @param {number} [options.colorCode=36] - The ANSI color code to use if * message coloration is selected * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - buildMessage (msg, options) { + buildMessage(msg, options) { return new Promise((resolve, reject) => { options = options || {}; - let severity = typeof options.severity === 'number' ? - options.severity : 6; + let severity = typeof options.severity === 'number' ? + options.severity : 6; if (typeof msg !== 'string' || options.severity > 7) { let errMsg = 'FORMAT ERROR: Syslog message must be a string'; errMsg += ' msgSeverity must be a number between 0 and 7'; @@ -1639,7 +1662,7 @@ Add requested color colorCode += options.msgColor; colorCode += 'm'; // ANSI Color Closer } else { - colorCode = '[39m'; // Use terminal's default color + colorCode = '[39m'; // Use terminal's default color } msg = escapeCode + colorCode + msg + resetColor; } @@ -1736,12 +1759,12 @@ Loop to drop duplicates of the same SD Element name ``` - for (let elementIndex=0; - elementIndex { if (!this.server) { this.server = new Syslog(); @@ -1818,10 +1841,10 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emergency (msg) { + emergency(msg) { return this.send(msg, { - severity: 0, - colorCode: this.emergencyColor + severity: 0, + colorCode: this.emergencyColor, }); } /** @@ -1831,7 +1854,7 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emer (msg) { + emer(msg) { return this.emergency(msg); } /** @@ -1841,10 +1864,10 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - alert (msg) { + alert(msg) { return this.send(msg, { - severity: 1, - colorCode: this.alertColor + severity: 1, + colorCode: this.alertColor, }); } /** @@ -1854,10 +1877,10 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - critical (msg) { + critical(msg) { return this.send(msg, { - severity: 2, - colorCode: this.criticalColor + severity: 2, + colorCode: this.criticalColor, }); } /** @@ -1867,7 +1890,7 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - crit (msg) { + crit(msg) { return this.critical(msg); } /** @@ -1877,10 +1900,10 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - error (msg) { + error(msg) { return this.send(msg, { - severity: 3, - colorCode: this.errorColor + severity: 3, + colorCode: this.errorColor, }); } /** @@ -1890,7 +1913,7 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - err (msg) { + err(msg) { return this.error(msg); } /** @@ -1900,10 +1923,10 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warning (msg) { + warning(msg) { return this.send(msg, { - severity: 4, - colorCode: this.warningColor + severity: 4, + colorCode: this.warningColor, }); } /** @@ -1913,7 +1936,7 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warn (msg) { + warn(msg) { return this.warning(msg); } /** @@ -1923,10 +1946,10 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - notice (msg) { + notice(msg) { return this.send(msg, { - severity: 5, - colorCode: this.noticeColor + severity: 5, + colorCode: this.noticeColor, }); } /** @@ -1936,40 +1959,43 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - note (msg) { + note(msg) { return this.notice(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - informational (msg) { + informational(msg) { return this.send(msg, { - severity: 6, - colorCode: this.informationalColor + severity: 6, + colorCode: this.informationalColor, }); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - info (msg) { + info(msg) { return this.informational(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - log (msg) { + log(msg) { return this.informational(msg); } /** @@ -1979,26 +2005,26 @@ Build the message * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - debug (msg) { + debug(msg) { return this.send(msg, { - severity: 7, - colorCode: this.debugColor + severity: 7, + colorCode: this.debugColor, }); } } - + /** * A class to work with IBM LEEF (Log Event Extended Format) messages this form * of system messages are designed to work with security systems. Messages can - * be saved to file (Saving to file if not part of this module but a LEEF - * formatted message produced by this module can be saved externally to it) or - * sent via Syslog. - * Most APIs will return a promise. These APIs can be used using + * be saved to file (Saving to file if not part of this module but a LEEF + * formatted message produced by this module can be saved externally to it) or + * sent via Syslog. + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * - * A Syslog class with a configured Syslog server target can also be used as - * the input into the formatting classes so that it may run independently. The - * LEEF format is designed to send event data to a SIEM system and should not + * + * A Syslog class with a configured Syslog server target can also be used as + * the input into the formatting classes so that it may run independently. The + * LEEF format is designed to send event data to a SIEM system and should not * be as a logging stream. This class is meant to be used once per message. * @requires moment * @version 0.0.0 @@ -2011,22 +2037,22 @@ class LEEF { * @param {object} [options] - Options object * @param {string} [options.vendor='unknown'] - The vendor of the system that * generated the event being reported - * @param {string} [options.product='unknown'] - The product name of the + * @param {string} [options.product='unknown'] - The product name of the * system that genrated the event being reported - * @param {string} [options.version='unknown'] - The version name of the + * @param {string} [options.version='unknown'] - The version name of the * system that genrated the event being reported - * @param {string} [options.eventId='unknown'] - The eventId of the + * @param {string} [options.eventId='unknown'] - The eventId of the * system that genrated the event being reported - * @param {object} [options.attributes] - LEEF message attributes which + * @param {object} [options.attributes] - LEEF message attributes which * defaults to all base attributes with null values, new attributes should * be added as new elements to this object - * @param {boolean} [options.syslogHeader='true'] - Should the LEEF message + * @param {boolean} [options.syslogHeader='true'] - Should the LEEF message * include a Syslog header with Timestamp and source * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -2039,8 +2065,8 @@ class LEEF { /** @type {string} */ this.eventId = options.eventId || 'unknown'; /** @type {boolean} */ - this.syslogHeader = typeof options.syslogHeader === 'boolean' - ? options.syslogHeader : true; + this.syslogHeader = typeof options.syslogHeader === 'boolean' + ? options.syslogHeader : true; /** @type {object} */ this.attributes = options.attributes || { cat: null, @@ -2104,7 +2130,7 @@ class LEEF { * @public * @return {Promise} - string with formatted message */ - buildMessage () { + buildMessage() { return new Promise((resolve, reject) => { let fmtMsg = 'LEEF:2.0'; fmtMsg += '|' + this.vendor; @@ -2112,7 +2138,7 @@ class LEEF { fmtMsg += '|' + this.version; fmtMsg += '|' + this.eventId; fmtMsg += '|'; - + ``` @@ -2139,14 +2165,14 @@ Build LEEF Attributes resolve(fmtMsg); }); } - + /** * @public * @param {Syslog} [options=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - send (options) { + send(options) { return new Promise((resolve, reject) => { this.buildMessage() .then((result) => { @@ -2168,42 +2194,42 @@ Build LEEF Attributes /** * A class to work with HP CEF (Common Event Format) messages. This form * of system messages are designed to work with security systems. Messages can - * be saved to file (Saving to file if not part of this module but a CEF - * formatted message produced by this module can be saved externally to it) or + * be saved to file (Saving to file if not part of this module but a CEF + * formatted message produced by this module can be saved externally to it) or * sent via Syslog. - * Most APIs will return a promise. These APIs can be used using + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * - * A Syslog class with a configured Syslog server target can also be used as - * the input into the formatting classes so that it may run independently. The CEF - * format is designed to send event data to a SIEM system and should not be as - * a logging stream. This class is meant to be used once per message. + * + * A Syslog class with a configured Syslog server target can also be used as + * the input into the formatting classes so that it may run independently. The + * CEF format is designed to send event data to a SIEM system and should not be + * as a logging stream. This class is meant to be used once per message. * @requires moment * @version 0.0.0 * @since 0.0.0 */ class CEF { /** - * Construct a new CEF formatting object with user options + * Construct a new CEF formatting object with user options * @public * @param {object} [options] - Options object - * @param {string} [options.deviceVendor='unknown'] - The vendor of the system + * @param {string} [options.deviceVendor='unknown'] - The vendor of the system * that generated the event being reported - * @param {string} [options.deviceProduct='unknown'] - The product name of the + * @param {string} [options.deviceProduct='unknown'] - The product name of the * system that genrated the event being reported - * @param {string} [options.deviceVersion='unknown'] - The version name of the + * @param {string} [options.deviceVersion='unknown'] - The version name of the * system that genrated the event being reported - * @param {string} [options.deviceEventClassId='unknown'] - The eventId of the + * @param {string} [options.deviceEventClassId='unknown'] - The eventId of the * system that genrated the event being reported - * @param {string} [options.name='unknown'] - Name of the service generating + * @param {string} [options.name='unknown'] - Name of the service generating * the notice * @param {string} [options.severity='unknown'] - Severity of the notification * @param {string} [options.extensions={}] - Any CEF Key=Value extensions * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -2221,163 +2247,163 @@ class CEF { this.severity = options.severity || 'Unknown'; /** @type {object} */ this.extensions = options.extensions || { - 'deviceAction': null, - 'applicationProtocol': null, - 'deviceCustomIPv6Address1': null, + deviceAction: null, + applicationProtocol: null, + deviceCustomIPv6Address1: null, 'deviceCustomIPv6 Address1Label': null, - 'deviceCustomIPv6Address3': null, + deviceCustomIPv6Address3: null, 'deviceCustomIPv6Address3 Label': null, 'deviceCustomIPv6 Address4': null, 'deviceCustomIPv6 Address4Label': null, - 'deviceEventCategory': null, - 'deviceCustomFloatingPoint1': null, + deviceEventCategory: null, + deviceCustomFloatingPoint1: null, 'deviceCustom FloatingPoint1Label': null, - 'deviceCustomFloatingPoint2': null, + deviceCustomFloatingPoint2: null, 'deviceCustomFloatingPoint2 Label': null, - 'deviceCustomFloatingPoint3': null, + deviceCustomFloatingPoint3: null, 'deviceCustom FloatingPoint3Label': null, - 'deviceCustomFloatingPoint4': null, + deviceCustomFloatingPoint4: null, 'deviceCustom FloatingPoint4Label': null, - 'deviceCustomNumber1': null, - 'deviceCustomNumber1Label': null, - 'DeviceCustomNumber2': null, - 'deviceCustomNumber2Label': null, - 'deviceCustomNumber3': null, - 'deviceCustomNumber3Label': null, - 'baseEventCount': null, - 'deviceCustomString1': null, - 'deviceCustomString1Label': null, - 'deviceCustomString2': null, - 'deviceCustomString2Label': null, - 'deviceCustomString3': null, - 'deviceCustomString3Label': null, - 'deviceCustomString4': null, - 'deviceCustomString4Label': null, - 'deviceCustomString5': null, - 'deviceCustomString5Label': null, - 'deviceCustomString6': null, - 'deviceCustomString6Label': null, - 'destinationDnsDomain': null, - 'destinationServiceName': null, + deviceCustomNumber1: null, + deviceCustomNumber1Label: null, + DeviceCustomNumber2: null, + deviceCustomNumber2Label: null, + deviceCustomNumber3: null, + deviceCustomNumber3Label: null, + baseEventCount: null, + deviceCustomString1: null, + deviceCustomString1Label: null, + deviceCustomString2: null, + deviceCustomString2Label: null, + deviceCustomString3: null, + deviceCustomString3Label: null, + deviceCustomString4: null, + deviceCustomString4Label: null, + deviceCustomString5: null, + deviceCustomString5Label: null, + deviceCustomString6: null, + deviceCustomString6Label: null, + destinationDnsDomain: null, + destinationServiceName: null, 'destinationTranslated Address': null, - 'destinationTranslatedPort': null, - 'deviceCustomDate1': null, - 'deviceCustomDate1Label': null, - 'deviceCustomDate2': null, - 'deviceCustomDate2Label': null, - 'deviceDirection': null, - 'deviceDnsDomain': null, - 'deviceExternalId': null, - 'deviceFacility': null, - 'deviceInboundInterface': null, - 'deviceNtDomain': null, - 'deviceOutboundInterface': null, - 'devicePayloadId': null, - 'deviceProcessName': null, - 'deviceTranslatedAddress': null, - 'destinationHostName': null, - 'destinationMacAddress': null, - 'destinationNtDomain': null, - 'destinationProcessId': null, - 'destinationUserPrivileges': null, - 'destinationProcessName': null, - 'destinationPort': null, - 'destinationAddress': null, - 'deviceTimeZone': null, - 'destinationUserId': null, - 'destinationUserName': null, - 'deviceAddress': null, - 'deviceHostName': null, - 'deviceMacAddress': null, - 'deviceProcessId': null, - 'endTime': null, - 'externalId': null, - 'fileCreateTime': null, - 'fileHash': null, - 'fileId': null, - 'fileModificationTime': null, - 'filePath': null, - 'filePermission': null, - 'fileType': null, - 'flexDate1': null, - 'flexDate1Label': null, - 'flexString1': null, - 'flexString1Label': null, - 'flexString2': null, - 'flexString2Label': null, - 'filename': null, - 'fileSize': null, - 'bytesIn': null, - 'message': null, - 'oldFileCreateTime': null, - 'oldFileHash': null, - 'oldFileId': null, - 'oldFileModificationTime': null, - 'oldFileName': null, - 'oldFilePath': null, - 'oldFileSize': null, - 'oldFileType': null, - 'bytesOut': null, - 'eventOutcome': null, - 'transportProtocol': null, - 'Reason': null, - 'requestUrl': null, - 'requestClientApplication': null, - 'requestContext': null, - 'requestCookies': null, - 'requestMethod': null, - 'deviceReceiptTime': null, - 'sourceHostName': null, - 'sourceMacAddress': null, - 'sourceNtDomain': null, - 'sourceDnsDomain': null, - 'sourceServiceName': null, - 'sourceTranslatedAddress': null, - 'sourceTranslatedPort': null, - 'sourceProcessId': null, - 'sourceUserPrivileges': null, - 'sourceProcessName': null, - 'sourcePort': null, - 'sourceAddress': null, - 'startTime': null, - 'sourceUserId': null, - 'sourceUserName': null, - 'type': null, - 'agentDnsDomain': null, - 'agentNtDomain': null, - 'agentTranslatedAddress': null, + destinationTranslatedPort: null, + deviceCustomDate1: null, + deviceCustomDate1Label: null, + deviceCustomDate2: null, + deviceCustomDate2Label: null, + deviceDirection: null, + deviceDnsDomain: null, + deviceExternalId: null, + deviceFacility: null, + deviceInboundInterface: null, + deviceNtDomain: null, + deviceOutboundInterface: null, + devicePayloadId: null, + deviceProcessName: null, + deviceTranslatedAddress: null, + destinationHostName: null, + destinationMacAddress: null, + destinationNtDomain: null, + destinationProcessId: null, + destinationUserPrivileges: null, + destinationProcessName: null, + destinationPort: null, + destinationAddress: null, + deviceTimeZone: null, + destinationUserId: null, + destinationUserName: null, + deviceAddress: null, + deviceHostName: null, + deviceMacAddress: null, + deviceProcessId: null, + endTime: null, + externalId: null, + fileCreateTime: null, + fileHash: null, + fileId: null, + fileModificationTime: null, + filePath: null, + filePermission: null, + fileType: null, + flexDate1: null, + flexDate1Label: null, + flexString1: null, + flexString1Label: null, + flexString2: null, + flexString2Label: null, + filename: null, + fileSize: null, + bytesIn: null, + message: null, + oldFileCreateTime: null, + oldFileHash: null, + oldFileId: null, + oldFileModificationTime: null, + oldFileName: null, + oldFilePath: null, + oldFileSize: null, + oldFileType: null, + bytesOut: null, + eventOutcome: null, + transportProtocol: null, + Reason: null, + requestUrl: null, + requestClientApplication: null, + requestContext: null, + requestCookies: null, + requestMethod: null, + deviceReceiptTime: null, + sourceHostName: null, + sourceMacAddress: null, + sourceNtDomain: null, + sourceDnsDomain: null, + sourceServiceName: null, + sourceTranslatedAddress: null, + sourceTranslatedPort: null, + sourceProcessId: null, + sourceUserPrivileges: null, + sourceProcessName: null, + sourcePort: null, + sourceAddress: null, + startTime: null, + sourceUserId: null, + sourceUserName: null, + type: null, + agentDnsDomain: null, + agentNtDomain: null, + agentTranslatedAddress: null, 'agentTranslatedZone ExternalID': null, - 'agentTranslatedZoneURI': null, - 'agentZoneExternalID': null, - 'agentZoneURI': null, - 'agentAddress': null, - 'agentHostName': null, - 'agentId': null, - 'agentMacAddress': null, - 'agentReceiptTime': null, - 'agentType': null, - 'agentTimeZone': null, - 'agentVersion': null, - 'customerExternalID': null, - 'customerURI': null, + agentTranslatedZoneURI: null, + agentZoneExternalID: null, + agentZoneURI: null, + agentAddress: null, + agentHostName: null, + agentId: null, + agentMacAddress: null, + agentReceiptTime: null, + agentType: null, + agentTimeZone: null, + agentVersion: null, + customerExternalID: null, + customerURI: null, 'destinationTranslated ZoneExternalID': null, 'destinationTranslated ZoneURI': null, - 'destinationZoneExternalID': null, - 'destinationZoneURI': null, + destinationZoneExternalID: null, + destinationZoneURI: null, 'deviceTranslatedZone ExternalID': null, - 'deviceTranslatedZoneURI': null, - 'deviceZoneExternalID': null, - 'deviceZoneURI': null, - 'destinationGeoLatitude': null, - 'destinationGeoLongitude': null, - 'eventId': null, - 'rawEvent': null, - 'sourceGeoLatitude': null, - 'sourceGeoLongitude': null, + deviceTranslatedZoneURI: null, + deviceZoneExternalID: null, + deviceZoneURI: null, + destinationGeoLatitude: null, + destinationGeoLongitude: null, + eventId: null, + rawEvent: null, + sourceGeoLatitude: null, + sourceGeoLongitude: null, 'sourceTranslatedZone ExternalID': null, - 'sourceTranslatedZoneURI': null, - 'sourceZoneExternalID': null, - 'sourceZoneURI': null, + sourceTranslatedZoneURI: null, + sourceZoneExternalID: null, + sourceZoneURI: null, }; if (options.server) { if (options.server.constructor__) { @@ -2393,167 +2419,1168 @@ class CEF { * @public * @return {Promise} - True if validated * @throws {Error} - First element to fail validation - */ - validate () { - return new Promise ((resolve, reject) => { + */ + validate() { + return new Promise((resolve, reject) => { const Extensions = { - 'deviceAction': {key: 'act', type:'String', len:63, discription: 'Action taken by the device.'}, - 'applicationProtocol': {key: 'app', type:'String', len:31, discription: 'Application level protocol, example values are HTTP, HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.'}, - 'deviceCustomIPv6Address1': {key: 'c6a1', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6 Address1Label': {key: 'c6a1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomIPv6Address3': {key: 'c6a3', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6Address3 Label': {key: 'c6a3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomIPv6 Address4': {key: 'c6a4', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6 Address4Label': {key: 'C6a4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceEventCategory': {key: 'cat', type:'String', len:1023, discription: 'Represents the category assigned by the originating device. Devices often use their own categorization schema to classify event. Example: “/Monitor/Disk/Read”'}, - 'deviceCustomFloatingPoint1': {key: 'cfp1', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint1Label': {key: 'cfp1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint2': {key: 'cfp2', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustomFloatingPoint2 Label': {key: 'cfp2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint3': {key: 'cfp3', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint3Label': {key: 'cfp3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint4': {key: 'cfp4', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint4Label': {key: 'cfp4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomNumber1': {key: 'cn1', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber1Label': {key: 'cn1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'DeviceCustomNumber2': {key: 'cn2', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber2Label': {key: 'cn2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomNumber3': {key: 'cn3', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber3Label': {key: 'cn3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'baseEventCount': {key: 'cnt', type:'Number', len:null, discription: 'A count associated with this event. How many times was this same event observed? Count can be omitted if it is 1.'}, - 'deviceCustomString1': {key: 'cs1', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString1Label': {key: 'cs1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString2': {key: 'cs2', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString2Label': {key: 'cs2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString3': {key: 'cs3', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString3Label': {key: 'cs3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString4': {key: 'cs4', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString4Label': {key: 'cs4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString5': {key: 'cs5', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString5Label': {key: 'cs5Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString6': {key: 'cs6', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString6Label': {key: 'cs6Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'destinationDnsDomain': {key: 'destination DnsDomain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'destinationServiceName': {key: 'destination ServiceName', type:'String', len:1023, discription: 'The service targeted by this event. Example: “sshd”'}, - 'destinationTranslated Address': {key: 'Destination Translated Address', type:'String', len:null, discription: 'Identifies the translated destination that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'destinationTranslatedPort': {key: 'Destination TranslatedPort', type:'Number', len:null, discription: 'Port after it was translated; for example, a firewall. Valid port numbers are 0 to 65535.'}, - 'deviceCustomDate1': {key: 'deviceCustom Date1', type:'String', len:null, discription: 'One of two timestamp fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomDate1Label': {key: 'deviceCustom Date1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomDate2': {key: 'deviceCustom Date2', type:'String', len:null, discription: 'One of two timestamp fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomDate2Label': {key: 'deviceCustom Date2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceDirection': {key: 'deviceDirection', type:'Number', len:null, discription: 'Any information about what direction the observed communication has taken. The following values are supported: “0” for inbound or “1” for outbound'}, - 'deviceDnsDomain': {key: 'deviceDns Domain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'deviceExternalId': {key: 'device ExternalId', type:'String', len:255, discription: 'A name that uniquely identifies the device generating this event.'}, - 'deviceFacility': {key: 'deviceFacility', type:'String', len:1023, discription: 'The facility generating this event. For example, Syslog has an explicit facility associated with every event.'}, - 'deviceInboundInterface': {key: 'deviceInbound Interface', type:'String', len:128, discription: 'Interface on which the packet or data entered the device.'}, - 'deviceNtDomain': {key: 'deviceNt Domain', type:'String', len:255, discription: 'The Windows domain name of the device address.'}, - 'deviceOutboundInterface': {key: 'Device Outbound Interface', type:'String', len:128, discription: 'Interface on which the packet or data left the device.'}, - 'devicePayloadId': {key: 'Device PayloadId', type:'String', len:128, discription: 'Unique identifier for the payload associated with the event.'}, - 'deviceProcessName': {key: 'deviceProcess Name', type:'String', len:1023, discription: 'Process name associated with the event. An example might be the process generating the syslog entry in UNIX.'}, - 'deviceTranslatedAddress': {key: 'device Translated Address', type:'String', len:null, discription: 'Identifies the translated device address that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'destinationHostName': {key: 'dhost', type:'String', len:1023, discription: 'Identifies the destination that an event refers to in an IP network. The format should be a fully qualified domain name (FQDN) associated with the destination node, when a node is available. Examples: “host.domain.com” or “host”.'}, - 'destinationMacAddress': {key: 'dmac', type:'String', len:null, discription: 'Six colon-seperated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'destinationNtDomain': {key: 'dntdom', type:'String', len:255, discription: 'The Windows domain name of the destination address.'}, - 'destinationProcessId': {key: 'dpid', type:'Number', len:null, discription: 'Provides the ID of the destination process associated with the event. For example, if an event contains process ID 105, “105” is the process ID.'}, - 'destinationUserPrivileges': {key: 'dpriv', type:'String', len:1023, discription: 'The typical values are “Administrator”, “User”, and “Guest”. This identifies the destination user’s privileges. In UNIX, for example, activity executed on the root user would be identified with destinationUser Privileges of “Administrator”.'}, - 'destinationProcessName': {key: 'dproc', type:'String', len:1023, discription: 'The name of the event’s destination process. Example: “telnetd” or “sshd”.'}, - 'destinationPort': {key: 'dpt', type:'Number', len:null, discription: 'The valid port numbers are between 0 and 65535.'}, - 'destinationAddress': {key: 'dst', type:'String', len:null, discription: 'Identifies the destination address that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'deviceTimeZone': {key: 'dtz', type:'String', len:255, discription: 'The timezone for the device generating the event.'}, - 'destinationUserId': {key: 'duid', type:'String', len:1023, discription: 'Identifies the destination user by ID. For example, in UNIX, the root user is generally associated with user ID 0.'}, - 'destinationUserName': {key: 'duser', type:'String', len:1023, discription: 'Identifies the destination user by name. This is the user associated with the event’s destination. Email addresses are often mapped into the UserName fields. The recipient is a candidate to put into this field.'}, - 'deviceAddress': {key: 'dvc', type:'String', len:null, discription: 'Identifies the device address that an event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'deviceHostName': {key: 'dvchost', type:'String', len:100, discription: 'The format should be a fully qualified domain name (FQDN) associated with the device node, when a node is available. Example: “host.domain.com” or “host”.'}, - 'deviceMacAddress': {key: 'dvcmac', type:'String', len:null, discription: 'Six colon-separated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'deviceProcessId': {key: 'dvcpid', type:'Number', len:null, discription: 'Provides the ID of the process on the device generating the event.'}, - 'endTime': {key: 'end', type:'String', len:null, discription: 'The time at which the activity related to the event ended. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st1970). An example would be reporting the end of a session.'}, - 'externalId': {key: 'externalId', type:'String', len:40, discription: 'The ID used by an originating device. They are usually increasing numbers, associated with events.'}, - 'fileCreateTime': {key: 'fileCreateTime', type:'String', len:null, discription: 'Time when the file was created.'}, - 'fileHash': {key: 'fileHash', type:'String', len:255, discription: 'Hash of a file.'}, - 'fileId': {key: 'fileId', type:'String', len:1023, discription: 'An ID associated with a file could be the inode.'}, - 'fileModificationTime': {key: 'fileModification Time', type:'String', len:null, discription: 'Time when the file was last modified.'}, - 'filePath': {key: 'filePath', type:'String', len:1023, discription: 'Full path to the file, including file name itself. Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe or /usr/bin/zip'}, - 'filePermission': {key: 'filePermission', type:'String', len:1023, discription: 'Permissions of the file.'}, - 'fileType': {key: 'fileType', type:'String', len:1023, discription: 'Type of file (pipe, socket, etc.)'}, - 'flexDate1': {key: 'flexDate1', type:'String', len:null, discription: 'A timestamp field available to map a timestamp that does not apply to any other defined timestamp field in this dictionary. Use all flex fields sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexDate1Label': {key: 'flexDate1Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'flexString1': {key: 'flexString1', type:'String', len:1023, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexString1Label': {key: 'flexString1 Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'flexString2': {key: 'flexString2', type:'String', len:1023, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexString2Label': {key: 'flex String2Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'filename': {key: 'fname', type:'String', len:1023, discription: 'Name of the file only (without its path).'}, - 'fileSize': {key: 'fsize', type:'Number', len:null, discription: 'Size of the file.'}, - 'bytesIn': {key: 'in', type:'Number', len:null, discription: 'Number of bytes transferred inbound, relative to the source to destination relationship, meaning that data was flowing from source to destination.'}, - 'message': {key: 'msg', type:'String', len:1023, discription: 'An arbitrary message giving more details about the event. Multi-line entries can be produced by using \n as the new line separator.'}, - 'oldFileCreateTime': {key: 'oldFileCreate Time', type:'String', len:null, discription: 'Time when old file was created.'}, - 'oldFileHash': {key: 'oldFileHash', type:'String', len:255, discription: 'Hash of the old file.'}, - 'oldFileId': {key: 'oldFileId', type:'String', len:1023, discription: 'An ID associated with the old file could be the inode.'}, - 'oldFileModificationTime': {key: 'oldFile Modification Time', type:'String', len:null, discription: 'Time when old file was last modified.'}, - 'oldFileName': {key: 'oldFileName', type:'String', len:1023, discription: 'Name of the old file.'}, - 'oldFilePath': {key: 'oldFilePath', type:'String', len:1023, discription: 'Full path to the old fiWindowsNT\Accessories le, including the file name itself. Examples: c:\Program Files\wordpad.exe or /usr/bin/zip'}, - 'oldFileSize': {key: 'oldFileSize', type:'Number', len:null, discription: 'Size of the old file.'}, - 'oldFileType': {key: 'oldFileType', type:'String', len:1023, discription: 'Type of the old file (pipe, socket, etc.)'}, - 'bytesOut': {key: 'out', type:'Number', len:null, discription: 'Number of bytes transferred outbound relative to the source to destination relationship. For example, the byte number of data flowing from the destination to the source.'}, - 'eventOutcome': {key: 'outcome', type:'String', len:63, discription: 'Displays the outcome, usually as ‘success’ or ‘failure’.'}, - 'transportProtocol': {key: 'proto', type:'String', len:31, discription: 'Identifies the Layer-4 protocol used. The possible values are protocols such as TCP or UDP.'}, - 'Reason': {key: 'reason', type:'String', len:1023, discription: 'The reason an audit event was generated. For example “badd password” or “unknown user”. This could also be an error or return code. Example: “0x1234”'}, - 'requestUrl': {key: 'request', type:'String', len:1023, discription: 'In the case of an HTTP request, this field contains the URL accessed. The URL should contain the protocol as well. Example: “http://www/secure.com”'}, - 'requestClientApplication': {key: 'requestClient Application', type:'String', len:1023, discription: 'The User-Agent associated with the request.'}, - 'requestContext': {key: 'requestContext', type:'String', len:2048, discription: 'Description of the content from which the request originated (for example, HTTP Referrer)'}, - 'requestCookies': {key: 'requestCookies', type:'String', len:1023, discription: 'Cookies associated with the request.'}, - 'requestMethod': {key: 'requestMethod', type:'String', len:1023, discription: 'The method used to access a URL. Possible values: “POST”, “GET”, etc.'}, - 'deviceReceiptTime': {key: 'rt', type:'String', len:null, discription: 'The time at which the event related to the activity was received. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st 1970)'}, - 'sourceHostName': {key: 'shost', type:'String', len:1023, discription: 'Identifies the source that an event refers to in an IP network. The format should be a fully qualified domain name (DQDN) associated with the source node, when a mode is available. Examples: “host” or “host.domain.com”.'}, - 'sourceMacAddress': {key: 'smac', type:'String', len:null, discription: 'Six colon-separated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'sourceNtDomain': {key: 'sntdom', type:'String', len:255, discription: 'The Windows domain name for the source address.'}, - 'sourceDnsDomain': {key: 'sourceDns Domain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'sourceServiceName': {key: 'source ServiceName', type:'String', len:1023, discription: 'The service that is responsible for generating this event.'}, - 'sourceTranslatedAddress': {key: 'source Translated Address', type:'String', len:null, discription: 'Identifies the translated source that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'sourceTranslatedPort': {key: 'source TranslatedPort', type:'Number', len:null, discription: 'A port number after being translated by, for example, a firewall. Valid port numbers are 0 to 65535.'}, - 'sourceProcessId': {key: 'spid', type:'Number', len:null, discription: 'The ID of the source process associated with the event.'}, - 'sourceUserPrivileges': {key: 'spriv', type:'String', len:1023, discription: 'The typical values are “Administrator”, “User”, and “Guest”. It identifies the source user’s privileges. In UNIX, for example, activity executed by the root user would be identified with “Administrator”.'}, - 'sourceProcessName': {key: 'sproc', type:'String', len:1023, discription: 'The name of the event’s source process.'}, - 'sourcePort': {key: 'spt', type:'Number', len:null, discription: 'The valid port numbers are 0 to 65535.'}, - 'sourceAddress': {key: 'src', type:'String', len:null, discription: 'Identifies the source that an event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'startTime': {key: 'start', type:'String', len:null, discription: 'The time when the activity the event referred to started. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st 1970)'}, - 'sourceUserId': {key: 'suid', type:'String', len:1023, discription: 'Identifies the source user by ID. This is the user associated with the source of the event. For example, in UNIX, the root user is generally associated with user ID 0.'}, - 'sourceUserName': {key: 'suser', type:'String', len:1023, discription: 'Identifies the source user by name. Email addresses are also mapped into the UserName fields. The sender is a candidate to put into this field.'}, - 'type': {key: 'type', type:'Number', len:null, discription: '0 means base event, 1 means aggregated, 2 means correlation, and 3 means action. This field can be omitted for base events (type 0).'}, - 'agentDnsDomain': {key: 'agentDns Domain', type:'String', len:255, discription: 'The DNS domain name of the ArcSight connector that processed the event.'}, - 'agentNtDomain': {key: 'agentNtDomain', type:'String', len:255, discription: ''}, - 'agentTranslatedAddress': {key: 'agentTranslated Address', type:'String', len:null, discription: ''}, - 'agentTranslatedZone ExternalID': {key: 'agentTranslated ZoneExternalID', type:'String', len:200, discription: ''}, - 'agentTranslatedZoneURI': {key: 'agentTranslated Zone URI', type:'String', len:2048, discription: ''}, - 'agentZoneExternalID': {key: 'agentZone ExternalID', type:'String', len:200, discription: ''}, - 'agentZoneURI': {key: 'agentZoneURI', type:'String', len:2048, discription: ''}, - 'agentAddress': {key: 'agt', type:'String', len:null, discription: 'The IP address of the ArcSight connector that processed the event.'}, - 'agentHostName': {key: 'ahost', type:'String', len:1023, discription: 'The hostname of the ArcSight connector that processed the event.'}, - 'agentId': {key: 'aid', type:'String', len:40, discription: 'The agent ID of the ArcSight connector that processed the event.'}, - 'agentMacAddress': {key: 'amac', type:'String', len:null, discription: 'The MAC address of the ArcSight connector that processed the event.'}, - 'agentReceiptTime': {key: 'art', type:'String', len:null, discription: 'The time at which information about the event was received by the ArcSight connector.'}, - 'agentType': {key: 'at', type:'String', len:63, discription: 'The agent type of the ArcSight connector that processed the event'}, - 'agentTimeZone': {key: 'atz', type:'String', len:255, discription: 'The agent time zone of the ArcSight connector that processed the event.'}, - 'agentVersion': {key: 'av', type:'String', len:31, discription: 'The version of the ArcSight connector that processed the event.'}, - 'customerExternalID': {key: 'customer ExternalID', type:'String', len:200, discription: ''}, - 'customerURI': {key: 'customerURI', type:'String', len:2048, discription: ''}, - 'destinationTranslated ZoneExternalID': {key: 'destination TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'destinationTranslated ZoneURI': {key: 'destination Translated ZoneURI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the destination asset has been assigned to in ArcSight.'}, - 'destinationZoneExternalID': {key: 'destinationZone ExternalID', type:'String', len:200, discription: ''}, - 'destinationZoneURI': {key: 'destinationZone URI', type:'String', len:2048, discription: 'The URI for the Zone that the destination asset has been assigned to in ArcSight.'}, - 'deviceTranslatedZone ExternalID': {key: 'device TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'deviceTranslatedZoneURI': {key: 'device TranslatedZone URI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the device asset has been assigned to in ArcSight.'}, - 'deviceZoneExternalID': {key: 'deviceZone ExternalID', type:'String', len:200, discription: ''}, - 'deviceZoneURI': {key: 'deviceZoneURI', type:'String', len:2048, discription: 'Thee URI for the Zone that the device asset has been assigned to in ArcSight.'}, - 'destinationGeoLatitude': {key: 'dlat', type:'Number', len:null, discription: 'The latitudinal value from which the destination’s IP address belongs.'}, - 'destinationGeoLongitude': {key: 'dlong', type:'Number', len:null, discription: 'The longitudinal value from which the destination’s IP address belongs.'}, - 'eventId': {key: 'eventId', type:'Number', len:null, discription: 'This is a unique ID that ArcSight assigns to each event.'}, - 'rawEvent': {key: 'rawEvent', type:'String', len:4000, discription: ''}, - 'sourceGeoLatitude': {key: 'slat', type:'Number', len:null, discription: ''}, - 'sourceGeoLongitude': {key: 'slong', type:'Number', len:null, discription: ''}, - 'sourceTranslatedZone ExternalID': {key: 'source TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'sourceTranslatedZoneURI': {key: 'source TranslatedZone URI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the destination asset has been assigned to in ArcSight.'}, - 'sourceZoneExternalID': {key: 'sourceZone ExternalID', type:'String', len:200, discription: ''}, - 'sourceZoneURI': {key: 'sourceZoneURI', type:'String', len:2048, discription: 'The URI for the Zone that the source asset has been assigned to in ArcSight.'}, + deviceAction: { + key: 'act', + type: 'String', + len: 63, + discription: 'Action taken by the device.', + }, + applicationProtocol: { + key: 'app', + type: 'String', + len: 31, + discription: 'Application level protocol, example values are HTTP, ' + + 'HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.', + }, + deviceCustomIPv6Address1: { + key: 'c6a1', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6 Address1Label': { + key: 'c6a1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomIPv6Address3: { + key: 'c6a3', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6Address3 Label': { + key: 'c6a3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + 'deviceCustomIPv6 Address4': { + key: 'c6a4', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6 Address4Label': { + key: 'C6a4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceEventCategory: { + key: 'cat', + type: 'String', + len: 1023, + discription: 'Represents the category assigned by the originating ' + + 'device. Devices often use their own categorization schema to ' + + 'classify event. Example: “/Monitor/Disk/Read”', + }, + deviceCustomFloatingPoint1: { + key: 'cfp1', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint1Label': { + key: 'cfp1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint2: { + key: 'cfp2', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustomFloatingPoint2 Label': { + key: 'cfp2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint3: { + key: 'cfp3', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint3Label': { + key: 'cfp3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint4: { + key: 'cfp4', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint4Label': { + key: 'cfp4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomNumber1: { + key: 'cn1', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber1Label: { + key: 'cn1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + DeviceCustomNumber2: { + key: 'cn2', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber2Label: { + key: 'cn2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomNumber3: { + key: 'cn3', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber3Label: { + key: 'cn3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + baseEventCount: { + key: 'cnt', + type: 'Number', + len: null, + discription: 'A count associated with this event. How many times ' + + 'was this same event observed? Count can be omitted if it is 1.', + }, + deviceCustomString1: { + key: 'cs1', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString1Label: { + key: 'cs1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString2: { + key: 'cs2', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString2Label: { + key: 'cs2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString3: { + key: 'cs3', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString3Label: { + key: 'cs3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString4: { + key: 'cs4', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString4Label: { + key: 'cs4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString5: { + key: 'cs5', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString5Label: { + key: 'cs5Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString6: { + key: 'cs6', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString6Label: { + key: 'cs6Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + destinationDnsDomain: { + key: 'destination DnsDomain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + destinationServiceName: { + key: 'destination ServiceName', + type: 'String', + len: 1023, + discription: 'The service targeted by this event. Example: “sshd”', + }, + 'destinationTranslated Address': { + key: 'Destination Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated destination that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”', + }, + destinationTranslatedPort: { + key: 'Destination TranslatedPort', + type: 'Number', + len: null, + discription: 'Port after it was translated; for example, a ' + + 'firewall. Valid port numbers are 0 to 65535.', + }, + deviceCustomDate1: { + key: 'deviceCustom Date1', + type: 'String', + len: null, + discription: 'One of two timestamp fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomDate1Label: { + key: 'deviceCustom Date1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomDate2: { + key: 'deviceCustom Date2', + type: 'String', + len: null, + discription: 'One of two timestamp fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomDate2Label: { + key: 'deviceCustom Date2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceDirection: { + key: 'deviceDirection', + type: 'Number', + len: null, + discription: 'Any information about what direction the observed ' + + 'communication has taken. The following values are supported: ' + + '“0” for inbound or “1” for outbound', + }, + deviceDnsDomain: { + key: 'deviceDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + deviceExternalId: { + key: 'device ExternalId', + type: 'String', + len: 255, + discription: 'A name that uniquely identifies the device ' + + 'generating this event.', + }, + deviceFacility: { + key: 'deviceFacility', + type: 'String', + len: 1023, + discription: 'The facility generating this event. For example, ' + + 'Syslog has an explicit facility associated with every event.', + }, + deviceInboundInterface: { + key: 'deviceInbound Interface', + type: 'String', + len: 128, + discription: 'Interface on which the packet or data entered the ' + + 'device.', + }, + deviceNtDomain: { + key: 'deviceNt Domain', + type: 'String', + len: 255, + discription: 'The Windows domain name of the device address.', + }, + deviceOutboundInterface: { + key: 'Device Outbound Interface', + type: 'String', + len: 128, + discription: 'Interface on which the packet or data left the ' + + 'device.', + }, + devicePayloadId: { + key: 'Device PayloadId', + type: 'String', + len: 128, + discription: 'Unique identifier for the payload associated with ' + + 'the event.', + }, + deviceProcessName: { + key: 'deviceProcess Name', + type: 'String', + len: 1023, + discription: 'Process name associated with the event. An example ' + + 'might be the process generating the syslog entry in UNIX.', + }, + deviceTranslatedAddress: { + key: 'device Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated device address that the ' + + 'event refers to in an IP network. The format is an IPv4 ' + + 'address. Example: “192.168.10.1”', + }, + destinationHostName: { + key: 'dhost', + type: 'String', + len: 1023, + discription: 'Identifies the destination that an event refers to ' + + 'in an IP network. The format should be a fully qualified ' + + 'domain name (FQDN) associated with the destination node, when ' + + 'a node is available. Examples: “host.domain.com” or “host”.', + }, + destinationMacAddress: { + key: 'dmac', + type: 'String', + len: null, + discription: 'Six colon-seperated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + destinationNtDomain: { + key: 'dntdom', + type: 'String', + len: 255, + discription: 'The Windows domain name of the destination address.', + }, + destinationProcessId: { + key: 'dpid', + type: 'Number', + len: null, + discription: 'Provides the ID of the destination process ' + + 'associated with the event. For example, if an event contains ' + + 'process ID 105, 105” is the process ID.', + }, + destinationUserPrivileges: { + key: 'dpriv', + type: 'String', + len: 1023, + discription: 'The typical values are “Administrator”, “User”, and ' + + '“Guest”. This identifies the destination user’s privileges. ' + + 'In UNIX, for example, activity executed on the root user ' + + 'would be identified with destinationUser Privileges of ' + + '“Administrator”.', + }, + destinationProcessName: { + key: 'dproc', + type: 'String', + len: 1023, + discription: 'The name of the event’s destination process. ' + + 'Example: “telnetd” or “sshd”.', + }, + destinationPort: { + key: 'dpt', + type: 'Number', + len: null, + discription: 'The valid port numbers are between 0 and 65535.', + }, + destinationAddress: { + key: 'dst', + type: 'String', + len: null, + discription: 'Identifies the destination address that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”', + }, + deviceTimeZone: { + key: 'dtz', + type: 'String', + len: 255, + discription: 'The timezone for the device generating the event.', + }, + destinationUserId: { + key: 'duid', + type: 'String', + len: 1023, + discription: 'Identifies the destination user by ID. For example, ' + + 'in UNIX, the root user is generally associated with user ' + + 'ID 0.', + }, + destinationUserName: { + key: 'duser', + type: 'String', + len: 1023, + discription: 'Identifies the destination user by name. This is the ' + + 'user associated with the event’s destination. Email addresses ' + + 'are often mapped into the UserName fields. The recipient is a ' + + 'candidate to put into this field.', + }, + deviceAddress: { + key: 'dvc', + type: 'String', + len: null, + discription: 'Identifies the device address that an event refers ' + + 'to in an IP network. The format is an IPv4 address. Example: ' + + '“192.168.10.1”.', + }, + deviceHostName: { + key: 'dvchost', + type: 'String', + len: 100, + discription: 'The format should be a fully qualified domain name ' + + '(FQDN) associated with the device node, when a node is ' + + 'available. Example: “host.domain.com” or “host”.', + }, + deviceMacAddress: { + key: 'dvcmac', + type: 'String', + len: null, + discription: 'Six colon-separated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + deviceProcessId: { + key: 'dvcpid', + type: 'Number', + len: null, + discription: 'Provides the ID of the process on the device ' + + 'generating the event.', + }, + endTime: { + key: 'end', + type: 'String', + len: null, + discription: 'The time at which the activity related to the event ' + + 'ended. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + + 'since epoch (Jan 1st1970). An example would be reporting the ' + + 'end of a session.', + }, + externalId: { + key: 'externalId', + type: 'String', + len: 40, + discription: 'The ID used by an originating device. They are ' + + 'usually increasing numbers, associated with events.', + }, + fileCreateTime: { + key: 'fileCreateTime', + type: 'String', + len: null, + discription: 'Time when the file was created.', + }, + fileHash: { + key: 'fileHash', + type: 'String', + len: 255, + discription: 'Hash of a file.', + }, + fileId: { + key: 'fileId', + type: 'String', + len: 1023, + discription: 'An ID associated with a file could be the inode.', + }, + fileModificationTime: { + key: 'fileModification Time', + type: 'String', + len: null, + discription: 'Time when the file was last modified.', + }, + filePath: { + key: 'filePath', + type: 'String', + len: 1023, + discription: 'Full path to the file, including file name itself. ' + + 'Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe ' + + 'or /usr/bin/zip', + }, + filePermission: { + key: 'filePermission', + type: 'String', + len: 1023, + discription: 'Permissions of the file.', + }, + fileType: { + key: 'fileType', + type: 'String', + len: 1023, + discription: 'Type of file (pipe, socket, etc.)', + }, + flexDate1: { + key: 'flexDate1', + type: 'String', + len: null, + discription: 'A timestamp field available to map a timestamp that ' + + 'does not apply to any other defined timestamp field in this ' + + 'dictionary. Use all flex fields sparingly and seek a more ' + + 'specific, dictionary supplied field when possible. These ' + + 'fields are typically reserved for customer use and should not ' + + 'be set by vendors unless necessary.', + }, + flexDate1Label: { + key: 'flexDate1Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + flexString1: { + key: 'flexString1', + type: 'String', + len: 1023, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. These fields are typically reserved for ' + + 'customer use and should not be set by vendors unless ' + + 'necessary.', + }, + flexString1Label: { + key: 'flexString1 Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + flexString2: { + key: 'flexString2', + type: 'String', + len: 1023, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. These fields are typically reserved for ' + + 'customer use and should not be set by vendors unless ' + + 'necessary.', + }, + flexString2Label: { + key: 'flex String2Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + filename: { + key: 'fname', + type: 'String', + len: 1023, + discription: 'Name of the file only (without its path).', + }, + fileSize: { + key: 'fsize', + type: 'Number', + len: null, + discription: 'Size of the file.', + }, + bytesIn: { + key: 'in', + type: 'Number', + len: null, + discription: 'Number of bytes transferred inbound, relative to the ' + + 'source to destination relationship, meaning that data was ' + + 'flowing from source to destination.', + }, + message: { + key: 'msg', + type: 'String', + len: 1023, + discription: 'An arbitrary message giving more details about the ' + + 'event. Multi-line entries can be produced by using \n as the ' + + 'new line separator.', + }, + oldFileCreateTime: { + key: 'oldFileCreate Time', + type: 'String', + len: null, + discription: 'Time when old file was created.', + }, + oldFileHash: { + key: 'oldFileHash', + type: 'String', + len: 255, + discription: 'Hash of the old file.', + }, + oldFileId: { + key: 'oldFileId', + type: 'String', + len: 1023, + discription: 'An ID associated with the old file could be the ' + + 'inode.', + }, + oldFileModificationTime: { + key: 'oldFile Modification Time', + type: 'String', + len: null, + discription: 'Time when old file was last modified.', + }, + oldFileName: { + key: 'oldFileName', + type: 'String', + len: 1023, + discription: 'Name of the old file.', + }, + oldFilePath: { + key: 'oldFilePath', + type: 'String', + len: 1023, + discription: 'Full path to the old fiWindowsNT\\Accessories le, ' + + 'including the file name itself. Examples: c:\\Program ' + + 'Files\\wordpad.exe or /usr/bin/zip', + }, + oldFileSize: { + key: 'oldFileSize', + type: 'Number', + len: null, + discription: 'Size of the old file.', + }, + oldFileType: { + key: 'oldFileType', + type: 'String', + len: 1023, + discription: 'Type of the old file (pipe, socket, etc.)', + }, + bytesOut: { + key: 'out', + type: 'Number', + len: null, + discription: 'Number of bytes transferred outbound relative to the ' + + 'source to destination relationship. For example, the byte ' + + 'number of data flowing from the destination to the source.', + }, + eventOutcome: { + key: 'outcome', + type: 'String', + len: 63, + discription: 'Displays the outcome, usually as ‘success’ or ' + + '‘failure’.', + }, + transportProtocol: { + key: 'proto', + type: 'String', + len: 31, + discription: 'Identifies the Layer-4 protocol used. The possible ' + + 'values are protocols such as TCP or UDP.', + }, + Reason: { + key: 'reason', + type: 'String', + len: 1023, + discription: 'The reason an audit event was generated. For ' + + 'example “badd password” or “unknown user”. This could also be ' + + 'an error or return code. Example: “0x1234”', + }, + requestUrl: { + key: 'request', + type: 'String', + len: 1023, + discription: 'In the case of an HTTP request, this field contains ' + + 'the URL accessed. The URL should contain the protocol as ' + + 'well. Example: “http://www/secure.com”', + }, + requestClientApplication: { + key: 'requestClient Application', + type: 'String', + len: 1023, + discription: 'The User-Agent associated with the request.', + }, + requestContext: { + key: 'requestContext', + type: 'String', + len: 2048, + discription: 'Description of the content from which the request ' + + 'originated (for example, HTTP Referrer)', + }, + requestCookies: { + key: 'requestCookies', + type: 'String', + len: 1023, + discription: 'Cookies associated with the request.', + }, + requestMethod: { + key: 'requestMethod', + type: 'String', + len: 1023, + discription: 'The method used to access a URL. Possible values: ' + + '“POST”, “GET”, etc.', + }, + deviceReceiptTime: { + key: 'rt', + type: 'String', + len: null, + discription: 'The time at which the event related to the activity ' + + 'was received. The format is MMM dd yyyy HH:mm:ss or ' + + 'milliseconds since epoch (Jan 1st 1970)', + }, + sourceHostName: { + key: 'shost', + type: 'String', + len: 1023, + discription: 'Identifies the source that an event refers to in an ' + + 'IP network. The format should be a fully qualified domain ' + + 'name (DQDN) associated with the source node, when a mode is ' + + 'available. Examples: “host” or “host.domain.com”.', + }, + sourceMacAddress: { + key: 'smac', + type: 'String', + len: null, + discription: 'Six colon-separated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + sourceNtDomain: { + key: 'sntdom', + type: 'String', + len: 255, + discription: 'The Windows domain name for the source address.', + }, + sourceDnsDomain: { + key: 'sourceDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + sourceServiceName: { + key: 'source ServiceName', + type: 'String', + len: 1023, + discription: 'The service that is responsible for generating this ' + + 'event.', + }, + sourceTranslatedAddress: { + key: 'source Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated source that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”.', + }, + sourceTranslatedPort: { + key: 'source TranslatedPort', + type: 'Number', + len: null, + discription: 'A port number after being translated by, for ' + + 'example, a firewall. Valid port numbers are 0 to 65535.', + }, + sourceProcessId: { + key: 'spid', + type: 'Number', + len: null, + discription: 'The ID of the source process associated with the ' + + 'event.', + }, + sourceUserPrivileges: { + key: 'spriv', + type: 'String', + len: 1023, + discription: 'The typical values are “Administrator”, “User”, and ' + + '“Guest”. It identifies the source user’s privileges. In UNIX, ' + + 'for example, activity executed by the root user would be ' + + 'identified with “Administrator”.', + }, + sourceProcessName: { + key: 'sproc', + type: 'String', + len: 1023, + discription: 'The name of the event’s source process.', + }, + sourcePort: { + key: 'spt', + type: 'Number', + len: null, + discription: 'The valid port numbers are 0 to 65535.', + }, + sourceAddress: { + key: 'src', + type: 'String', + len: null, + discription: 'Identifies the source that an event refers to in an ' + + 'IP network. The format is an IPv4 address. Example: ' + + '“192.168.10.1”.', + }, + startTime: { + key: 'start', + type: 'String', + len: null, + discription: 'The time when the activity the event referred to ' + + 'started. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + + 'since epoch (Jan 1st 1970)', + }, + sourceUserId: { + key: 'suid', + type: 'String', + len: 1023, + discription: 'Identifies the source user by ID. This is the user ' + + 'associated with the source of the event. For example, in ' + + 'UNIX, the root user is generally associated with user ID 0.', + }, + sourceUserName: { + key: 'suser', + type: 'String', + len: 1023, + discription: 'Identifies the source user by name. Email addresses ' + + 'are also mapped into the UserName fields. The sender is a ' + + 'candidate to put into this field.', + }, + type: { + key: 'type', + type: 'Number', + len: null, + discription: '0 means base event, 1 means aggregated, 2 means ' + + 'correlation, and 3 means action. This field can be omitted ' + + 'for base events (type 0).', + }, + agentDnsDomain: { + key: 'agentDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain name of the ArcSight connector that ' + + 'processed the event.', + }, + agentNtDomain: { + key: 'agentNtDomain', + type: 'String', + len: 255, + discription: '', + }, + agentTranslatedAddress: { + key: 'agentTranslated Address', + type: 'String', + len: null, + discription: '', + }, + 'agentTranslatedZone ExternalID': { + key: 'agentTranslated ZoneExternalID', + type: 'String', + len: 200, + discription: '', + }, + agentTranslatedZoneURI: { + key: 'agentTranslated Zone URI', + type: 'String', + len: 2048, + discription: '', + }, + agentZoneExternalID: { + key: 'agentZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + agentZoneURI: { + key: 'agentZoneURI', + type: 'String', + len: 2048, + discription: '', + }, + agentAddress: { + key: 'agt', + type: 'String', + len: null, + discription: 'The IP address of the ArcSight connector that ' + + 'processed the event.', + }, + agentHostName: { + key: 'ahost', + type: 'String', + len: 1023, + discription: 'The hostname of the ArcSight connector that ' + + 'processed the event.', + }, + agentId: { + key: 'aid', + type: 'String', + len: 40, + discription: 'The agent ID of the ArcSight connector that ' + + 'processed the event.', + }, + agentMacAddress: { + key: 'amac', + type: 'String', + len: null, + discription: 'The MAC address of the ArcSight connector that ' + + 'processed the event.', + }, + agentReceiptTime: { + key: 'art', + type: 'String', + len: null, + discription: 'The time at which information about the event was ' + + 'received by the ArcSight connector.', + }, + agentType: { + key: 'at', + type: 'String', + len: 63, + discription: 'The agent type of the ArcSight connector that ' + + 'processed the event', + }, + agentTimeZone: { + key: 'atz', + type: 'String', + len: 255, + discription: 'The agent time zone of the ArcSight connector that ' + + 'processed the event.', + }, + agentVersion: { + key: 'av', + type: 'String', + len: 31, + discription: 'The version of the ArcSight connector that processed ' + + 'the event.', + }, + customerExternalID: { + key: 'customer ExternalID', + type: 'String', + len: 200, + discription: '', + }, + customerURI: { + key: 'customerURI', + type: 'String', + len: 2048, + discription: '', + }, + 'destinationTranslated ZoneExternalID': { + key: 'destination TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + 'destinationTranslated ZoneURI': { + key: 'destination Translated ZoneURI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the destination ' + + 'asset has been assigned to in ArcSight.', + }, + destinationZoneExternalID: { + key: 'destinationZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + destinationZoneURI: { + key: 'destinationZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Zone that the destination asset has ' + + 'been assigned to in ArcSight.', + }, + 'deviceTranslatedZone ExternalID': { + key: 'device TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + deviceTranslatedZoneURI: { + key: 'device TranslatedZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the device ' + + 'asset has been assigned to in ArcSight.', + }, + deviceZoneExternalID: { + key: 'deviceZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + deviceZoneURI: { + key: 'deviceZoneURI', + type: 'String', + len: 2048, + discription: 'Thee URI for the Zone that the device asset has been ' + + 'assigned to in ArcSight.', + }, + destinationGeoLatitude: { + key: 'dlat', + type: 'Number', + len: null, + discription: 'The latitudinal value from which the ' + + 'destination’s IP address belongs.', + }, + destinationGeoLongitude: { + key: 'dlong', + type: 'Number', + len: null, + discription: 'The longitudinal value from which the destination’s ' + + 'IP address belongs.', + }, + eventId: { + key: 'eventId', + type: 'Number', + len: null, + discription: 'This is a unique ID that ArcSight assigns to each ' + + 'event.', + }, + rawEvent: { + key: 'rawEvent', + type: 'String', + len: 4000, + discription: '', + }, + sourceGeoLatitude: { + key: 'slat', + type: 'Number', + len: null, + discription: '', + }, + sourceGeoLongitude: { + key: 'slong', + type: 'Number', + len: null, + discription: '', + }, + 'sourceTranslatedZone ExternalID': { + key: 'source TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + sourceTranslatedZoneURI: { + key: 'source TranslatedZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the destination ' + + 'asset has been assigned to in ArcSight.', + }, + sourceZoneExternalID: { + key: 'sourceZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + sourceZoneURI: { + key: 'sourceZoneURI', + type: 'String', + len: 2048, + discription: 'The URI for the Zone that the source asset has been ' + + 'assigned to in ArcSight.' }, }; if (typeof this.deviceVendor !== 'string' || typeof this.deviceProduct !== 'string' @@ -2588,10 +3615,10 @@ class CEF { const cefExtsLen = cefExts.length; for (let ext = 0; ext < cefExtsLen; ext++) { if (cefExts[ext][1] !== null) { - if(Extensions[cefExts[ext][0]]) { + if (Extensions[cefExts[ext][0]]) { if (typeof cefExts[ext][1] === Extensions[cefExts[ext][0]] - .type - .toLowerCase()) { + .type + .toLowerCase()) { if (Extensions[cefExts[ext][0]].len > 0 && typeof cefExts[ext][1] === 'string' && cefExts[ext][1].length > Extensions[cefExts[ext][0]].len){ @@ -2621,9 +3648,10 @@ class CEF { * Build a CEF formated string * @public * @return {Promise} - String with formated message - */ - buildMessage () { - return new Promise((resolve, reject) => { + */ + buildMessage() { + return new Promise((resolve, + reject) => { let fmtMsg = 'CEF:0'; fmtMsg += '|' + this.deviceVendor; fmtMsg += '|' + this.deviceProduct; @@ -2632,7 +3660,7 @@ class CEF { fmtMsg += '|' + this.name; fmtMsg += '|' + this.severity; fmtMsg += '|'; - + const cefExts = Object.entries(this.extensions); const cefExtsLen = cefExts.length; for (let ext = 0; ext < cefExtsLen; ext++) { @@ -2646,11 +3674,12 @@ class CEF { /** * @public * @param {Syslog} [options=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - send (options) { - return new Promise((resolve, reject) => { + send(options) { + return new Promise((resolve, + reject) => { this.buildMessage() .then((result) => { if (!this.server) { @@ -2671,10 +3700,10 @@ class CEF { module.exports = { RgbToAnsi: rgbToAnsi, RFC3164: RFC3164, - RFC5424:RFC5424, + RFC5424: RFC5424, LEEF: LEEF, CEF: CEF, - Syslog: Syslog + Syslog: Syslog, }; diff --git a/docs/docco/index.html b/docs/docco/index.html index 8ea2e69..79d0595 100644 --- a/docs/docco/index.html +++ b/docs/docco/index.html @@ -35,13 +35,13 @@ /** * @fileoverview The SyslogPro module for sending syslog messages - * Most APIs will return a promise. These APIs can be used using + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` * - * Syslog formatting classes can be used as input into a Syslog class to be used + * Syslog formatting classes can be used as input into a Syslog class to be used * simultaneously to the same Syslog server. The Syslog Class with a configured - * Syslog server target can also be used as the input into each of the formatting - * classes so that they may run independently. + * Syslog server target can also be used as the input into each of the + * formatting classes so that they may run independently. * @author Craig Yamato <craig@kentik.com> * @copyright (c) 2018 - Craig Yamato * @version 0.1.0 @@ -50,12 +50,12 @@ * @exports CEF * @module SyslogPro */ -"use strict"; +'use strict'; const moment = require('moment'); -const os = require("os"); +const os = require('os'); const dns = require('dns'); let dnsPromises = dns.promises; -const fs = require("fs"); +const fs = require('fs'); /** * Format the ANSI foreground color code from a RGB hex code or ANSI color code @@ -65,9 +65,10 @@ * @returns {Promise} - The formatted ANSI color code * @throws {Error} - A Format Error */ -function rgbToAnsi (hex, extendedColor) { +function rgbToAnsi(hex, + extendedColor) { return new Promise((resolve, reject) => { - let colorCode = 0; // Var to hold color code + let colorCode = 0; // Var to hold color code @@ -90,7 +91,7 @@ } else if ((hex > 29 && hex < 38) || (hex > 89 && hex < 98)) { resolve(hex); } else { - reject (new Error('FORMAT ERROR: Color code not in range')); + reject(new Error('FORMAT ERROR: Color code not in range')); } } else { const r = parseInt(hexParts[1], 16); @@ -112,18 +113,18 @@ - 
  	        if (r < 8) {
-  		        colorCode = 16;
-  	        } else if (r > 248) {
-  		        colorCode = 231;
-  	        } else {
-  	          colorCode = Math.round(((r - 8) / 247) * 24) + 232;
-  	        }
+            
            if (r < 8) {
+              colorCode = 16;
+            } else if (r > 248) {
+              colorCode = 231;
+            } else {
+              colorCode = Math.round(((r - 8) / 247) * 24) + 232;
+            }
           } else {
             colorCode = 16
-  	            + (36 * Math.round(r / 255 * 5))
-  	            + (6 * Math.round(g / 255 * 5))
-  	            + Math.round(b / 255 * 5);
+                + (36 * Math.round(r / 255 * 5))
+                + (6 * Math.round(g / 255 * 5))
+                + Math.round(b / 255 * 5);
           }
         } else {
           colorCode = 30;
@@ -152,58 +153,58 @@
 }
 
 /**
- * A class to work with syslog messages using UDP, TCP, or TLS transport.  
- * There is support for Syslog message formatting RFC-3164, RFC-5424 including 
+ * A class to work with syslog messages using UDP, TCP, or TLS transport.
+ * There is support for Syslog message formatting RFC-3164, RFC-5424 including
  * Structured Data, IBM LEEF (Log Event Extended Format), and HP CEF (Common
  * Event Format).
- * Syslog formatting classes can be used as input into a Syslog class to be used 
- * simultaneously to the same Syslog server. * 
+ * Syslog formatting classes can be used as input into a Syslog class to be used
+ * simultaneously to the same Syslog server. *
  * @requires moment
  * @version 0.0.0
  * @since 0.0.0
  */
 class Syslog {
   /**
-   * Construct a new Syslog transport object with user options 
+   * Construct a new Syslog transport object with user options
    * @public
    * @version 0.0.0
    * @since 0.0.0
    * @this Syslog
    * @param {object} [options] - Options object
    * >>>Transport Configuration
-   * @param {string} [options.target='localhost'] - The IP Address|FQDN of the 
-   *    Syslog Server, this option if set will take presidents over any target 
+   * @param {string} [options.target='localhost'] - The IP Address|FQDN of the
+   *    Syslog Server, this option if set will take presidents over any target
    *    set in a formatting object
-   * @param {string} [options.protocol='udp'] - L4 transport protocol 
-   *    (udp|tcp|tls), this option if set will take presidents over any transport 
-   *    set in a formatting object
-   * @param {number} [options.port=514] - IP port, this option if set will take 
+   * @param {string} [options.protocol='udp'] - L4 transport protocol
+   *    (udp|tcp|tls), this option if set will take presidents over any
+   *    transport set in a formatting object
+   * @param {number} [options.port=514] - IP port, this option if set will take
    *    presidents over any IP Port set in a formatting object
-   * @param {number} [options.tcpTimeout=10000] - Ignored for all other 
-   *    transports, this option if set will take presidents over any timeout 
+   * @param {number} [options.tcpTimeout=10000] - Ignored for all other
+   *    transports, this option if set will take presidents over any timeout
    *    set in a formatting object
    * @param {string[]} [options.tlsServerCerts] - Array of authorized TLS server
-   *    certificates file locations, this option if set will take presidents 
+   *    certificates file locations, this option if set will take presidents
    *    over any certificates set in a formatting object
-   * @param {string} [options.tlsClientCert] - Client TLS certificate file 
-   *    location that this client should use, this option if set will take 
+   * @param {string} [options.tlsClientCert] - Client TLS certificate file
+   *    location that this client should use, this option if set will take
    *    presidents over any certificates set in a formatting object
-   * @param {string} [options.tlsClientKey] - Client TLS key file 
-   *    location that this client should use, this option if set will take 
+   * @param {string} [options.tlsClientKey] - Client TLS key file
+   *    location that this client should use, this option if set will take
    *    presidents over any certificates set in a formatting object
    * >>>Syslog Format Settings
-   * @param {string} [options.format='none'] - Valid syslog format options for 
+   * @param {string} [options.format='none'] - Valid syslog format options for
    *    this module are 'none', 'rfc3164', 'rfc5424', 'leef', 'cef'
    * @param {RFC3164} [options.rfc5424] - {@link module:SyslogPro~RFC5424|
    *    RFC5424 related settings}
    * @param {RFC5424} [options.rfc5424] - {@link module:SyslogPro~RFC5424|
    *    RFC5424 related settings}
-   * @param {LEEF} [options.leef] - {@link module:SyslogPro~LEEF|IBM LEEF 
-   *    (Log Event Extended Format) object} 
-   * @param {CEF} [options.cef] - {@link module:SyslogPro~CEF|HP CEF 
-   *    (Common Event Format) formatting object} 
+   * @param {LEEF} [options.leef] - {@link module:SyslogPro~LEEF|IBM LEEF
+   *    (Log Event Extended Format) object}
+   * @param {CEF} [options.cef] - {@link module:SyslogPro~CEF|HP CEF
+   *    (Common Event Format) formatting object}
    */
-  constructor (options) {
+  constructor(options) {
     this.constructor__ = true;
     if (!options) {
       options = {};
@@ -231,21 +232,21 @@
     this.port = options.port || 514;
     /** @type {number} */
     this.tcpTimeout = options.tcpTimeout || 10000;
-    if ((typeof options.tlsServerCerts === 'object' 
+    if ((typeof options.tlsServerCerts === 'object'
         && Array.isArray(options.tlsServerCerts))
         || typeof options.tlsServerCerts === 'string') {
-      this.addTlsServerCerts(options.tlsServerCerts);  
+      this.addTlsServerCerts(options.tlsServerCerts);
     } else {
       /** @type {string[]} */
       this.tlsServerCerts = [];
     }
     if (options.tlsClientCert) {
       /** @type {string} */
-      this.tlsClientCert = options.tlsClientCert; 
+      this.tlsClientCert = options.tlsClientCert;
     }
     if (options.tlsClientKey) {
       /** @type {string} */
-      this.tlsClientKey = options.tlsClientKey; 
+      this.tlsClientKey = options.tlsClientKey;
     }

             
         
@@ -312,9 +313,9 @@
       this.cef = new CEF();
     }
   }
-  
+
   /**
-   * Add a TLS server certificate which can be used to authenticate the server 
+   * Add a TLS server certificate which can be used to authenticate the server
    * this syslog client is connecting too.  This function will validate the
    * input as a file location string and add it to an array of certificates
    * @private
@@ -324,7 +325,7 @@
    * @returns {Promise} - True
    * @throws {Error} - A Type Error
    */
-  addTlsServerCerts (certs) {
+  addTlsServerCerts(certs) {
     return new Promise((resolve, reject) => {
       if (typeof certs === 'object' && Array.isArray(certs)) {
         /** @private @type {string[]} */
@@ -332,7 +333,8 @@
       } else if (typeof certs === 'string') {
         this.tlsServerCerts = [certs];
       } else {
-        let errMsg = 'TYPE ERROR: Server Cert file locations should be a string';
+        let errMsg =
+            'TYPE ERROR: Server Cert file locations should be a string';
         errMsg += ' or array of strings';
         reject(new Error(errMsg));
       }
@@ -346,16 +348,8 @@
    * @returns {Promise} - The Syslog formatted string sent
    * @throws {Error} - Network Error
    */
-  udpMessage (msg) {
-    return new Promise((resolve, reject) => {
-      const dgram = require('dgram');// Test for target DNS and Address Family (IPv4/6) by looking up the DNS
-      const dnsOptions = {
-        verbatim: true
-      };
-      dnsPromises.lookup(this.target, dnsOptions)
-          .then((result) => {
-            const udpType = result.family === 4 ? 'udp4' : 'udp6';
-            let client = dgram.createSocket(udpType);
+ udpMessage(msg) { + return new Promise((resolve, reject) => { @@ -366,43 +360,18 @@
-

Turn msg in to a UTF8 buffer

+

Test for target DNS and Address Family (IPv4/6) by looking up the DNS

- 
            let msgBuffer = Buffer.from(msg, 'utf8');
-            client.send(msgBuffer, this.port, this.target, (error) => {
-              client.close();
-              resolve(msg);
-            });
-          })
-          .catch((error) => {
-            reject(error); // Reject out of the sendMessage function promise
-          });
-    });
-  }
-  /**
-   * Send the Syslog message over TCP
-   * @private
-   * @param {string} msg - The formatted Syslog Message
-   * @returns {Promise} - The Syslog formatted string sent
-   * @throws {Error} - Timeout error for TCP and TLS connections
-   * @throws {Error} - Network Error
-   */
-  tcpMessage (msg) {
-    return new Promise((resolve, reject) => {
-      const net = require('net');
+            
      const dgram = require('dgram');
       const dnsOptions = {
-        verbatim: true
+        verbatim: true,
       };
       dnsPromises.lookup(this.target, dnsOptions)
-          .then((result) => {
-            const tcpOptions = {
-              host: this.target,
-              port: this.port,
-              family: result.family
-            };
-            const client = net.createConnection(tcpOptions, () => {

+        .then((result) => {
+          const udpType = result.family === 4 ? 'udp4' : 'udp6';
+          let client = dgram.createSocket(udpType);
@@ -417,44 +386,39 @@ - 
              let msgBuffer = Buffer.from(msg, 'utf8');
-              client.write(msgBuffer, () => {
-                client.end();
-              });
-            });
-            client.setTimeout(this.tcpTimeout);
-            client.on('end', () => {
-              resolve(msg);
-            });
-            client.on('timeout', () => {
-              client.end();
-              reject(new Error('TIMEOUT ERROR: Syslog server TCP timeout'));
-            });
-            client.on('error', (error) => {
-              client.destroy();
-              reject(error);
-            });
-          })
-          .catch((error) => {
-            reject(error);
+            
          let msgBuffer = Buffer.from(msg, 'utf8');
+          client.send(msgBuffer, this.port, this.target, () => {
+            client.close();
+            resolve(msg);
           });
+        })
+        .catch((error) => {
+          reject(error); // Reject out of the sendMessage function promise
+        });
     });
   }
   /**
-   * Send the Syslog message over TLS
+   * Send the Syslog message over TCP
    * @private
    * @param {string} msg - The formatted Syslog Message
    * @returns {Promise} - The Syslog formatted string sent
    * @throws {Error} - Timeout error for TCP and TLS connections
    * @throws {Error} - Network Error
    */
-  tlsMessage (msg) {
+  tcpMessage(msg) {
     return new Promise((resolve, reject) => {
-      const tls = require('tls');
-      const tlsOptions = {
-        host: this.target,
-        port: this.port,
-      };

+      const net = require('net');
+      const dnsOptions = {
+        verbatim: true,
+      };
+      dnsPromises.lookup(this.target, dnsOptions)
+        .then((result) => {
+          const tcpOptions = {
+            host: this.target,
+            port: this.port,
+            family: result.family,
+          };
+          const client = net.createConnection(tcpOptions, () => {
@@ -465,27 +429,48 @@
-

Load client cert and key if requested

+

Turn msg in to a UTF8 buffer

- 
      if (typeof this.tlsClientKey === 'string' 
-          && typeof this.tlsClientCert === 'string') {
-        tlsOptions.key = fs.readFileSync(this.tlsClientKey);
-        tlsOptions.cert = fs.readFileSync(this.tlsClientCert);      
-      } else if (typeof this.tlsClientKey !== 'string' 
-          && typeof this.tlsClientKey !== 'undefined') {
-        let errMsg = 'TYPE ERROR: TLS Client Key is not a file';
-        errMsg += 'location string';
-        reject(new Error(errMsg));
-        return;
-      } else if (typeof this.tlsClientCert !== 'string' 
-          && typeof this.tlsClientCert !== 'undefined') {
-        let errMsg = 'TYPE ERROR: TLS Client Cert is not a file';
-        errMsg += 'location string';
-        reject(new Error(errMsg));
-        return;
-      }
+ 
            let msgBuffer = Buffer.from(msg, 'utf8');
+            client.write(msgBuffer, () => {
+              client.end();
+            });
+          });
+          client.setTimeout(this.tcpTimeout);
+          client.on('end', () => {
+            resolve(msg);
+          });
+          client.on('timeout', () => {
+            client.end();
+            reject(new Error('TIMEOUT ERROR: Syslog server TCP timeout'));
+          });
+          client.on('error', (error) => {
+            client.destroy();
+            reject(error);
+          });
+        })
+        .catch((error) => {
+          reject(error);
+        });
+    });
+  }
+  /**
+   * Send the Syslog message over TLS
+   * @private
+   * @param {string} msg - The formatted Syslog Message
+   * @returns {Promise} - The Syslog formatted string sent
+   * @throws {Error} - Timeout error for TCP and TLS connections
+   * @throws {Error} - Network Error
+   */
+  tlsMessage(msg) {
+    return new Promise((resolve, reject) => {
+      const tls = require('tls');
+      const tlsOptions = {
+        host: this.target,
+        port: this.port,
+      };
@@ -496,6 +481,37 @@
+

Load client cert and key if requested

+ + + + 
      if (typeof this.tlsClientKey === 'string'
+          && typeof this.tlsClientCert === 'string') {
+        tlsOptions.key = fs.readFileSync(this.tlsClientKey);
+        tlsOptions.cert = fs.readFileSync(this.tlsClientCert);
+      } else if (typeof this.tlsClientKey !== 'string'
+          && typeof this.tlsClientKey !== 'undefined') {
+        let errMsg = 'TYPE ERROR: TLS Client Key is not a file';
+        errMsg += 'location string';
+        reject(new Error(errMsg));
+        return;
+      } else if (typeof this.tlsClientCert !== 'string'
+          && typeof this.tlsClientCert !== 'undefined') {
+        let errMsg = 'TYPE ERROR: TLS Client Cert is not a file';
+        errMsg += 'location string';
+        reject(new Error(errMsg));
+        return;
+      }
+ + + + +
  • +
    + +
    + +

    Load any server certs if provided

    @@ -503,7 +519,7 @@ 
          let tlsCerts = this.tlsServerCerts.length;
       if (tlsCerts > 0) {
         let tlsOptionsCerts = [];
-        for (let certIndex=0; certIndex<tlsCerts; certIndex++) {
+        for (let certIndex = 0; certIndex < tlsCerts; certIndex++) {
           if (typeof this.tlsServerCerts[certIndex] !== 'string') {
             let errMsg = 'TYPE ERROR: TLS Server Cert is not a file';
             errMsg += 'location string';
@@ -520,11 +536,11 @@
    • -
  • +
  • - +

    Turn msg in to a UTF8 buffer

    @@ -546,11 +562,11 @@ client.on('error', (error) => { client.destroy(); reject(error); - }); + }); }); } /** - * Send the Syslog message to the selected target Syslog server using the + * Send the Syslog message to the selected target Syslog server using the * selected transport. * @private * @param {string} msg - The formatted Syslog Message @@ -558,37 +574,37 @@ * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - send (msg) { + send(msg) { return new Promise((resolve, reject) => { if (typeof msg !== 'string') { - reject(new Error("TYPE ERROR: Syslog message must be a string")); + reject(new Error('TYPE ERROR: Syslog message must be a string')); return; } this.protocol = this.protocol.toLowerCase(); if (this.protocol === 'udp') { this.udpMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else if (this.protocol === 'tcp') { this.tcpMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else if (this.protocol === 'tls') { this.tlsMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else { let errorMsg = 'FORMAT ERROR: Protocol not recognized, should be '; errorMsg += 'udp|tcp|tls'; @@ -597,18 +613,18 @@ }); } } - + /** - * A class to work with RFC3164 formatted syslog messages. The messaging is fully configurable and ANSI foreground - * colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. - * Most APIs will return a promise. These APIs can be used using - * `then(...)/catch(...)` - * + * A class to work with RFC3164 formatted syslog messages. The messaging is + * fully configurable and ANSI foreground colors can be added. Both ANSI 8 and + * ANSI 256 color are fully supported. Most APIs will return a promise. These + * APIs can be used using `then(...)/catch(...)` + * * A Syslog class with a configured - * Syslog server target can also be used as the input into the formatting + * Syslog server target can also be used as the input into the formatting * classes so that it may run independently. - * - * The RFC3164 Syslog logging format is meant to be used as a stream of log data + * + * The RFC3164 Syslog logging format is meant to be used as a stream of log data * from a service or application. This class is designed to be used in this * fashion where new messages are written to the class as needed. * @requires moment @@ -617,49 +633,49 @@ */ class RFC3164 { /** - * Construct a new RFC3164 formatted Syslog object with user options + * Construct a new RFC3164 formatted Syslog object with user options * @public * @this RFC3164 * @param {object} [options] - Options object * @param {string} [options.applacationName='NodeJSLogger'] - Application * @param {string} [options.hostname=os.hostname] - The name of this server - * @param {number} [options.facility=23] - Facility code to use sending this - * message - * @param {boolean} [options.color=false] - Apply color coding encoding tag - * with syslog message text - * @param {boolean} [options.extendedColor=false] - Use the extended ANSI - * color set encoding tag with syslog message text - * @param {object} [options.colors] - User defended colors for + * @param {number} [options.facility=23] - Facility code to use sending this + * message + * @param {boolean} [options.color=false] - Apply color coding encoding tag + * with syslog message text + * @param {boolean} [options.extendedColor=false] - Use the extended ANSI + * color set encoding tag with syslog message text + * @param {object} [options.colors] - User defended colors for * severities - * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) + * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.warningColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.informationalColor] - A RGB Hex coded color + * in the form of #FFFFFF or as or the ANSI color code number (30-37 + * Standard & 0-255 Extended) + * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -719,189 +735,189 @@ } /** * Sets the color to be used for messages at a set priority - * @public - * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @public + * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.alertColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.errorColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.warningColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.informationalColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [colors.debugColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) * @throws {Error} A standard error object */ - setColor (colors, extendedColor) { + setColor(colors, extendedColor) { return new Promise((resolve, reject) => { let colorPromises = []; if (colors.emergencyColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.emergencyColor, this.extendedColor) - .then((result) => { - this.emergencyColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'emergencyColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.emergencyColor, this.extendedColor) + .then((result) => { + this.emergencyColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'emergencyColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.alertColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.alertColor, this.extendedColor) - .then((result) => { - this.alertColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'alertColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.alertColor, this.extendedColor) + .then((result) => { + this.alertColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'alertColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.criticalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.criticalColor, this.extendedColor) - .then((result) => { - this.criticalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'criticalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.criticalColor, this.extendedColor) + .then((result) => { + this.criticalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'criticalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.errorColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.errorColor, this.extendedColor) - .then((result) => { - this.errorColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'errorColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.errorColor, this.extendedColor) + .then((result) => { + this.errorColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'errorColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.warningColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.warningColor, this.extendedColor) - .then((result) => { - this.warningColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'warningColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.warningColor, this.extendedColor) + .then((result) => { + this.warningColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'warningColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.noticeColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.noticeColor, this.extendedColor) - .then((result) => { - this.noticeColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'noticeColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.noticeColor, this.extendedColor) + .then((result) => { + this.noticeColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'noticeColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.informationalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.informationalColor, this.extendedColor) - .then((result) => { - this.informationalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'informationalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.informationalColor, this.extendedColor) + .then((result) => { + this.informationalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'informationalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.debugColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.debugColor, this.extendedColor) - .then((result) => { - this.debugColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'debugColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.debugColor, this.extendedColor) + .then((result) => { + this.debugColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'debugColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } Promise.all(colorPromises) - .then((results) => { - resolve(true); - }) - .catch((reson) => { - reject(reson); - }); + .then((results) => { + resolve(true); + }) + .catch((reson) => { + reject(reson); + }); }); } /** - * Building a formatted message. Returns a promise with a formatted message + * Building a formatted message. Returns a promise with a formatted message * @public * @param {string} msg - The Syslog Message * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.colorCode=36] - The ANSI color code to use if * message coloration is selected * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - buildMessage (msg, options) { + buildMessage(msg, options) { return new Promise((resolve, reject) => { options = options || {}; - let severity = typeof options.severity === 'number' ? - options.severity : 6; + let severity = typeof options.severity === 'number' ? + options.severity : 6; if (typeof msg !== 'string' || options.msgSeverity > 7) { let errMsg = 'FORMAT ERROR: Syslog message must be a string'; errMsg += ' msgSeverity must be a number between 0 and 7'; @@ -917,11 +933,11 @@
    • -
  • +
  • - +

    The PRI is common to both RFC formats

    @@ -932,11 +948,11 @@
    • -
  • +
  • - +

    Remove any newline character

    @@ -947,11 +963,11 @@
    • -
  • +
  • - +

    Add requested color

    @@ -967,7 +983,7 @@ colorCode += options.msgColor; colorCode += 'm'; // ANSI Color Closer } else { - colorCode = '[39m'; // Use terminal's default color + colorCode = '[39m'; // Use terminal's default color } msg = escapeCode + colorCode + msg + resetColor; }
    @@ -975,30 +991,32 @@
    • -
  • -
    - -
    - -
    -

    RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164 uses BSD timeformat

    - -
    - - 
          const rfc3164DateRegEx = /((A|D|F|J|M|N|O|S)(a|c|e|p|o|u)(b|c|g|l|n|p|r|t|v|y)\s)0(\d\s\d\d:\d\d:\d\d)/;
-      const timestamp = moment()
-          .format('MMM DD hh:mm:ss')
-          .replace(rfc3164DateRegEx, '$1 $5');
    - -
    • - -
  • +

    RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164 +uses BSD timeformat

    + +
    + + 
          const rfc3164DateRegEx =
+/((A|D|F|J|M|N|O|S)(a|c|e|p|o|u)(b|c|g|l|n|p|r|t|v|y)\s)0(\d\s\d\d:\d\d:\d\d)/;
+      const timestamp = moment()
+        .format('MMM DD hh:mm:ss')
+        .replace(rfc3164DateRegEx, '$1 $5');
    + +
    • + + +
  • +
    + +
    + +

    Build message

    @@ -1013,19 +1031,19 @@ }); } /** - * send a RFC5424 formatted message. Returns a promise with the formatted - * message that was sent. If no server connection was defined when the - * class was created a default Syslog connector will be used. + * send a RFC5424 formatted message. Returns a promise with the formatted + * message that was sent. If no server connection was defined when the + * class was created a default Syslog connector will be used. * @see SyslogPro~Syslog * @public * @param {string} msg - The unformatted Syslog message to send * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.colorCode=36] - The ANSI color code to use if * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - send (msg, options) { + send(msg, options) { return new Promise((resolve, reject) => { if (!this.server) { this.server = new Syslog(); @@ -1044,7 +1062,7 @@ reject(error); }); }); - } + } /** * Send a syslog message with a security level of 0 (Emergency) * @public @@ -1052,10 +1070,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emergency (msg) { + emergency(msg) { return this.send(msg, { - severity: 0, - colorCode: this.emergencyColor + severity: 0, + colorCode: this.emergencyColor, }); } /** @@ -1065,7 +1083,7 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emer (msg) { + emer(msg) { return this.emergency(msg); } /** @@ -1075,10 +1093,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - alert (msg) { + alert(msg) { return this.send(msg, { - severity: 1, - colorCode: this.alertColor + severity: 1, + colorCode: this.alertColor, }); } /** @@ -1088,10 +1106,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - critical (msg) { + critical(msg) { return this.send(msg, { - severity: 2, - colorCode: this.criticalColor + severity: 2, + colorCode: this.criticalColor, }); } /** @@ -1101,7 +1119,7 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - crit (msg) { + crit(msg) { return this.critical(msg); } /** @@ -1111,10 +1129,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - error (msg) { + error(msg) { return this.send(msg, { - severity: 3, - colorCode: this.errorColor + severity: 3, + colorCode: this.errorColor, }); } /** @@ -1124,7 +1142,7 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - err (msg) { + err(msg) { return this.error(msg); } /** @@ -1134,10 +1152,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warning (msg) { + warning(msg) { return this.send(msg, { - severity: 4, - colorCode: this.warningColor + severity: 4, + colorCode: this.warningColor, }); } /** @@ -1147,7 +1165,7 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warn (msg) { + warn(msg) { return this.warning(msg); } /** @@ -1157,10 +1175,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - notice (msg) { + notice(msg) { return this.send(msg, { - severity: 5, - colorCode: this.noticeColor + severity: 5, + colorCode: this.noticeColor, }); } /** @@ -1170,40 +1188,43 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - note (msg) { + note(msg) { return this.notice(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - informational (msg) { + informational(msg) { return this.send(msg, { - severity: 6, - colorCode: this.informationalColor + severity: 6, + colorCode: this.informationalColor, }); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - info (msg) { + info(msg) { return this.informational(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - log (msg) { + log(msg) { return this.informational(msg); } /** @@ -1213,25 +1234,26 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - debug (msg) { + debug(msg) { return this.send(msg, { - severity: 7, - colorCode: this.debugColor + severity: 7, + colorCode: this.debugColor, }); } } /** - * A class to work with RFC5424 formatted syslog messages. The messaging is fully configurable and ANSI foreground - * colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. - * Most APIs will return a promise. These APIs can be used using + * A class to work with RFC5424 formatted syslog messages. The messaging is + * fully configurable and ANSI foreground * colors can be added. Both ANSI 8 + * and ANSI 256 color are fully supported. + *Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * + * * A Syslog class with a configured - * Syslog server target can also be used as the input into the formatting + * Syslog server target can also be used as the input into the formatting * classes so that it may run independently. - * - * The RFC5424 Syslog logging format is meant to be used as a stream of log data + * + * The RFC5424 Syslog logging format is meant to be used as a stream of log data * from a service or application. This class is designed to be used in this * fashion where new messages are written to the class as needed. * @requires moment @@ -1240,56 +1262,56 @@ */ class RFC5424 { /** - * Construct a new RFC5424 formatted Syslog object with user options + * Construct a new RFC5424 formatted Syslog object with user options * @public * @this RFC5424 * @param {object} [options] - Options object * @param {string} [options.applacationName='NodeJSLogger'] - Application * @param {string} [options.hostname=os.hostname] - The name of this server * @param {boolean} [options.timestamp=false] - Included a Timestamp - * @param {boolean} [options.timestampUTC=false] - RFC standard is for + * @param {boolean} [options.timestampUTC=false] - RFC standard is for * local time - * @param {boolean} [options.timestampMS=false] - Timestamp with ms + * @param {boolean} [options.timestampMS=false] - Timestamp with ms * resolution * @param {boolean} [options.timestampTZ=true] - Should the timestamp * included time zone - * @param {boolean} [options.encludeStructuredData=false] - Included + * @param {boolean} [options.encludeStructuredData=false] - Included * any provided structured data - * @param {boolean} [options.utf8BOM=true] - Included the UTF8 - * @param {boolean} [options.color=false] - Included the UTF8 - * @param {boolean} [options.extendedColor=false] - Included the UTF8 - * encoding tag with syslog message text - * @param {object} [options.colors] - User defended colors for + * @param {boolean} [options.utf8BOM=true] - Included the UTF8 + * @param {boolean} [options.color=false] - Included the UTF8 + * @param {boolean} [options.extendedColor=false] - Included the UTF8 + * encoding tag with syslog message text + * @param {object} [options.colors] - User defended colors for * severities - * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) + * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.warningColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.informationalColor] - A RGB Hex coded color + * in the form of #FFFFFF or as or the ANSI color code number (30-37 + * Standard & 0-255 Extended) + * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -1384,198 +1406,198 @@ } /** * Sets the color to be used for messages at a set priority - * @public - * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @public + * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.alertColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.errorColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.warningColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.informationalColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [colors.debugColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) * @throws {Error} A standard error object */ - setColor (colors, extendedColor) { + setColor(colors, extendedColor) { return new Promise((resolve, reject) => { let colorPromises = []; if (colors.emergencyColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.emergencyColor, this.extendedColor) - .then((result) => { - this.emergencyColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'emergencyColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.emergencyColor, this.extendedColor) + .then((result) => { + this.emergencyColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'emergencyColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.alertColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.alertColor, this.extendedColor) - .then((result) => { - this.alertColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'alertColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.alertColor, this.extendedColor) + .then((result) => { + this.alertColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'alertColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.criticalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.criticalColor, this.extendedColor) - .then((result) => { - this.criticalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'criticalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.criticalColor, this.extendedColor) + .then((result) => { + this.criticalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'criticalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.errorColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.errorColor, this.extendedColor) - .then((result) => { - this.errorColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'errorColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.errorColor, this.extendedColor) + .then((result) => { + this.errorColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'errorColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.warningColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.warningColor, this.extendedColor) - .then((result) => { - this.warningColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'warningColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.warningColor, this.extendedColor) + .then((result) => { + this.warningColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'warningColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.noticeColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.noticeColor, this.extendedColor) - .then((result) => { - this.noticeColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'noticeColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.noticeColor, this.extendedColor) + .then((result) => { + this.noticeColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'noticeColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.informationalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.informationalColor, this.extendedColor) - .then((result) => { - this.informationalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'informationalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.informationalColor, this.extendedColor) + .then((result) => { + this.informationalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'informationalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.debugColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.debugColor, this.extendedColor) - .then((result) => { - this.debugColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'debugColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.debugColor, this.extendedColor) + .then((result) => { + this.debugColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'debugColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } Promise.all(colorPromises) - .then((results) => { - resolve(true); - }) - .catch((reson) => { - reject(reson); - }); + .then((results) => { + resolve(true); + }) + .catch((reson) => { + reject(reson); + }); }); } /** - * Building a formatted message. Returns a promise with a formatted message + * Building a formatted message. Returns a promise with a formatted message * @public * @param {string} msg - The Syslog Message * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.facility=23] - Facility code to use sending this - * message - * @param {string} [options.pid='-'] - The process id of the service sending - * this message - * @param {string[]} [options.structuredData] - An array of structure - * data strings conforming to the IETF/IANA defined SD-IDs or IANA - * registered SMI Network Management Private Enterprise Code SD-ID - * conforming to the format - * [name@<private enterprise number> parameter=value] - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.facility=23] - Facility code to use sending this + * message + * @param {string} [options.pid='-'] - The process id of the service sending + * this message + * @param {string[]} [options.structuredData] - An array of structure + * data strings conforming to the IETF/IANA defined SD-IDs or IANA + * registered SMI Network Management Private Enterprise Code SD-ID + * conforming to the format + * [name@<private enterprise number> parameter=value] + * @param {number} [options.colorCode=36] - The ANSI color code to use if * message coloration is selected * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - buildMessage (msg, options) { + buildMessage(msg, options) { return new Promise((resolve, reject) => { options = options || {}; - let severity = typeof options.severity === 'number' ? - options.severity : 6; + let severity = typeof options.severity === 'number' ? + options.severity : 6; if (typeof msg !== 'string' || options.severity > 7) { let errMsg = 'FORMAT ERROR: Syslog message must be a string'; errMsg += ' msgSeverity must be a number between 0 and 7'; @@ -1595,11 +1617,11 @@
    • -
  • +
  • - +

    The PRI is common to both RFC formats

    @@ -1610,11 +1632,11 @@
    • -
  • +
  • - +

    Remove any newline character

    @@ -1625,11 +1647,11 @@
    • -
  • +
  • - +

    Add requested color

    @@ -1645,7 +1667,7 @@ colorCode += options.msgColor; colorCode += 'm'; // ANSI Color Closer } else { - colorCode = '[39m'; // Use terminal's default color + colorCode = '[39m'; // Use terminal's default color } msg = escapeCode + colorCode + msg + resetColor; }
    @@ -1653,11 +1675,11 @@
    • -
  • +
  • - +

    RFC5424 timestamp formating

    @@ -1709,11 +1731,11 @@
    • -
  • +
  • - +

    Build Structured Data string

    @@ -1729,22 +1751,22 @@
    • -
  • +
  • - +

    Loop to drop duplicates of the same SD Element name

    - 
            for (let elementIndex=0; 
-            elementIndex<sdElementCount; 
-            elementIndex++) {
-          let elementName = 
+            
            for (let elementIndex = 0;
+          elementIndex < sdElementCount;
+          elementIndex++) {
+          let elementName =
             msgStructuredData[elementIndex]
-            .match(sdElementNameRegEx)[2];
+              .match(sdElementNameRegEx)[2];
           if (!sdElementNames.includes(elementName)) {
             sdElementNames.push(elementName);
             sdElements.push(msgStructuredData[elementIndex]);
@@ -1756,11 +1778,11 @@
    • -
  • +
  • - +

    Build the message

    @@ -1784,16 +1806,16 @@ }); } /** - * send a RFC5424 formatted message. Returns a promise with the formatted - * message that was sent. If no server connection was defined when the - * class was created a default Syslog connector will be used. + * send a RFC5424 formatted message. Returns a promise with the formatted + * message that was sent. If no server connection was defined when the + * class was created a default Syslog connector will be used. * @see SyslogPro~Syslog * @public * @param {string} msg - The unformatted Syslog message to send * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - send (msg, options) { + send(msg, options) { return new Promise((resolve, reject) => { if (!this.server) { this.server = new Syslog(); @@ -1820,10 +1842,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emergency (msg) { + emergency(msg) { return this.send(msg, { - severity: 0, - colorCode: this.emergencyColor + severity: 0, + colorCode: this.emergencyColor, }); } /** @@ -1833,7 +1855,7 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emer (msg) { + emer(msg) { return this.emergency(msg); } /** @@ -1843,10 +1865,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - alert (msg) { + alert(msg) { return this.send(msg, { - severity: 1, - colorCode: this.alertColor + severity: 1, + colorCode: this.alertColor, }); } /** @@ -1856,10 +1878,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - critical (msg) { + critical(msg) { return this.send(msg, { - severity: 2, - colorCode: this.criticalColor + severity: 2, + colorCode: this.criticalColor, }); } /** @@ -1869,7 +1891,7 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - crit (msg) { + crit(msg) { return this.critical(msg); } /** @@ -1879,10 +1901,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - error (msg) { + error(msg) { return this.send(msg, { - severity: 3, - colorCode: this.errorColor + severity: 3, + colorCode: this.errorColor, }); } /** @@ -1892,7 +1914,7 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - err (msg) { + err(msg) { return this.error(msg); } /** @@ -1902,10 +1924,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warning (msg) { + warning(msg) { return this.send(msg, { - severity: 4, - colorCode: this.warningColor + severity: 4, + colorCode: this.warningColor, }); } /** @@ -1915,7 +1937,7 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warn (msg) { + warn(msg) { return this.warning(msg); } /** @@ -1925,10 +1947,10 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - notice (msg) { + notice(msg) { return this.send(msg, { - severity: 5, - colorCode: this.noticeColor + severity: 5, + colorCode: this.noticeColor, }); } /** @@ -1938,40 +1960,43 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - note (msg) { + note(msg) { return this.notice(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - informational (msg) { + informational(msg) { return this.send(msg, { - severity: 6, - colorCode: this.informationalColor + severity: 6, + colorCode: this.informationalColor, }); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - info (msg) { + info(msg) { return this.informational(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - log (msg) { + log(msg) { return this.informational(msg); } /** @@ -1981,26 +2006,26 @@ * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - debug (msg) { + debug(msg) { return this.send(msg, { - severity: 7, - colorCode: this.debugColor + severity: 7, + colorCode: this.debugColor, }); } } - + /** * A class to work with IBM LEEF (Log Event Extended Format) messages this form * of system messages are designed to work with security systems. Messages can - * be saved to file (Saving to file if not part of this module but a LEEF - * formatted message produced by this module can be saved externally to it) or - * sent via Syslog. - * Most APIs will return a promise. These APIs can be used using + * be saved to file (Saving to file if not part of this module but a LEEF + * formatted message produced by this module can be saved externally to it) or + * sent via Syslog. + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * - * A Syslog class with a configured Syslog server target can also be used as - * the input into the formatting classes so that it may run independently. The - * LEEF format is designed to send event data to a SIEM system and should not + * + * A Syslog class with a configured Syslog server target can also be used as + * the input into the formatting classes so that it may run independently. The + * LEEF format is designed to send event data to a SIEM system and should not * be as a logging stream. This class is meant to be used once per message. * @requires moment * @version 0.0.0 @@ -2013,22 +2038,22 @@ * @param {object} [options] - Options object * @param {string} [options.vendor='unknown'] - The vendor of the system that * generated the event being reported - * @param {string} [options.product='unknown'] - The product name of the + * @param {string} [options.product='unknown'] - The product name of the * system that genrated the event being reported - * @param {string} [options.version='unknown'] - The version name of the + * @param {string} [options.version='unknown'] - The version name of the * system that genrated the event being reported - * @param {string} [options.eventId='unknown'] - The eventId of the + * @param {string} [options.eventId='unknown'] - The eventId of the * system that genrated the event being reported - * @param {object} [options.attributes] - LEEF message attributes which + * @param {object} [options.attributes] - LEEF message attributes which * defaults to all base attributes with null values, new attributes should * be added as new elements to this object - * @param {boolean} [options.syslogHeader='true'] - Should the LEEF message + * @param {boolean} [options.syslogHeader='true'] - Should the LEEF message * include a Syslog header with Timestamp and source * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -2041,8 +2066,8 @@ /** @type {string} */ this.eventId = options.eventId || 'unknown'; /** @type {boolean} */ - this.syslogHeader = typeof options.syslogHeader === 'boolean' - ? options.syslogHeader : true; + this.syslogHeader = typeof options.syslogHeader === 'boolean' + ? options.syslogHeader : true; /** @type {object} */ this.attributes = options.attributes || { cat: null, @@ -2106,7 +2131,7 @@ * @public * @return {Promise} - string with formatted message */ - buildMessage () { + buildMessage() { return new Promise((resolve, reject) => { let fmtMsg = 'LEEF:2.0'; fmtMsg += '|' + this.vendor; @@ -2118,11 +2143,11 @@
    • -
  • +
  • - +

    Build LEEF Attributes

    @@ -2139,14 +2164,14 @@ resolve(fmtMsg); }); } - + /** * @public * @param {Syslog} [options=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - send (options) { + send(options) { return new Promise((resolve, reject) => { this.buildMessage() .then((result) => { @@ -2168,42 +2193,42 @@ /** * A class to work with HP CEF (Common Event Format) messages. This form * of system messages are designed to work with security systems. Messages can - * be saved to file (Saving to file if not part of this module but a CEF - * formatted message produced by this module can be saved externally to it) or + * be saved to file (Saving to file if not part of this module but a CEF + * formatted message produced by this module can be saved externally to it) or * sent via Syslog. - * Most APIs will return a promise. These APIs can be used using + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * - * A Syslog class with a configured Syslog server target can also be used as - * the input into the formatting classes so that it may run independently. The CEF - * format is designed to send event data to a SIEM system and should not be as - * a logging stream. This class is meant to be used once per message. + * + * A Syslog class with a configured Syslog server target can also be used as + * the input into the formatting classes so that it may run independently. The + * CEF format is designed to send event data to a SIEM system and should not be + * as a logging stream. This class is meant to be used once per message. * @requires moment * @version 0.0.0 * @since 0.0.0 */ class CEF { /** - * Construct a new CEF formatting object with user options + * Construct a new CEF formatting object with user options * @public * @param {object} [options] - Options object - * @param {string} [options.deviceVendor='unknown'] - The vendor of the system + * @param {string} [options.deviceVendor='unknown'] - The vendor of the system * that generated the event being reported - * @param {string} [options.deviceProduct='unknown'] - The product name of the + * @param {string} [options.deviceProduct='unknown'] - The product name of the * system that genrated the event being reported - * @param {string} [options.deviceVersion='unknown'] - The version name of the + * @param {string} [options.deviceVersion='unknown'] - The version name of the * system that genrated the event being reported - * @param {string} [options.deviceEventClassId='unknown'] - The eventId of the + * @param {string} [options.deviceEventClassId='unknown'] - The eventId of the * system that genrated the event being reported - * @param {string} [options.name='unknown'] - Name of the service generating + * @param {string} [options.name='unknown'] - Name of the service generating * the notice * @param {string} [options.severity='unknown'] - Severity of the notification * @param {string} [options.extensions={}] - Any CEF Key=Value extensions * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -2221,163 +2246,163 @@ this.severity = options.severity || 'Unknown'; /** @type {object} */ this.extensions = options.extensions || { - 'deviceAction': null, - 'applicationProtocol': null, - 'deviceCustomIPv6Address1': null, + deviceAction: null, + applicationProtocol: null, + deviceCustomIPv6Address1: null, 'deviceCustomIPv6 Address1Label': null, - 'deviceCustomIPv6Address3': null, + deviceCustomIPv6Address3: null, 'deviceCustomIPv6Address3 Label': null, 'deviceCustomIPv6 Address4': null, 'deviceCustomIPv6 Address4Label': null, - 'deviceEventCategory': null, - 'deviceCustomFloatingPoint1': null, + deviceEventCategory: null, + deviceCustomFloatingPoint1: null, 'deviceCustom FloatingPoint1Label': null, - 'deviceCustomFloatingPoint2': null, + deviceCustomFloatingPoint2: null, 'deviceCustomFloatingPoint2 Label': null, - 'deviceCustomFloatingPoint3': null, + deviceCustomFloatingPoint3: null, 'deviceCustom FloatingPoint3Label': null, - 'deviceCustomFloatingPoint4': null, + deviceCustomFloatingPoint4: null, 'deviceCustom FloatingPoint4Label': null, - 'deviceCustomNumber1': null, - 'deviceCustomNumber1Label': null, - 'DeviceCustomNumber2': null, - 'deviceCustomNumber2Label': null, - 'deviceCustomNumber3': null, - 'deviceCustomNumber3Label': null, - 'baseEventCount': null, - 'deviceCustomString1': null, - 'deviceCustomString1Label': null, - 'deviceCustomString2': null, - 'deviceCustomString2Label': null, - 'deviceCustomString3': null, - 'deviceCustomString3Label': null, - 'deviceCustomString4': null, - 'deviceCustomString4Label': null, - 'deviceCustomString5': null, - 'deviceCustomString5Label': null, - 'deviceCustomString6': null, - 'deviceCustomString6Label': null, - 'destinationDnsDomain': null, - 'destinationServiceName': null, + deviceCustomNumber1: null, + deviceCustomNumber1Label: null, + DeviceCustomNumber2: null, + deviceCustomNumber2Label: null, + deviceCustomNumber3: null, + deviceCustomNumber3Label: null, + baseEventCount: null, + deviceCustomString1: null, + deviceCustomString1Label: null, + deviceCustomString2: null, + deviceCustomString2Label: null, + deviceCustomString3: null, + deviceCustomString3Label: null, + deviceCustomString4: null, + deviceCustomString4Label: null, + deviceCustomString5: null, + deviceCustomString5Label: null, + deviceCustomString6: null, + deviceCustomString6Label: null, + destinationDnsDomain: null, + destinationServiceName: null, 'destinationTranslated Address': null, - 'destinationTranslatedPort': null, - 'deviceCustomDate1': null, - 'deviceCustomDate1Label': null, - 'deviceCustomDate2': null, - 'deviceCustomDate2Label': null, - 'deviceDirection': null, - 'deviceDnsDomain': null, - 'deviceExternalId': null, - 'deviceFacility': null, - 'deviceInboundInterface': null, - 'deviceNtDomain': null, - 'deviceOutboundInterface': null, - 'devicePayloadId': null, - 'deviceProcessName': null, - 'deviceTranslatedAddress': null, - 'destinationHostName': null, - 'destinationMacAddress': null, - 'destinationNtDomain': null, - 'destinationProcessId': null, - 'destinationUserPrivileges': null, - 'destinationProcessName': null, - 'destinationPort': null, - 'destinationAddress': null, - 'deviceTimeZone': null, - 'destinationUserId': null, - 'destinationUserName': null, - 'deviceAddress': null, - 'deviceHostName': null, - 'deviceMacAddress': null, - 'deviceProcessId': null, - 'endTime': null, - 'externalId': null, - 'fileCreateTime': null, - 'fileHash': null, - 'fileId': null, - 'fileModificationTime': null, - 'filePath': null, - 'filePermission': null, - 'fileType': null, - 'flexDate1': null, - 'flexDate1Label': null, - 'flexString1': null, - 'flexString1Label': null, - 'flexString2': null, - 'flexString2Label': null, - 'filename': null, - 'fileSize': null, - 'bytesIn': null, - 'message': null, - 'oldFileCreateTime': null, - 'oldFileHash': null, - 'oldFileId': null, - 'oldFileModificationTime': null, - 'oldFileName': null, - 'oldFilePath': null, - 'oldFileSize': null, - 'oldFileType': null, - 'bytesOut': null, - 'eventOutcome': null, - 'transportProtocol': null, - 'Reason': null, - 'requestUrl': null, - 'requestClientApplication': null, - 'requestContext': null, - 'requestCookies': null, - 'requestMethod': null, - 'deviceReceiptTime': null, - 'sourceHostName': null, - 'sourceMacAddress': null, - 'sourceNtDomain': null, - 'sourceDnsDomain': null, - 'sourceServiceName': null, - 'sourceTranslatedAddress': null, - 'sourceTranslatedPort': null, - 'sourceProcessId': null, - 'sourceUserPrivileges': null, - 'sourceProcessName': null, - 'sourcePort': null, - 'sourceAddress': null, - 'startTime': null, - 'sourceUserId': null, - 'sourceUserName': null, - 'type': null, - 'agentDnsDomain': null, - 'agentNtDomain': null, - 'agentTranslatedAddress': null, + destinationTranslatedPort: null, + deviceCustomDate1: null, + deviceCustomDate1Label: null, + deviceCustomDate2: null, + deviceCustomDate2Label: null, + deviceDirection: null, + deviceDnsDomain: null, + deviceExternalId: null, + deviceFacility: null, + deviceInboundInterface: null, + deviceNtDomain: null, + deviceOutboundInterface: null, + devicePayloadId: null, + deviceProcessName: null, + deviceTranslatedAddress: null, + destinationHostName: null, + destinationMacAddress: null, + destinationNtDomain: null, + destinationProcessId: null, + destinationUserPrivileges: null, + destinationProcessName: null, + destinationPort: null, + destinationAddress: null, + deviceTimeZone: null, + destinationUserId: null, + destinationUserName: null, + deviceAddress: null, + deviceHostName: null, + deviceMacAddress: null, + deviceProcessId: null, + endTime: null, + externalId: null, + fileCreateTime: null, + fileHash: null, + fileId: null, + fileModificationTime: null, + filePath: null, + filePermission: null, + fileType: null, + flexDate1: null, + flexDate1Label: null, + flexString1: null, + flexString1Label: null, + flexString2: null, + flexString2Label: null, + filename: null, + fileSize: null, + bytesIn: null, + message: null, + oldFileCreateTime: null, + oldFileHash: null, + oldFileId: null, + oldFileModificationTime: null, + oldFileName: null, + oldFilePath: null, + oldFileSize: null, + oldFileType: null, + bytesOut: null, + eventOutcome: null, + transportProtocol: null, + Reason: null, + requestUrl: null, + requestClientApplication: null, + requestContext: null, + requestCookies: null, + requestMethod: null, + deviceReceiptTime: null, + sourceHostName: null, + sourceMacAddress: null, + sourceNtDomain: null, + sourceDnsDomain: null, + sourceServiceName: null, + sourceTranslatedAddress: null, + sourceTranslatedPort: null, + sourceProcessId: null, + sourceUserPrivileges: null, + sourceProcessName: null, + sourcePort: null, + sourceAddress: null, + startTime: null, + sourceUserId: null, + sourceUserName: null, + type: null, + agentDnsDomain: null, + agentNtDomain: null, + agentTranslatedAddress: null, 'agentTranslatedZone ExternalID': null, - 'agentTranslatedZoneURI': null, - 'agentZoneExternalID': null, - 'agentZoneURI': null, - 'agentAddress': null, - 'agentHostName': null, - 'agentId': null, - 'agentMacAddress': null, - 'agentReceiptTime': null, - 'agentType': null, - 'agentTimeZone': null, - 'agentVersion': null, - 'customerExternalID': null, - 'customerURI': null, + agentTranslatedZoneURI: null, + agentZoneExternalID: null, + agentZoneURI: null, + agentAddress: null, + agentHostName: null, + agentId: null, + agentMacAddress: null, + agentReceiptTime: null, + agentType: null, + agentTimeZone: null, + agentVersion: null, + customerExternalID: null, + customerURI: null, 'destinationTranslated ZoneExternalID': null, 'destinationTranslated ZoneURI': null, - 'destinationZoneExternalID': null, - 'destinationZoneURI': null, + destinationZoneExternalID: null, + destinationZoneURI: null, 'deviceTranslatedZone ExternalID': null, - 'deviceTranslatedZoneURI': null, - 'deviceZoneExternalID': null, - 'deviceZoneURI': null, - 'destinationGeoLatitude': null, - 'destinationGeoLongitude': null, - 'eventId': null, - 'rawEvent': null, - 'sourceGeoLatitude': null, - 'sourceGeoLongitude': null, + deviceTranslatedZoneURI: null, + deviceZoneExternalID: null, + deviceZoneURI: null, + destinationGeoLatitude: null, + destinationGeoLongitude: null, + eventId: null, + rawEvent: null, + sourceGeoLatitude: null, + sourceGeoLongitude: null, 'sourceTranslatedZone ExternalID': null, - 'sourceTranslatedZoneURI': null, - 'sourceZoneExternalID': null, - 'sourceZoneURI': null, + sourceTranslatedZoneURI: null, + sourceZoneExternalID: null, + sourceZoneURI: null, }; if (options.server) { if (options.server.constructor__) { @@ -2393,167 +2418,1168 @@ * @public * @return {Promise} - True if validated * @throws {Error} - First element to fail validation - */ - validate () { - return new Promise ((resolve, reject) => { + */ + validate() { + return new Promise((resolve, reject) => { const Extensions = { - 'deviceAction': {key: 'act', type:'String', len:63, discription: 'Action taken by the device.'}, - 'applicationProtocol': {key: 'app', type:'String', len:31, discription: 'Application level protocol, example values are HTTP, HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.'}, - 'deviceCustomIPv6Address1': {key: 'c6a1', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6 Address1Label': {key: 'c6a1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomIPv6Address3': {key: 'c6a3', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6Address3 Label': {key: 'c6a3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomIPv6 Address4': {key: 'c6a4', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6 Address4Label': {key: 'C6a4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceEventCategory': {key: 'cat', type:'String', len:1023, discription: 'Represents the category assigned by the originating device. Devices often use their own categorization schema to classify event. Example: “/Monitor/Disk/Read”'}, - 'deviceCustomFloatingPoint1': {key: 'cfp1', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint1Label': {key: 'cfp1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint2': {key: 'cfp2', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustomFloatingPoint2 Label': {key: 'cfp2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint3': {key: 'cfp3', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint3Label': {key: 'cfp3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint4': {key: 'cfp4', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint4Label': {key: 'cfp4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomNumber1': {key: 'cn1', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber1Label': {key: 'cn1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'DeviceCustomNumber2': {key: 'cn2', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber2Label': {key: 'cn2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomNumber3': {key: 'cn3', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber3Label': {key: 'cn3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'baseEventCount': {key: 'cnt', type:'Number', len:null, discription: 'A count associated with this event. How many times was this same event observed? Count can be omitted if it is 1.'}, - 'deviceCustomString1': {key: 'cs1', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString1Label': {key: 'cs1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString2': {key: 'cs2', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString2Label': {key: 'cs2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString3': {key: 'cs3', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString3Label': {key: 'cs3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString4': {key: 'cs4', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString4Label': {key: 'cs4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString5': {key: 'cs5', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString5Label': {key: 'cs5Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString6': {key: 'cs6', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString6Label': {key: 'cs6Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'destinationDnsDomain': {key: 'destination DnsDomain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'destinationServiceName': {key: 'destination ServiceName', type:'String', len:1023, discription: 'The service targeted by this event. Example: “sshd”'}, - 'destinationTranslated Address': {key: 'Destination Translated Address', type:'String', len:null, discription: 'Identifies the translated destination that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'destinationTranslatedPort': {key: 'Destination TranslatedPort', type:'Number', len:null, discription: 'Port after it was translated; for example, a firewall. Valid port numbers are 0 to 65535.'}, - 'deviceCustomDate1': {key: 'deviceCustom Date1', type:'String', len:null, discription: 'One of two timestamp fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomDate1Label': {key: 'deviceCustom Date1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomDate2': {key: 'deviceCustom Date2', type:'String', len:null, discription: 'One of two timestamp fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomDate2Label': {key: 'deviceCustom Date2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceDirection': {key: 'deviceDirection', type:'Number', len:null, discription: 'Any information about what direction the observed communication has taken. The following values are supported: “0” for inbound or “1” for outbound'}, - 'deviceDnsDomain': {key: 'deviceDns Domain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'deviceExternalId': {key: 'device ExternalId', type:'String', len:255, discription: 'A name that uniquely identifies the device generating this event.'}, - 'deviceFacility': {key: 'deviceFacility', type:'String', len:1023, discription: 'The facility generating this event. For example, Syslog has an explicit facility associated with every event.'}, - 'deviceInboundInterface': {key: 'deviceInbound Interface', type:'String', len:128, discription: 'Interface on which the packet or data entered the device.'}, - 'deviceNtDomain': {key: 'deviceNt Domain', type:'String', len:255, discription: 'The Windows domain name of the device address.'}, - 'deviceOutboundInterface': {key: 'Device Outbound Interface', type:'String', len:128, discription: 'Interface on which the packet or data left the device.'}, - 'devicePayloadId': {key: 'Device PayloadId', type:'String', len:128, discription: 'Unique identifier for the payload associated with the event.'}, - 'deviceProcessName': {key: 'deviceProcess Name', type:'String', len:1023, discription: 'Process name associated with the event. An example might be the process generating the syslog entry in UNIX.'}, - 'deviceTranslatedAddress': {key: 'device Translated Address', type:'String', len:null, discription: 'Identifies the translated device address that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'destinationHostName': {key: 'dhost', type:'String', len:1023, discription: 'Identifies the destination that an event refers to in an IP network. The format should be a fully qualified domain name (FQDN) associated with the destination node, when a node is available. Examples: “host.domain.com” or “host”.'}, - 'destinationMacAddress': {key: 'dmac', type:'String', len:null, discription: 'Six colon-seperated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'destinationNtDomain': {key: 'dntdom', type:'String', len:255, discription: 'The Windows domain name of the destination address.'}, - 'destinationProcessId': {key: 'dpid', type:'Number', len:null, discription: 'Provides the ID of the destination process associated with the event. For example, if an event contains process ID 105, “105” is the process ID.'}, - 'destinationUserPrivileges': {key: 'dpriv', type:'String', len:1023, discription: 'The typical values are “Administrator”, “User”, and “Guest”. This identifies the destination user’s privileges. In UNIX, for example, activity executed on the root user would be identified with destinationUser Privileges of “Administrator”.'}, - 'destinationProcessName': {key: 'dproc', type:'String', len:1023, discription: 'The name of the event’s destination process. Example: “telnetd” or “sshd”.'}, - 'destinationPort': {key: 'dpt', type:'Number', len:null, discription: 'The valid port numbers are between 0 and 65535.'}, - 'destinationAddress': {key: 'dst', type:'String', len:null, discription: 'Identifies the destination address that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'deviceTimeZone': {key: 'dtz', type:'String', len:255, discription: 'The timezone for the device generating the event.'}, - 'destinationUserId': {key: 'duid', type:'String', len:1023, discription: 'Identifies the destination user by ID. For example, in UNIX, the root user is generally associated with user ID 0.'}, - 'destinationUserName': {key: 'duser', type:'String', len:1023, discription: 'Identifies the destination user by name. This is the user associated with the event’s destination. Email addresses are often mapped into the UserName fields. The recipient is a candidate to put into this field.'}, - 'deviceAddress': {key: 'dvc', type:'String', len:null, discription: 'Identifies the device address that an event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'deviceHostName': {key: 'dvchost', type:'String', len:100, discription: 'The format should be a fully qualified domain name (FQDN) associated with the device node, when a node is available. Example: “host.domain.com” or “host”.'}, - 'deviceMacAddress': {key: 'dvcmac', type:'String', len:null, discription: 'Six colon-separated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'deviceProcessId': {key: 'dvcpid', type:'Number', len:null, discription: 'Provides the ID of the process on the device generating the event.'}, - 'endTime': {key: 'end', type:'String', len:null, discription: 'The time at which the activity related to the event ended. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st1970). An example would be reporting the end of a session.'}, - 'externalId': {key: 'externalId', type:'String', len:40, discription: 'The ID used by an originating device. They are usually increasing numbers, associated with events.'}, - 'fileCreateTime': {key: 'fileCreateTime', type:'String', len:null, discription: 'Time when the file was created.'}, - 'fileHash': {key: 'fileHash', type:'String', len:255, discription: 'Hash of a file.'}, - 'fileId': {key: 'fileId', type:'String', len:1023, discription: 'An ID associated with a file could be the inode.'}, - 'fileModificationTime': {key: 'fileModification Time', type:'String', len:null, discription: 'Time when the file was last modified.'}, - 'filePath': {key: 'filePath', type:'String', len:1023, discription: 'Full path to the file, including file name itself. Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe or /usr/bin/zip'}, - 'filePermission': {key: 'filePermission', type:'String', len:1023, discription: 'Permissions of the file.'}, - 'fileType': {key: 'fileType', type:'String', len:1023, discription: 'Type of file (pipe, socket, etc.)'}, - 'flexDate1': {key: 'flexDate1', type:'String', len:null, discription: 'A timestamp field available to map a timestamp that does not apply to any other defined timestamp field in this dictionary. Use all flex fields sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexDate1Label': {key: 'flexDate1Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'flexString1': {key: 'flexString1', type:'String', len:1023, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexString1Label': {key: 'flexString1 Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'flexString2': {key: 'flexString2', type:'String', len:1023, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexString2Label': {key: 'flex String2Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'filename': {key: 'fname', type:'String', len:1023, discription: 'Name of the file only (without its path).'}, - 'fileSize': {key: 'fsize', type:'Number', len:null, discription: 'Size of the file.'}, - 'bytesIn': {key: 'in', type:'Number', len:null, discription: 'Number of bytes transferred inbound, relative to the source to destination relationship, meaning that data was flowing from source to destination.'}, - 'message': {key: 'msg', type:'String', len:1023, discription: 'An arbitrary message giving more details about the event. Multi-line entries can be produced by using \n as the new line separator.'}, - 'oldFileCreateTime': {key: 'oldFileCreate Time', type:'String', len:null, discription: 'Time when old file was created.'}, - 'oldFileHash': {key: 'oldFileHash', type:'String', len:255, discription: 'Hash of the old file.'}, - 'oldFileId': {key: 'oldFileId', type:'String', len:1023, discription: 'An ID associated with the old file could be the inode.'}, - 'oldFileModificationTime': {key: 'oldFile Modification Time', type:'String', len:null, discription: 'Time when old file was last modified.'}, - 'oldFileName': {key: 'oldFileName', type:'String', len:1023, discription: 'Name of the old file.'}, - 'oldFilePath': {key: 'oldFilePath', type:'String', len:1023, discription: 'Full path to the old fiWindowsNT\Accessories le, including the file name itself. Examples: c:\Program Files\wordpad.exe or /usr/bin/zip'}, - 'oldFileSize': {key: 'oldFileSize', type:'Number', len:null, discription: 'Size of the old file.'}, - 'oldFileType': {key: 'oldFileType', type:'String', len:1023, discription: 'Type of the old file (pipe, socket, etc.)'}, - 'bytesOut': {key: 'out', type:'Number', len:null, discription: 'Number of bytes transferred outbound relative to the source to destination relationship. For example, the byte number of data flowing from the destination to the source.'}, - 'eventOutcome': {key: 'outcome', type:'String', len:63, discription: 'Displays the outcome, usually as ‘success’ or ‘failure’.'}, - 'transportProtocol': {key: 'proto', type:'String', len:31, discription: 'Identifies the Layer-4 protocol used. The possible values are protocols such as TCP or UDP.'}, - 'Reason': {key: 'reason', type:'String', len:1023, discription: 'The reason an audit event was generated. For example “badd password” or “unknown user”. This could also be an error or return code. Example: “0x1234”'}, - 'requestUrl': {key: 'request', type:'String', len:1023, discription: 'In the case of an HTTP request, this field contains the URL accessed. The URL should contain the protocol as well. Example: “http://www/secure.com”'}, - 'requestClientApplication': {key: 'requestClient Application', type:'String', len:1023, discription: 'The User-Agent associated with the request.'}, - 'requestContext': {key: 'requestContext', type:'String', len:2048, discription: 'Description of the content from which the request originated (for example, HTTP Referrer)'}, - 'requestCookies': {key: 'requestCookies', type:'String', len:1023, discription: 'Cookies associated with the request.'}, - 'requestMethod': {key: 'requestMethod', type:'String', len:1023, discription: 'The method used to access a URL. Possible values: “POST”, “GET”, etc.'}, - 'deviceReceiptTime': {key: 'rt', type:'String', len:null, discription: 'The time at which the event related to the activity was received. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st 1970)'}, - 'sourceHostName': {key: 'shost', type:'String', len:1023, discription: 'Identifies the source that an event refers to in an IP network. The format should be a fully qualified domain name (DQDN) associated with the source node, when a mode is available. Examples: “host” or “host.domain.com”.'}, - 'sourceMacAddress': {key: 'smac', type:'String', len:null, discription: 'Six colon-separated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'sourceNtDomain': {key: 'sntdom', type:'String', len:255, discription: 'The Windows domain name for the source address.'}, - 'sourceDnsDomain': {key: 'sourceDns Domain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'sourceServiceName': {key: 'source ServiceName', type:'String', len:1023, discription: 'The service that is responsible for generating this event.'}, - 'sourceTranslatedAddress': {key: 'source Translated Address', type:'String', len:null, discription: 'Identifies the translated source that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'sourceTranslatedPort': {key: 'source TranslatedPort', type:'Number', len:null, discription: 'A port number after being translated by, for example, a firewall. Valid port numbers are 0 to 65535.'}, - 'sourceProcessId': {key: 'spid', type:'Number', len:null, discription: 'The ID of the source process associated with the event.'}, - 'sourceUserPrivileges': {key: 'spriv', type:'String', len:1023, discription: 'The typical values are “Administrator”, “User”, and “Guest”. It identifies the source user’s privileges. In UNIX, for example, activity executed by the root user would be identified with “Administrator”.'}, - 'sourceProcessName': {key: 'sproc', type:'String', len:1023, discription: 'The name of the event’s source process.'}, - 'sourcePort': {key: 'spt', type:'Number', len:null, discription: 'The valid port numbers are 0 to 65535.'}, - 'sourceAddress': {key: 'src', type:'String', len:null, discription: 'Identifies the source that an event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'startTime': {key: 'start', type:'String', len:null, discription: 'The time when the activity the event referred to started. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st 1970)'}, - 'sourceUserId': {key: 'suid', type:'String', len:1023, discription: 'Identifies the source user by ID. This is the user associated with the source of the event. For example, in UNIX, the root user is generally associated with user ID 0.'}, - 'sourceUserName': {key: 'suser', type:'String', len:1023, discription: 'Identifies the source user by name. Email addresses are also mapped into the UserName fields. The sender is a candidate to put into this field.'}, - 'type': {key: 'type', type:'Number', len:null, discription: '0 means base event, 1 means aggregated, 2 means correlation, and 3 means action. This field can be omitted for base events (type 0).'}, - 'agentDnsDomain': {key: 'agentDns Domain', type:'String', len:255, discription: 'The DNS domain name of the ArcSight connector that processed the event.'}, - 'agentNtDomain': {key: 'agentNtDomain', type:'String', len:255, discription: ''}, - 'agentTranslatedAddress': {key: 'agentTranslated Address', type:'String', len:null, discription: ''}, - 'agentTranslatedZone ExternalID': {key: 'agentTranslated ZoneExternalID', type:'String', len:200, discription: ''}, - 'agentTranslatedZoneURI': {key: 'agentTranslated Zone URI', type:'String', len:2048, discription: ''}, - 'agentZoneExternalID': {key: 'agentZone ExternalID', type:'String', len:200, discription: ''}, - 'agentZoneURI': {key: 'agentZoneURI', type:'String', len:2048, discription: ''}, - 'agentAddress': {key: 'agt', type:'String', len:null, discription: 'The IP address of the ArcSight connector that processed the event.'}, - 'agentHostName': {key: 'ahost', type:'String', len:1023, discription: 'The hostname of the ArcSight connector that processed the event.'}, - 'agentId': {key: 'aid', type:'String', len:40, discription: 'The agent ID of the ArcSight connector that processed the event.'}, - 'agentMacAddress': {key: 'amac', type:'String', len:null, discription: 'The MAC address of the ArcSight connector that processed the event.'}, - 'agentReceiptTime': {key: 'art', type:'String', len:null, discription: 'The time at which information about the event was received by the ArcSight connector.'}, - 'agentType': {key: 'at', type:'String', len:63, discription: 'The agent type of the ArcSight connector that processed the event'}, - 'agentTimeZone': {key: 'atz', type:'String', len:255, discription: 'The agent time zone of the ArcSight connector that processed the event.'}, - 'agentVersion': {key: 'av', type:'String', len:31, discription: 'The version of the ArcSight connector that processed the event.'}, - 'customerExternalID': {key: 'customer ExternalID', type:'String', len:200, discription: ''}, - 'customerURI': {key: 'customerURI', type:'String', len:2048, discription: ''}, - 'destinationTranslated ZoneExternalID': {key: 'destination TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'destinationTranslated ZoneURI': {key: 'destination Translated ZoneURI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the destination asset has been assigned to in ArcSight.'}, - 'destinationZoneExternalID': {key: 'destinationZone ExternalID', type:'String', len:200, discription: ''}, - 'destinationZoneURI': {key: 'destinationZone URI', type:'String', len:2048, discription: 'The URI for the Zone that the destination asset has been assigned to in ArcSight.'}, - 'deviceTranslatedZone ExternalID': {key: 'device TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'deviceTranslatedZoneURI': {key: 'device TranslatedZone URI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the device asset has been assigned to in ArcSight.'}, - 'deviceZoneExternalID': {key: 'deviceZone ExternalID', type:'String', len:200, discription: ''}, - 'deviceZoneURI': {key: 'deviceZoneURI', type:'String', len:2048, discription: 'Thee URI for the Zone that the device asset has been assigned to in ArcSight.'}, - 'destinationGeoLatitude': {key: 'dlat', type:'Number', len:null, discription: 'The latitudinal value from which the destination’s IP address belongs.'}, - 'destinationGeoLongitude': {key: 'dlong', type:'Number', len:null, discription: 'The longitudinal value from which the destination’s IP address belongs.'}, - 'eventId': {key: 'eventId', type:'Number', len:null, discription: 'This is a unique ID that ArcSight assigns to each event.'}, - 'rawEvent': {key: 'rawEvent', type:'String', len:4000, discription: ''}, - 'sourceGeoLatitude': {key: 'slat', type:'Number', len:null, discription: ''}, - 'sourceGeoLongitude': {key: 'slong', type:'Number', len:null, discription: ''}, - 'sourceTranslatedZone ExternalID': {key: 'source TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'sourceTranslatedZoneURI': {key: 'source TranslatedZone URI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the destination asset has been assigned to in ArcSight.'}, - 'sourceZoneExternalID': {key: 'sourceZone ExternalID', type:'String', len:200, discription: ''}, - 'sourceZoneURI': {key: 'sourceZoneURI', type:'String', len:2048, discription: 'The URI for the Zone that the source asset has been assigned to in ArcSight.'}, + deviceAction: { + key: 'act', + type: 'String', + len: 63, + discription: 'Action taken by the device.', + }, + applicationProtocol: { + key: 'app', + type: 'String', + len: 31, + discription: 'Application level protocol, example values are HTTP, ' + + 'HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.', + }, + deviceCustomIPv6Address1: { + key: 'c6a1', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6 Address1Label': { + key: 'c6a1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomIPv6Address3: { + key: 'c6a3', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6Address3 Label': { + key: 'c6a3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + 'deviceCustomIPv6 Address4': { + key: 'c6a4', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6 Address4Label': { + key: 'C6a4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceEventCategory: { + key: 'cat', + type: 'String', + len: 1023, + discription: 'Represents the category assigned by the originating ' + + 'device. Devices often use their own categorization schema to ' + + 'classify event. Example: “/Monitor/Disk/Read”', + }, + deviceCustomFloatingPoint1: { + key: 'cfp1', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint1Label': { + key: 'cfp1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint2: { + key: 'cfp2', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustomFloatingPoint2 Label': { + key: 'cfp2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint3: { + key: 'cfp3', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint3Label': { + key: 'cfp3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint4: { + key: 'cfp4', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint4Label': { + key: 'cfp4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomNumber1: { + key: 'cn1', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber1Label: { + key: 'cn1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + DeviceCustomNumber2: { + key: 'cn2', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber2Label: { + key: 'cn2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomNumber3: { + key: 'cn3', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber3Label: { + key: 'cn3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + baseEventCount: { + key: 'cnt', + type: 'Number', + len: null, + discription: 'A count associated with this event. How many times ' + + 'was this same event observed? Count can be omitted if it is 1.', + }, + deviceCustomString1: { + key: 'cs1', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString1Label: { + key: 'cs1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString2: { + key: 'cs2', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString2Label: { + key: 'cs2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString3: { + key: 'cs3', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString3Label: { + key: 'cs3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString4: { + key: 'cs4', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString4Label: { + key: 'cs4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString5: { + key: 'cs5', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString5Label: { + key: 'cs5Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString6: { + key: 'cs6', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString6Label: { + key: 'cs6Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + destinationDnsDomain: { + key: 'destination DnsDomain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + destinationServiceName: { + key: 'destination ServiceName', + type: 'String', + len: 1023, + discription: 'The service targeted by this event. Example: “sshd”', + }, + 'destinationTranslated Address': { + key: 'Destination Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated destination that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”', + }, + destinationTranslatedPort: { + key: 'Destination TranslatedPort', + type: 'Number', + len: null, + discription: 'Port after it was translated; for example, a ' + + 'firewall. Valid port numbers are 0 to 65535.', + }, + deviceCustomDate1: { + key: 'deviceCustom Date1', + type: 'String', + len: null, + discription: 'One of two timestamp fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomDate1Label: { + key: 'deviceCustom Date1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomDate2: { + key: 'deviceCustom Date2', + type: 'String', + len: null, + discription: 'One of two timestamp fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomDate2Label: { + key: 'deviceCustom Date2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceDirection: { + key: 'deviceDirection', + type: 'Number', + len: null, + discription: 'Any information about what direction the observed ' + + 'communication has taken. The following values are supported: ' + + '“0” for inbound or “1” for outbound', + }, + deviceDnsDomain: { + key: 'deviceDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + deviceExternalId: { + key: 'device ExternalId', + type: 'String', + len: 255, + discription: 'A name that uniquely identifies the device ' + + 'generating this event.', + }, + deviceFacility: { + key: 'deviceFacility', + type: 'String', + len: 1023, + discription: 'The facility generating this event. For example, ' + + 'Syslog has an explicit facility associated with every event.', + }, + deviceInboundInterface: { + key: 'deviceInbound Interface', + type: 'String', + len: 128, + discription: 'Interface on which the packet or data entered the ' + + 'device.', + }, + deviceNtDomain: { + key: 'deviceNt Domain', + type: 'String', + len: 255, + discription: 'The Windows domain name of the device address.', + }, + deviceOutboundInterface: { + key: 'Device Outbound Interface', + type: 'String', + len: 128, + discription: 'Interface on which the packet or data left the ' + + 'device.', + }, + devicePayloadId: { + key: 'Device PayloadId', + type: 'String', + len: 128, + discription: 'Unique identifier for the payload associated with ' + + 'the event.', + }, + deviceProcessName: { + key: 'deviceProcess Name', + type: 'String', + len: 1023, + discription: 'Process name associated with the event. An example ' + + 'might be the process generating the syslog entry in UNIX.', + }, + deviceTranslatedAddress: { + key: 'device Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated device address that the ' + + 'event refers to in an IP network. The format is an IPv4 ' + + 'address. Example: “192.168.10.1”', + }, + destinationHostName: { + key: 'dhost', + type: 'String', + len: 1023, + discription: 'Identifies the destination that an event refers to ' + + 'in an IP network. The format should be a fully qualified ' + + 'domain name (FQDN) associated with the destination node, when ' + + 'a node is available. Examples: “host.domain.com” or “host”.', + }, + destinationMacAddress: { + key: 'dmac', + type: 'String', + len: null, + discription: 'Six colon-seperated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + destinationNtDomain: { + key: 'dntdom', + type: 'String', + len: 255, + discription: 'The Windows domain name of the destination address.', + }, + destinationProcessId: { + key: 'dpid', + type: 'Number', + len: null, + discription: 'Provides the ID of the destination process ' + + 'associated with the event. For example, if an event contains ' + + 'process ID 105, 105” is the process ID.', + }, + destinationUserPrivileges: { + key: 'dpriv', + type: 'String', + len: 1023, + discription: 'The typical values are “Administrator”, “User”, and ' + + '“Guest”. This identifies the destination user’s privileges. ' + + 'In UNIX, for example, activity executed on the root user ' + + 'would be identified with destinationUser Privileges of ' + + '“Administrator”.', + }, + destinationProcessName: { + key: 'dproc', + type: 'String', + len: 1023, + discription: 'The name of the event’s destination process. ' + + 'Example: “telnetd” or “sshd”.', + }, + destinationPort: { + key: 'dpt', + type: 'Number', + len: null, + discription: 'The valid port numbers are between 0 and 65535.', + }, + destinationAddress: { + key: 'dst', + type: 'String', + len: null, + discription: 'Identifies the destination address that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”', + }, + deviceTimeZone: { + key: 'dtz', + type: 'String', + len: 255, + discription: 'The timezone for the device generating the event.', + }, + destinationUserId: { + key: 'duid', + type: 'String', + len: 1023, + discription: 'Identifies the destination user by ID. For example, ' + + 'in UNIX, the root user is generally associated with user ' + + 'ID 0.', + }, + destinationUserName: { + key: 'duser', + type: 'String', + len: 1023, + discription: 'Identifies the destination user by name. This is the ' + + 'user associated with the event’s destination. Email addresses ' + + 'are often mapped into the UserName fields. The recipient is a ' + + 'candidate to put into this field.', + }, + deviceAddress: { + key: 'dvc', + type: 'String', + len: null, + discription: 'Identifies the device address that an event refers ' + + 'to in an IP network. The format is an IPv4 address. Example: ' + + '“192.168.10.1”.', + }, + deviceHostName: { + key: 'dvchost', + type: 'String', + len: 100, + discription: 'The format should be a fully qualified domain name ' + + '(FQDN) associated with the device node, when a node is ' + + 'available. Example: “host.domain.com” or “host”.', + }, + deviceMacAddress: { + key: 'dvcmac', + type: 'String', + len: null, + discription: 'Six colon-separated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + deviceProcessId: { + key: 'dvcpid', + type: 'Number', + len: null, + discription: 'Provides the ID of the process on the device ' + + 'generating the event.', + }, + endTime: { + key: 'end', + type: 'String', + len: null, + discription: 'The time at which the activity related to the event ' + + 'ended. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + + 'since epoch (Jan 1st1970). An example would be reporting the ' + + 'end of a session.', + }, + externalId: { + key: 'externalId', + type: 'String', + len: 40, + discription: 'The ID used by an originating device. They are ' + + 'usually increasing numbers, associated with events.', + }, + fileCreateTime: { + key: 'fileCreateTime', + type: 'String', + len: null, + discription: 'Time when the file was created.', + }, + fileHash: { + key: 'fileHash', + type: 'String', + len: 255, + discription: 'Hash of a file.', + }, + fileId: { + key: 'fileId', + type: 'String', + len: 1023, + discription: 'An ID associated with a file could be the inode.', + }, + fileModificationTime: { + key: 'fileModification Time', + type: 'String', + len: null, + discription: 'Time when the file was last modified.', + }, + filePath: { + key: 'filePath', + type: 'String', + len: 1023, + discription: 'Full path to the file, including file name itself. ' + + 'Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe ' + + 'or /usr/bin/zip', + }, + filePermission: { + key: 'filePermission', + type: 'String', + len: 1023, + discription: 'Permissions of the file.', + }, + fileType: { + key: 'fileType', + type: 'String', + len: 1023, + discription: 'Type of file (pipe, socket, etc.)', + }, + flexDate1: { + key: 'flexDate1', + type: 'String', + len: null, + discription: 'A timestamp field available to map a timestamp that ' + + 'does not apply to any other defined timestamp field in this ' + + 'dictionary. Use all flex fields sparingly and seek a more ' + + 'specific, dictionary supplied field when possible. These ' + + 'fields are typically reserved for customer use and should not ' + + 'be set by vendors unless necessary.', + }, + flexDate1Label: { + key: 'flexDate1Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + flexString1: { + key: 'flexString1', + type: 'String', + len: 1023, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. These fields are typically reserved for ' + + 'customer use and should not be set by vendors unless ' + + 'necessary.', + }, + flexString1Label: { + key: 'flexString1 Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + flexString2: { + key: 'flexString2', + type: 'String', + len: 1023, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. These fields are typically reserved for ' + + 'customer use and should not be set by vendors unless ' + + 'necessary.', + }, + flexString2Label: { + key: 'flex String2Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + filename: { + key: 'fname', + type: 'String', + len: 1023, + discription: 'Name of the file only (without its path).', + }, + fileSize: { + key: 'fsize', + type: 'Number', + len: null, + discription: 'Size of the file.', + }, + bytesIn: { + key: 'in', + type: 'Number', + len: null, + discription: 'Number of bytes transferred inbound, relative to the ' + + 'source to destination relationship, meaning that data was ' + + 'flowing from source to destination.', + }, + message: { + key: 'msg', + type: 'String', + len: 1023, + discription: 'An arbitrary message giving more details about the ' + + 'event. Multi-line entries can be produced by using \n as the ' + + 'new line separator.', + }, + oldFileCreateTime: { + key: 'oldFileCreate Time', + type: 'String', + len: null, + discription: 'Time when old file was created.', + }, + oldFileHash: { + key: 'oldFileHash', + type: 'String', + len: 255, + discription: 'Hash of the old file.', + }, + oldFileId: { + key: 'oldFileId', + type: 'String', + len: 1023, + discription: 'An ID associated with the old file could be the ' + + 'inode.', + }, + oldFileModificationTime: { + key: 'oldFile Modification Time', + type: 'String', + len: null, + discription: 'Time when old file was last modified.', + }, + oldFileName: { + key: 'oldFileName', + type: 'String', + len: 1023, + discription: 'Name of the old file.', + }, + oldFilePath: { + key: 'oldFilePath', + type: 'String', + len: 1023, + discription: 'Full path to the old fiWindowsNT\\Accessories le, ' + + 'including the file name itself. Examples: c:\\Program ' + + 'Files\\wordpad.exe or /usr/bin/zip', + }, + oldFileSize: { + key: 'oldFileSize', + type: 'Number', + len: null, + discription: 'Size of the old file.', + }, + oldFileType: { + key: 'oldFileType', + type: 'String', + len: 1023, + discription: 'Type of the old file (pipe, socket, etc.)', + }, + bytesOut: { + key: 'out', + type: 'Number', + len: null, + discription: 'Number of bytes transferred outbound relative to the ' + + 'source to destination relationship. For example, the byte ' + + 'number of data flowing from the destination to the source.', + }, + eventOutcome: { + key: 'outcome', + type: 'String', + len: 63, + discription: 'Displays the outcome, usually as ‘success’ or ' + + '‘failure’.', + }, + transportProtocol: { + key: 'proto', + type: 'String', + len: 31, + discription: 'Identifies the Layer-4 protocol used. The possible ' + + 'values are protocols such as TCP or UDP.', + }, + Reason: { + key: 'reason', + type: 'String', + len: 1023, + discription: 'The reason an audit event was generated. For ' + + 'example “badd password” or “unknown user”. This could also be ' + + 'an error or return code. Example: “0x1234”', + }, + requestUrl: { + key: 'request', + type: 'String', + len: 1023, + discription: 'In the case of an HTTP request, this field contains ' + + 'the URL accessed. The URL should contain the protocol as ' + + 'well. Example: “http://www/secure.com”', + }, + requestClientApplication: { + key: 'requestClient Application', + type: 'String', + len: 1023, + discription: 'The User-Agent associated with the request.', + }, + requestContext: { + key: 'requestContext', + type: 'String', + len: 2048, + discription: 'Description of the content from which the request ' + + 'originated (for example, HTTP Referrer)', + }, + requestCookies: { + key: 'requestCookies', + type: 'String', + len: 1023, + discription: 'Cookies associated with the request.', + }, + requestMethod: { + key: 'requestMethod', + type: 'String', + len: 1023, + discription: 'The method used to access a URL. Possible values: ' + + '“POST”, “GET”, etc.', + }, + deviceReceiptTime: { + key: 'rt', + type: 'String', + len: null, + discription: 'The time at which the event related to the activity ' + + 'was received. The format is MMM dd yyyy HH:mm:ss or ' + + 'milliseconds since epoch (Jan 1st 1970)', + }, + sourceHostName: { + key: 'shost', + type: 'String', + len: 1023, + discription: 'Identifies the source that an event refers to in an ' + + 'IP network. The format should be a fully qualified domain ' + + 'name (DQDN) associated with the source node, when a mode is ' + + 'available. Examples: “host” or “host.domain.com”.', + }, + sourceMacAddress: { + key: 'smac', + type: 'String', + len: null, + discription: 'Six colon-separated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + sourceNtDomain: { + key: 'sntdom', + type: 'String', + len: 255, + discription: 'The Windows domain name for the source address.', + }, + sourceDnsDomain: { + key: 'sourceDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + sourceServiceName: { + key: 'source ServiceName', + type: 'String', + len: 1023, + discription: 'The service that is responsible for generating this ' + + 'event.', + }, + sourceTranslatedAddress: { + key: 'source Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated source that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”.', + }, + sourceTranslatedPort: { + key: 'source TranslatedPort', + type: 'Number', + len: null, + discription: 'A port number after being translated by, for ' + + 'example, a firewall. Valid port numbers are 0 to 65535.', + }, + sourceProcessId: { + key: 'spid', + type: 'Number', + len: null, + discription: 'The ID of the source process associated with the ' + + 'event.', + }, + sourceUserPrivileges: { + key: 'spriv', + type: 'String', + len: 1023, + discription: 'The typical values are “Administrator”, “User”, and ' + + '“Guest”. It identifies the source user’s privileges. In UNIX, ' + + 'for example, activity executed by the root user would be ' + + 'identified with “Administrator”.', + }, + sourceProcessName: { + key: 'sproc', + type: 'String', + len: 1023, + discription: 'The name of the event’s source process.', + }, + sourcePort: { + key: 'spt', + type: 'Number', + len: null, + discription: 'The valid port numbers are 0 to 65535.', + }, + sourceAddress: { + key: 'src', + type: 'String', + len: null, + discription: 'Identifies the source that an event refers to in an ' + + 'IP network. The format is an IPv4 address. Example: ' + + '“192.168.10.1”.', + }, + startTime: { + key: 'start', + type: 'String', + len: null, + discription: 'The time when the activity the event referred to ' + + 'started. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + + 'since epoch (Jan 1st 1970)', + }, + sourceUserId: { + key: 'suid', + type: 'String', + len: 1023, + discription: 'Identifies the source user by ID. This is the user ' + + 'associated with the source of the event. For example, in ' + + 'UNIX, the root user is generally associated with user ID 0.', + }, + sourceUserName: { + key: 'suser', + type: 'String', + len: 1023, + discription: 'Identifies the source user by name. Email addresses ' + + 'are also mapped into the UserName fields. The sender is a ' + + 'candidate to put into this field.', + }, + type: { + key: 'type', + type: 'Number', + len: null, + discription: '0 means base event, 1 means aggregated, 2 means ' + + 'correlation, and 3 means action. This field can be omitted ' + + 'for base events (type 0).', + }, + agentDnsDomain: { + key: 'agentDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain name of the ArcSight connector that ' + + 'processed the event.', + }, + agentNtDomain: { + key: 'agentNtDomain', + type: 'String', + len: 255, + discription: '', + }, + agentTranslatedAddress: { + key: 'agentTranslated Address', + type: 'String', + len: null, + discription: '', + }, + 'agentTranslatedZone ExternalID': { + key: 'agentTranslated ZoneExternalID', + type: 'String', + len: 200, + discription: '', + }, + agentTranslatedZoneURI: { + key: 'agentTranslated Zone URI', + type: 'String', + len: 2048, + discription: '', + }, + agentZoneExternalID: { + key: 'agentZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + agentZoneURI: { + key: 'agentZoneURI', + type: 'String', + len: 2048, + discription: '', + }, + agentAddress: { + key: 'agt', + type: 'String', + len: null, + discription: 'The IP address of the ArcSight connector that ' + + 'processed the event.', + }, + agentHostName: { + key: 'ahost', + type: 'String', + len: 1023, + discription: 'The hostname of the ArcSight connector that ' + + 'processed the event.', + }, + agentId: { + key: 'aid', + type: 'String', + len: 40, + discription: 'The agent ID of the ArcSight connector that ' + + 'processed the event.', + }, + agentMacAddress: { + key: 'amac', + type: 'String', + len: null, + discription: 'The MAC address of the ArcSight connector that ' + + 'processed the event.', + }, + agentReceiptTime: { + key: 'art', + type: 'String', + len: null, + discription: 'The time at which information about the event was ' + + 'received by the ArcSight connector.', + }, + agentType: { + key: 'at', + type: 'String', + len: 63, + discription: 'The agent type of the ArcSight connector that ' + + 'processed the event', + }, + agentTimeZone: { + key: 'atz', + type: 'String', + len: 255, + discription: 'The agent time zone of the ArcSight connector that ' + + 'processed the event.', + }, + agentVersion: { + key: 'av', + type: 'String', + len: 31, + discription: 'The version of the ArcSight connector that processed ' + + 'the event.', + }, + customerExternalID: { + key: 'customer ExternalID', + type: 'String', + len: 200, + discription: '', + }, + customerURI: { + key: 'customerURI', + type: 'String', + len: 2048, + discription: '', + }, + 'destinationTranslated ZoneExternalID': { + key: 'destination TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + 'destinationTranslated ZoneURI': { + key: 'destination Translated ZoneURI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the destination ' + + 'asset has been assigned to in ArcSight.', + }, + destinationZoneExternalID: { + key: 'destinationZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + destinationZoneURI: { + key: 'destinationZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Zone that the destination asset has ' + + 'been assigned to in ArcSight.', + }, + 'deviceTranslatedZone ExternalID': { + key: 'device TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + deviceTranslatedZoneURI: { + key: 'device TranslatedZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the device ' + + 'asset has been assigned to in ArcSight.', + }, + deviceZoneExternalID: { + key: 'deviceZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + deviceZoneURI: { + key: 'deviceZoneURI', + type: 'String', + len: 2048, + discription: 'Thee URI for the Zone that the device asset has been ' + + 'assigned to in ArcSight.', + }, + destinationGeoLatitude: { + key: 'dlat', + type: 'Number', + len: null, + discription: 'The latitudinal value from which the ' + + 'destination’s IP address belongs.', + }, + destinationGeoLongitude: { + key: 'dlong', + type: 'Number', + len: null, + discription: 'The longitudinal value from which the destination’s ' + + 'IP address belongs.', + }, + eventId: { + key: 'eventId', + type: 'Number', + len: null, + discription: 'This is a unique ID that ArcSight assigns to each ' + + 'event.', + }, + rawEvent: { + key: 'rawEvent', + type: 'String', + len: 4000, + discription: '', + }, + sourceGeoLatitude: { + key: 'slat', + type: 'Number', + len: null, + discription: '', + }, + sourceGeoLongitude: { + key: 'slong', + type: 'Number', + len: null, + discription: '', + }, + 'sourceTranslatedZone ExternalID': { + key: 'source TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + sourceTranslatedZoneURI: { + key: 'source TranslatedZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the destination ' + + 'asset has been assigned to in ArcSight.', + }, + sourceZoneExternalID: { + key: 'sourceZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + sourceZoneURI: { + key: 'sourceZoneURI', + type: 'String', + len: 2048, + discription: 'The URI for the Zone that the source asset has been ' + + 'assigned to in ArcSight.' }, }; if (typeof this.deviceVendor !== 'string' || typeof this.deviceProduct !== 'string' @@ -2588,10 +3614,10 @@ const cefExtsLen = cefExts.length; for (let ext = 0; ext < cefExtsLen; ext++) { if (cefExts[ext][1] !== null) { - if(Extensions[cefExts[ext][0]]) { + if (Extensions[cefExts[ext][0]]) { if (typeof cefExts[ext][1] === Extensions[cefExts[ext][0]] - .type - .toLowerCase()) { + .type + .toLowerCase()) { if (Extensions[cefExts[ext][0]].len > 0 && typeof cefExts[ext][1] === 'string' && cefExts[ext][1].length > Extensions[cefExts[ext][0]].len){ @@ -2621,9 +3647,10 @@ * Build a CEF formated string * @public * @return {Promise} - String with formated message - */ - buildMessage () { - return new Promise((resolve, reject) => { + */ + buildMessage() { + return new Promise((resolve, + reject) => { let fmtMsg = 'CEF:0'; fmtMsg += '|' + this.deviceVendor; fmtMsg += '|' + this.deviceProduct; @@ -2632,7 +3659,7 @@ fmtMsg += '|' + this.name; fmtMsg += '|' + this.severity; fmtMsg += '|'; - + const cefExts = Object.entries(this.extensions); const cefExtsLen = cefExts.length; for (let ext = 0; ext < cefExtsLen; ext++) { @@ -2646,11 +3673,12 @@ /** * @public * @param {Syslog} [options=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - send (options) { - return new Promise((resolve, reject) => { + send(options) { + return new Promise((resolve, + reject) => { this.buildMessage() .then((result) => { if (!this.server) { @@ -2671,10 +3699,10 @@ module.exports = { RgbToAnsi: rgbToAnsi, RFC3164: RFC3164, - RFC5424:RFC5424, + RFC5424: RFC5424, LEEF: LEEF, CEF: CEF, - Syslog: Syslog + Syslog: Syslog, };
    • diff --git a/docs/index.html b/docs/index.html index b32fda9..cd50c30 100644 --- a/docs/index.html +++ b/docs/index.html @@ -167,7 +167,7 @@ changed functionality. Lint and test your code.


    - Documentation generated by JSDoc 3.5.5 on Tue Sep 25 2018 19:37:57 GMT+0000 (Coordinated Universal Time) using the docdash theme. + Documentation generated by JSDoc 3.5.5 on Mon Oct 15 2018 00:40:26 GMT+0000 (Coordinated Universal Time) using the docdash theme.
    diff --git a/docs/index.js.html b/docs/index.js.html index 19d01e6..bfe9a0d 100644 --- a/docs/index.js.html +++ b/docs/index.js.html @@ -46,13 +46,13 @@ /** * @fileoverview The SyslogPro module for sending syslog messages - * Most APIs will return a promise. These APIs can be used using + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` * - * Syslog formatting classes can be used as input into a Syslog class to be used + * Syslog formatting classes can be used as input into a Syslog class to be used * simultaneously to the same Syslog server. The Syslog Class with a configured - * Syslog server target can also be used as the input into each of the formatting - * classes so that they may run independently. + * Syslog server target can also be used as the input into each of the + * formatting classes so that they may run independently. * @author Craig Yamato <craig@kentik.com> * @copyright (c) 2018 - Craig Yamato * @version 0.1.0 @@ -61,12 +61,12 @@ * @exports CEF * @module SyslogPro */ -"use strict"; +'use strict'; const moment = require('moment'); -const os = require("os"); +const os = require('os'); const dns = require('dns'); let dnsPromises = dns.promises; -const fs = require("fs"); +const fs = require('fs'); /** * Format the ANSI foreground color code from a RGB hex code or ANSI color code @@ -76,9 +76,10 @@ const fs = require("fs"); * @returns {Promise} - The formatted ANSI color code * @throws {Error} - A Format Error */ -function rgbToAnsi (hex, extendedColor) { +function rgbToAnsi(hex, + extendedColor) { return new Promise((resolve, reject) => { - let colorCode = 0; // Var to hold color code + let colorCode = 0; // Var to hold color code // Break HEX Code up into RGB const hexParts = /^#?([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i.exec(hex); if (hexParts || typeof hex === 'number') { @@ -88,7 +89,7 @@ function rgbToAnsi (hex, extendedColor) { } else if ((hex > 29 && hex < 38) || (hex > 89 && hex < 98)) { resolve(hex); } else { - reject (new Error('FORMAT ERROR: Color code not in range')); + reject(new Error('FORMAT ERROR: Color code not in range')); } } else { const r = parseInt(hexParts[1], 16); @@ -97,18 +98,18 @@ function rgbToAnsi (hex, extendedColor) { if (extendedColor) { if (r === g && g === b) { // Gray Scale Color - if (r < 8) { - colorCode = 16; - } else if (r > 248) { - colorCode = 231; - } else { - colorCode = Math.round(((r - 8) / 247) * 24) + 232; - } + if (r < 8) { + colorCode = 16; + } else if (r > 248) { + colorCode = 231; + } else { + colorCode = Math.round(((r - 8) / 247) * 24) + 232; + } } else { colorCode = 16 - + (36 * Math.round(r / 255 * 5)) - + (6 * Math.round(g / 255 * 5)) - + Math.round(b / 255 * 5); + + (36 * Math.round(r / 255 * 5)) + + (6 * Math.round(g / 255 * 5)) + + Math.round(b / 255 * 5); } } else { colorCode = 30; @@ -137,58 +138,58 @@ function rgbToAnsi (hex, extendedColor) { } /** - * A class to work with syslog messages using UDP, TCP, or TLS transport. - * There is support for Syslog message formatting RFC-3164, RFC-5424 including + * A class to work with syslog messages using UDP, TCP, or TLS transport. + * There is support for Syslog message formatting RFC-3164, RFC-5424 including * Structured Data, IBM LEEF (Log Event Extended Format), and HP CEF (Common * Event Format). - * Syslog formatting classes can be used as input into a Syslog class to be used - * simultaneously to the same Syslog server. * + * Syslog formatting classes can be used as input into a Syslog class to be used + * simultaneously to the same Syslog server. * * @requires moment * @version 0.0.0 * @since 0.0.0 */ class Syslog { /** - * Construct a new Syslog transport object with user options + * Construct a new Syslog transport object with user options * @public * @version 0.0.0 * @since 0.0.0 * @this Syslog * @param {object} [options] - Options object * >>>Transport Configuration - * @param {string} [options.target='localhost'] - The IP Address|FQDN of the - * Syslog Server, this option if set will take presidents over any target + * @param {string} [options.target='localhost'] - The IP Address|FQDN of the + * Syslog Server, this option if set will take presidents over any target * set in a formatting object - * @param {string} [options.protocol='udp'] - L4 transport protocol - * (udp|tcp|tls), this option if set will take presidents over any transport - * set in a formatting object - * @param {number} [options.port=514] - IP port, this option if set will take + * @param {string} [options.protocol='udp'] - L4 transport protocol + * (udp|tcp|tls), this option if set will take presidents over any + * transport set in a formatting object + * @param {number} [options.port=514] - IP port, this option if set will take * presidents over any IP Port set in a formatting object - * @param {number} [options.tcpTimeout=10000] - Ignored for all other - * transports, this option if set will take presidents over any timeout + * @param {number} [options.tcpTimeout=10000] - Ignored for all other + * transports, this option if set will take presidents over any timeout * set in a formatting object * @param {string[]} [options.tlsServerCerts] - Array of authorized TLS server - * certificates file locations, this option if set will take presidents + * certificates file locations, this option if set will take presidents * over any certificates set in a formatting object - * @param {string} [options.tlsClientCert] - Client TLS certificate file - * location that this client should use, this option if set will take + * @param {string} [options.tlsClientCert] - Client TLS certificate file + * location that this client should use, this option if set will take * presidents over any certificates set in a formatting object - * @param {string} [options.tlsClientKey] - Client TLS key file - * location that this client should use, this option if set will take + * @param {string} [options.tlsClientKey] - Client TLS key file + * location that this client should use, this option if set will take * presidents over any certificates set in a formatting object * >>>Syslog Format Settings - * @param {string} [options.format='none'] - Valid syslog format options for + * @param {string} [options.format='none'] - Valid syslog format options for * this module are 'none', 'rfc3164', 'rfc5424', 'leef', 'cef' * @param {RFC3164} [options.rfc5424] - {@link module:SyslogPro~RFC5424| * RFC5424 related settings} * @param {RFC5424} [options.rfc5424] - {@link module:SyslogPro~RFC5424| * RFC5424 related settings} - * @param {LEEF} [options.leef] - {@link module:SyslogPro~LEEF|IBM LEEF - * (Log Event Extended Format) object} - * @param {CEF} [options.cef] - {@link module:SyslogPro~CEF|HP CEF - * (Common Event Format) formatting object} + * @param {LEEF} [options.leef] - {@link module:SyslogPro~LEEF|IBM LEEF + * (Log Event Extended Format) object} + * @param {CEF} [options.cef] - {@link module:SyslogPro~CEF|HP CEF + * (Common Event Format) formatting object} */ - constructor (options) { + constructor(options) { this.constructor__ = true; if (!options) { options = {}; @@ -203,21 +204,21 @@ class Syslog { this.port = options.port || 514; /** @type {number} */ this.tcpTimeout = options.tcpTimeout || 10000; - if ((typeof options.tlsServerCerts === 'object' + if ((typeof options.tlsServerCerts === 'object' && Array.isArray(options.tlsServerCerts)) || typeof options.tlsServerCerts === 'string') { - this.addTlsServerCerts(options.tlsServerCerts); + this.addTlsServerCerts(options.tlsServerCerts); } else { /** @type {string[]} */ this.tlsServerCerts = []; } if (options.tlsClientCert) { /** @type {string} */ - this.tlsClientCert = options.tlsClientCert; + this.tlsClientCert = options.tlsClientCert; } if (options.tlsClientKey) { /** @type {string} */ - this.tlsClientKey = options.tlsClientKey; + this.tlsClientKey = options.tlsClientKey; } // Syslog Format if (typeof options.format === 'string') { @@ -271,9 +272,9 @@ class Syslog { this.cef = new CEF(); } } - + /** - * Add a TLS server certificate which can be used to authenticate the server + * Add a TLS server certificate which can be used to authenticate the server * this syslog client is connecting too. This function will validate the * input as a file location string and add it to an array of certificates * @private @@ -283,7 +284,7 @@ class Syslog { * @returns {Promise} - True * @throws {Error} - A Type Error */ - addTlsServerCerts (certs) { + addTlsServerCerts(certs) { return new Promise((resolve, reject) => { if (typeof certs === 'object' && Array.isArray(certs)) { /** @private @type {string[]} */ @@ -291,7 +292,8 @@ class Syslog { } else if (typeof certs === 'string') { this.tlsServerCerts = [certs]; } else { - let errMsg = 'TYPE ERROR: Server Cert file locations should be a string'; + let errMsg = + 'TYPE ERROR: Server Cert file locations should be a string'; errMsg += ' or array of strings'; reject(new Error(errMsg)); } @@ -305,26 +307,27 @@ class Syslog { * @returns {Promise} - The Syslog formatted string sent * @throws {Error} - Network Error */ - udpMessage (msg) { + udpMessage(msg) { return new Promise((resolve, reject) => { - const dgram = require('dgram');// Test for target DNS and Address Family (IPv4/6) by looking up the DNS + // Test for target DNS and Address Family (IPv4/6) by looking up the DNS + const dgram = require('dgram'); const dnsOptions = { - verbatim: true + verbatim: true, }; dnsPromises.lookup(this.target, dnsOptions) - .then((result) => { - const udpType = result.family === 4 ? 'udp4' : 'udp6'; - let client = dgram.createSocket(udpType); - // Turn msg in to a UTF8 buffer - let msgBuffer = Buffer.from(msg, 'utf8'); - client.send(msgBuffer, this.port, this.target, (error) => { - client.close(); - resolve(msg); - }); - }) - .catch((error) => { - reject(error); // Reject out of the sendMessage function promise + .then((result) => { + const udpType = result.family === 4 ? 'udp4' : 'udp6'; + let client = dgram.createSocket(udpType); + // Turn msg in to a UTF8 buffer + let msgBuffer = Buffer.from(msg, 'utf8'); + client.send(msgBuffer, this.port, this.target, () => { + client.close(); + resolve(msg); }); + }) + .catch((error) => { + reject(error); // Reject out of the sendMessage function promise + }); }); } /** @@ -335,42 +338,42 @@ class Syslog { * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - tcpMessage (msg) { + tcpMessage(msg) { return new Promise((resolve, reject) => { const net = require('net'); const dnsOptions = { - verbatim: true + verbatim: true, }; dnsPromises.lookup(this.target, dnsOptions) - .then((result) => { - const tcpOptions = { - host: this.target, - port: this.port, - family: result.family - }; - const client = net.createConnection(tcpOptions, () => { - // Turn msg in to a UTF8 buffer - let msgBuffer = Buffer.from(msg, 'utf8'); - client.write(msgBuffer, () => { - client.end(); - }); - }); - client.setTimeout(this.tcpTimeout); - client.on('end', () => { - resolve(msg); - }); - client.on('timeout', () => { + .then((result) => { + const tcpOptions = { + host: this.target, + port: this.port, + family: result.family, + }; + const client = net.createConnection(tcpOptions, () => { + // Turn msg in to a UTF8 buffer + let msgBuffer = Buffer.from(msg, 'utf8'); + client.write(msgBuffer, () => { client.end(); - reject(new Error('TIMEOUT ERROR: Syslog server TCP timeout')); }); - client.on('error', (error) => { - client.destroy(); - reject(error); - }); - }) - .catch((error) => { + }); + client.setTimeout(this.tcpTimeout); + client.on('end', () => { + resolve(msg); + }); + client.on('timeout', () => { + client.end(); + reject(new Error('TIMEOUT ERROR: Syslog server TCP timeout')); + }); + client.on('error', (error) => { + client.destroy(); reject(error); }); + }) + .catch((error) => { + reject(error); + }); }); } /** @@ -381,7 +384,7 @@ class Syslog { * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - tlsMessage (msg) { + tlsMessage(msg) { return new Promise((resolve, reject) => { const tls = require('tls'); const tlsOptions = { @@ -389,17 +392,17 @@ class Syslog { port: this.port, }; // Load client cert and key if requested - if (typeof this.tlsClientKey === 'string' + if (typeof this.tlsClientKey === 'string' && typeof this.tlsClientCert === 'string') { tlsOptions.key = fs.readFileSync(this.tlsClientKey); - tlsOptions.cert = fs.readFileSync(this.tlsClientCert); - } else if (typeof this.tlsClientKey !== 'string' + tlsOptions.cert = fs.readFileSync(this.tlsClientCert); + } else if (typeof this.tlsClientKey !== 'string' && typeof this.tlsClientKey !== 'undefined') { let errMsg = 'TYPE ERROR: TLS Client Key is not a file'; errMsg += 'location string'; reject(new Error(errMsg)); return; - } else if (typeof this.tlsClientCert !== 'string' + } else if (typeof this.tlsClientCert !== 'string' && typeof this.tlsClientCert !== 'undefined') { let errMsg = 'TYPE ERROR: TLS Client Cert is not a file'; errMsg += 'location string'; @@ -410,7 +413,7 @@ class Syslog { let tlsCerts = this.tlsServerCerts.length; if (tlsCerts > 0) { let tlsOptionsCerts = []; - for (let certIndex=0; certIndex<tlsCerts; certIndex++) { + for (let certIndex = 0; certIndex < tlsCerts; certIndex++) { if (typeof this.tlsServerCerts[certIndex] !== 'string') { let errMsg = 'TYPE ERROR: TLS Server Cert is not a file'; errMsg += 'location string'; @@ -440,11 +443,11 @@ class Syslog { client.on('error', (error) => { client.destroy(); reject(error); - }); + }); }); } /** - * Send the Syslog message to the selected target Syslog server using the + * Send the Syslog message to the selected target Syslog server using the * selected transport. * @private * @param {string} msg - The formatted Syslog Message @@ -452,37 +455,37 @@ class Syslog { * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - send (msg) { + send(msg) { return new Promise((resolve, reject) => { if (typeof msg !== 'string') { - reject(new Error("TYPE ERROR: Syslog message must be a string")); + reject(new Error('TYPE ERROR: Syslog message must be a string')); return; } this.protocol = this.protocol.toLowerCase(); if (this.protocol === 'udp') { this.udpMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else if (this.protocol === 'tcp') { this.tcpMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else if (this.protocol === 'tls') { this.tlsMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else { let errorMsg = 'FORMAT ERROR: Protocol not recognized, should be '; errorMsg += 'udp|tcp|tls'; @@ -491,18 +494,18 @@ class Syslog { }); } } - + /** - * A class to work with RFC3164 formatted syslog messages. The messaging is fully configurable and ANSI foreground - * colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. - * Most APIs will return a promise. These APIs can be used using - * `then(...)/catch(...)` - * + * A class to work with RFC3164 formatted syslog messages. The messaging is + * fully configurable and ANSI foreground colors can be added. Both ANSI 8 and + * ANSI 256 color are fully supported. Most APIs will return a promise. These + * APIs can be used using `then(...)/catch(...)` + * * A Syslog class with a configured - * Syslog server target can also be used as the input into the formatting + * Syslog server target can also be used as the input into the formatting * classes so that it may run independently. - * - * The RFC3164 Syslog logging format is meant to be used as a stream of log data + * + * The RFC3164 Syslog logging format is meant to be used as a stream of log data * from a service or application. This class is designed to be used in this * fashion where new messages are written to the class as needed. * @requires moment @@ -511,49 +514,49 @@ class Syslog { */ class RFC3164 { /** - * Construct a new RFC3164 formatted Syslog object with user options + * Construct a new RFC3164 formatted Syslog object with user options * @public * @this RFC3164 * @param {object} [options] - Options object * @param {string} [options.applacationName='NodeJSLogger'] - Application * @param {string} [options.hostname=os.hostname] - The name of this server - * @param {number} [options.facility=23] - Facility code to use sending this - * message - * @param {boolean} [options.color=false] - Apply color coding encoding tag - * with syslog message text - * @param {boolean} [options.extendedColor=false] - Use the extended ANSI - * color set encoding tag with syslog message text - * @param {object} [options.colors] - User defended colors for + * @param {number} [options.facility=23] - Facility code to use sending this + * message + * @param {boolean} [options.color=false] - Apply color coding encoding tag + * with syslog message text + * @param {boolean} [options.extendedColor=false] - Use the extended ANSI + * color set encoding tag with syslog message text + * @param {object} [options.colors] - User defended colors for * severities - * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) + * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.warningColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.informationalColor] - A RGB Hex coded color + * in the form of #FFFFFF or as or the ANSI color code number (30-37 + * Standard & 0-255 Extended) + * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -613,189 +616,189 @@ class RFC3164 { } /** * Sets the color to be used for messages at a set priority - * @public - * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @public + * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.alertColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.errorColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.warningColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.informationalColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [colors.debugColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) * @throws {Error} A standard error object */ - setColor (colors, extendedColor) { + setColor(colors, extendedColor) { return new Promise((resolve, reject) => { let colorPromises = []; if (colors.emergencyColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.emergencyColor, this.extendedColor) - .then((result) => { - this.emergencyColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'emergencyColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.emergencyColor, this.extendedColor) + .then((result) => { + this.emergencyColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'emergencyColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.alertColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.alertColor, this.extendedColor) - .then((result) => { - this.alertColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'alertColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.alertColor, this.extendedColor) + .then((result) => { + this.alertColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'alertColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.criticalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.criticalColor, this.extendedColor) - .then((result) => { - this.criticalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'criticalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.criticalColor, this.extendedColor) + .then((result) => { + this.criticalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'criticalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.errorColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.errorColor, this.extendedColor) - .then((result) => { - this.errorColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'errorColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.errorColor, this.extendedColor) + .then((result) => { + this.errorColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'errorColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.warningColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.warningColor, this.extendedColor) - .then((result) => { - this.warningColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'warningColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.warningColor, this.extendedColor) + .then((result) => { + this.warningColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'warningColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.noticeColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.noticeColor, this.extendedColor) - .then((result) => { - this.noticeColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'noticeColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.noticeColor, this.extendedColor) + .then((result) => { + this.noticeColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'noticeColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.informationalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.informationalColor, this.extendedColor) - .then((result) => { - this.informationalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'informationalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.informationalColor, this.extendedColor) + .then((result) => { + this.informationalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'informationalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.debugColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.debugColor, this.extendedColor) - .then((result) => { - this.debugColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'debugColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.debugColor, this.extendedColor) + .then((result) => { + this.debugColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'debugColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } Promise.all(colorPromises) - .then((results) => { - resolve(true); - }) - .catch((reson) => { - reject(reson); - }); + .then((results) => { + resolve(true); + }) + .catch((reson) => { + reject(reson); + }); }); } /** - * Building a formatted message. Returns a promise with a formatted message + * Building a formatted message. Returns a promise with a formatted message * @public * @param {string} msg - The Syslog Message * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.colorCode=36] - The ANSI color code to use if * message coloration is selected * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - buildMessage (msg, options) { + buildMessage(msg, options) { return new Promise((resolve, reject) => { options = options || {}; - let severity = typeof options.severity === 'number' ? - options.severity : 6; + let severity = typeof options.severity === 'number' ? + options.severity : 6; if (typeof msg !== 'string' || options.msgSeverity > 7) { let errMsg = 'FORMAT ERROR: Syslog message must be a string'; errMsg += ' msgSeverity must be a number between 0 and 7'; @@ -822,15 +825,17 @@ class RFC3164 { colorCode += options.msgColor; colorCode += 'm'; // ANSI Color Closer } else { - colorCode = '[39m'; // Use terminal's default color + colorCode = '[39m'; // Use terminal's default color } msg = escapeCode + colorCode + msg + resetColor; } - // RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164 uses BSD timeformat - const rfc3164DateRegEx = /((A|D|F|J|M|N|O|S)(a|c|e|p|o|u)(b|c|g|l|n|p|r|t|v|y)\s)0(\d\s\d\d:\d\d:\d\d)/; + // RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164 + // uses BSD timeformat + const rfc3164DateRegEx = +/((A|D|F|J|M|N|O|S)(a|c|e|p|o|u)(b|c|g|l|n|p|r|t|v|y)\s)0(\d\s\d\d:\d\d:\d\d)/; const timestamp = moment() - .format('MMM DD hh:mm:ss') - .replace(rfc3164DateRegEx, '$1 $5'); + .format('MMM DD hh:mm:ss') + .replace(rfc3164DateRegEx, '$1 $5'); // Build message fmtMsg = '<' + pri + '>'; fmtMsg += timestamp; @@ -842,19 +847,19 @@ class RFC3164 { }); } /** - * send a RFC5424 formatted message. Returns a promise with the formatted - * message that was sent. If no server connection was defined when the - * class was created a default Syslog connector will be used. + * send a RFC5424 formatted message. Returns a promise with the formatted + * message that was sent. If no server connection was defined when the + * class was created a default Syslog connector will be used. * @see SyslogPro~Syslog * @public * @param {string} msg - The unformatted Syslog message to send * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.colorCode=36] - The ANSI color code to use if * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - send (msg, options) { + send(msg, options) { return new Promise((resolve, reject) => { if (!this.server) { this.server = new Syslog(); @@ -873,7 +878,7 @@ class RFC3164 { reject(error); }); }); - } + } /** * Send a syslog message with a security level of 0 (Emergency) * @public @@ -881,10 +886,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emergency (msg) { + emergency(msg) { return this.send(msg, { - severity: 0, - colorCode: this.emergencyColor + severity: 0, + colorCode: this.emergencyColor, }); } /** @@ -894,7 +899,7 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emer (msg) { + emer(msg) { return this.emergency(msg); } /** @@ -904,10 +909,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - alert (msg) { + alert(msg) { return this.send(msg, { - severity: 1, - colorCode: this.alertColor + severity: 1, + colorCode: this.alertColor, }); } /** @@ -917,10 +922,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - critical (msg) { + critical(msg) { return this.send(msg, { - severity: 2, - colorCode: this.criticalColor + severity: 2, + colorCode: this.criticalColor, }); } /** @@ -930,7 +935,7 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - crit (msg) { + crit(msg) { return this.critical(msg); } /** @@ -940,10 +945,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - error (msg) { + error(msg) { return this.send(msg, { - severity: 3, - colorCode: this.errorColor + severity: 3, + colorCode: this.errorColor, }); } /** @@ -953,7 +958,7 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - err (msg) { + err(msg) { return this.error(msg); } /** @@ -963,10 +968,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warning (msg) { + warning(msg) { return this.send(msg, { - severity: 4, - colorCode: this.warningColor + severity: 4, + colorCode: this.warningColor, }); } /** @@ -976,7 +981,7 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warn (msg) { + warn(msg) { return this.warning(msg); } /** @@ -986,10 +991,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - notice (msg) { + notice(msg) { return this.send(msg, { - severity: 5, - colorCode: this.noticeColor + severity: 5, + colorCode: this.noticeColor, }); } /** @@ -999,40 +1004,43 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - note (msg) { + note(msg) { return this.notice(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - informational (msg) { + informational(msg) { return this.send(msg, { - severity: 6, - colorCode: this.informationalColor + severity: 6, + colorCode: this.informationalColor, }); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - info (msg) { + info(msg) { return this.informational(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - log (msg) { + log(msg) { return this.informational(msg); } /** @@ -1042,25 +1050,26 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - debug (msg) { + debug(msg) { return this.send(msg, { - severity: 7, - colorCode: this.debugColor + severity: 7, + colorCode: this.debugColor, }); } } /** - * A class to work with RFC5424 formatted syslog messages. The messaging is fully configurable and ANSI foreground - * colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. - * Most APIs will return a promise. These APIs can be used using + * A class to work with RFC5424 formatted syslog messages. The messaging is + * fully configurable and ANSI foreground * colors can be added. Both ANSI 8 + * and ANSI 256 color are fully supported. + *Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * + * * A Syslog class with a configured - * Syslog server target can also be used as the input into the formatting + * Syslog server target can also be used as the input into the formatting * classes so that it may run independently. - * - * The RFC5424 Syslog logging format is meant to be used as a stream of log data + * + * The RFC5424 Syslog logging format is meant to be used as a stream of log data * from a service or application. This class is designed to be used in this * fashion where new messages are written to the class as needed. * @requires moment @@ -1069,56 +1078,56 @@ class RFC3164 { */ class RFC5424 { /** - * Construct a new RFC5424 formatted Syslog object with user options + * Construct a new RFC5424 formatted Syslog object with user options * @public * @this RFC5424 * @param {object} [options] - Options object * @param {string} [options.applacationName='NodeJSLogger'] - Application * @param {string} [options.hostname=os.hostname] - The name of this server * @param {boolean} [options.timestamp=false] - Included a Timestamp - * @param {boolean} [options.timestampUTC=false] - RFC standard is for + * @param {boolean} [options.timestampUTC=false] - RFC standard is for * local time - * @param {boolean} [options.timestampMS=false] - Timestamp with ms + * @param {boolean} [options.timestampMS=false] - Timestamp with ms * resolution * @param {boolean} [options.timestampTZ=true] - Should the timestamp * included time zone - * @param {boolean} [options.encludeStructuredData=false] - Included + * @param {boolean} [options.encludeStructuredData=false] - Included * any provided structured data - * @param {boolean} [options.utf8BOM=true] - Included the UTF8 - * @param {boolean} [options.color=false] - Included the UTF8 - * @param {boolean} [options.extendedColor=false] - Included the UTF8 - * encoding tag with syslog message text - * @param {object} [options.colors] - User defended colors for + * @param {boolean} [options.utf8BOM=true] - Included the UTF8 + * @param {boolean} [options.color=false] - Included the UTF8 + * @param {boolean} [options.extendedColor=false] - Included the UTF8 + * encoding tag with syslog message text + * @param {object} [options.colors] - User defended colors for * severities - * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) + * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.warningColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.informationalColor] - A RGB Hex coded color + * in the form of #FFFFFF or as or the ANSI color code number (30-37 + * Standard & 0-255 Extended) + * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -1213,198 +1222,198 @@ class RFC5424 { } /** * Sets the color to be used for messages at a set priority - * @public - * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @public + * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.alertColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.errorColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.warningColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.informationalColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [colors.debugColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) * @throws {Error} A standard error object */ - setColor (colors, extendedColor) { + setColor(colors, extendedColor) { return new Promise((resolve, reject) => { let colorPromises = []; if (colors.emergencyColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.emergencyColor, this.extendedColor) - .then((result) => { - this.emergencyColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'emergencyColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.emergencyColor, this.extendedColor) + .then((result) => { + this.emergencyColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'emergencyColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.alertColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.alertColor, this.extendedColor) - .then((result) => { - this.alertColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'alertColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.alertColor, this.extendedColor) + .then((result) => { + this.alertColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'alertColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.criticalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.criticalColor, this.extendedColor) - .then((result) => { - this.criticalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'criticalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.criticalColor, this.extendedColor) + .then((result) => { + this.criticalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'criticalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.errorColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.errorColor, this.extendedColor) - .then((result) => { - this.errorColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'errorColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.errorColor, this.extendedColor) + .then((result) => { + this.errorColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'errorColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.warningColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.warningColor, this.extendedColor) - .then((result) => { - this.warningColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'warningColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.warningColor, this.extendedColor) + .then((result) => { + this.warningColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'warningColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.noticeColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.noticeColor, this.extendedColor) - .then((result) => { - this.noticeColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'noticeColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.noticeColor, this.extendedColor) + .then((result) => { + this.noticeColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'noticeColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.informationalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.informationalColor, this.extendedColor) - .then((result) => { - this.informationalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'informationalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.informationalColor, this.extendedColor) + .then((result) => { + this.informationalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'informationalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.debugColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.debugColor, this.extendedColor) - .then((result) => { - this.debugColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'debugColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.debugColor, this.extendedColor) + .then((result) => { + this.debugColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'debugColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } Promise.all(colorPromises) - .then((results) => { - resolve(true); - }) - .catch((reson) => { - reject(reson); - }); + .then((results) => { + resolve(true); + }) + .catch((reson) => { + reject(reson); + }); }); } /** - * Building a formatted message. Returns a promise with a formatted message + * Building a formatted message. Returns a promise with a formatted message * @public * @param {string} msg - The Syslog Message * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.facility=23] - Facility code to use sending this - * message - * @param {string} [options.pid='-'] - The process id of the service sending - * this message - * @param {string[]} [options.structuredData] - An array of structure - * data strings conforming to the IETF/IANA defined SD-IDs or IANA - * registered SMI Network Management Private Enterprise Code SD-ID - * conforming to the format - * [name@<private enterprise number> parameter=value] - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.facility=23] - Facility code to use sending this + * message + * @param {string} [options.pid='-'] - The process id of the service sending + * this message + * @param {string[]} [options.structuredData] - An array of structure + * data strings conforming to the IETF/IANA defined SD-IDs or IANA + * registered SMI Network Management Private Enterprise Code SD-ID + * conforming to the format + * [name@<private enterprise number> parameter=value] + * @param {number} [options.colorCode=36] - The ANSI color code to use if * message coloration is selected * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - buildMessage (msg, options) { + buildMessage(msg, options) { return new Promise((resolve, reject) => { options = options || {}; - let severity = typeof options.severity === 'number' ? - options.severity : 6; + let severity = typeof options.severity === 'number' ? + options.severity : 6; if (typeof msg !== 'string' || options.severity > 7) { let errMsg = 'FORMAT ERROR: Syslog message must be a string'; errMsg += ' msgSeverity must be a number between 0 and 7'; @@ -1435,7 +1444,7 @@ class RFC5424 { colorCode += options.msgColor; colorCode += 'm'; // ANSI Color Closer } else { - colorCode = '[39m'; // Use terminal's default color + colorCode = '[39m'; // Use terminal's default color } msg = escapeCode + colorCode + msg + resetColor; } @@ -1482,7 +1491,7 @@ class RFC5424 { timeQuality += ']'; msgStructuredData.push(timeQuality); } - //Build Structured Data string + // Build Structured Data string let structuredData = '-'; const sdElementCount = msgStructuredData.length; if (this.encludeStructuredData && sdElementCount > 0) { @@ -1490,12 +1499,12 @@ class RFC5424 { let sdElements = []; const sdElementNameRegEx = /(\[)(\S*)(\s|\])/; // Loop to drop duplicates of the same SD Element name - for (let elementIndex=0; - elementIndex<sdElementCount; - elementIndex++) { - let elementName = + for (let elementIndex = 0; + elementIndex < sdElementCount; + elementIndex++) { + let elementName = msgStructuredData[elementIndex] - .match(sdElementNameRegEx)[2]; + .match(sdElementNameRegEx)[2]; if (!sdElementNames.includes(elementName)) { sdElementNames.push(elementName); sdElements.push(msgStructuredData[elementIndex]); @@ -1522,16 +1531,16 @@ class RFC5424 { }); } /** - * send a RFC5424 formatted message. Returns a promise with the formatted - * message that was sent. If no server connection was defined when the - * class was created a default Syslog connector will be used. + * send a RFC5424 formatted message. Returns a promise with the formatted + * message that was sent. If no server connection was defined when the + * class was created a default Syslog connector will be used. * @see SyslogPro~Syslog * @public * @param {string} msg - The unformatted Syslog message to send * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - send (msg, options) { + send(msg, options) { return new Promise((resolve, reject) => { if (!this.server) { this.server = new Syslog(); @@ -1558,10 +1567,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emergency (msg) { + emergency(msg) { return this.send(msg, { - severity: 0, - colorCode: this.emergencyColor + severity: 0, + colorCode: this.emergencyColor, }); } /** @@ -1571,7 +1580,7 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emer (msg) { + emer(msg) { return this.emergency(msg); } /** @@ -1581,10 +1590,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - alert (msg) { + alert(msg) { return this.send(msg, { - severity: 1, - colorCode: this.alertColor + severity: 1, + colorCode: this.alertColor, }); } /** @@ -1594,10 +1603,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - critical (msg) { + critical(msg) { return this.send(msg, { - severity: 2, - colorCode: this.criticalColor + severity: 2, + colorCode: this.criticalColor, }); } /** @@ -1607,7 +1616,7 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - crit (msg) { + crit(msg) { return this.critical(msg); } /** @@ -1617,10 +1626,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - error (msg) { + error(msg) { return this.send(msg, { - severity: 3, - colorCode: this.errorColor + severity: 3, + colorCode: this.errorColor, }); } /** @@ -1630,7 +1639,7 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - err (msg) { + err(msg) { return this.error(msg); } /** @@ -1640,10 +1649,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warning (msg) { + warning(msg) { return this.send(msg, { - severity: 4, - colorCode: this.warningColor + severity: 4, + colorCode: this.warningColor, }); } /** @@ -1653,7 +1662,7 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warn (msg) { + warn(msg) { return this.warning(msg); } /** @@ -1663,10 +1672,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - notice (msg) { + notice(msg) { return this.send(msg, { - severity: 5, - colorCode: this.noticeColor + severity: 5, + colorCode: this.noticeColor, }); } /** @@ -1676,40 +1685,43 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - note (msg) { + note(msg) { return this.notice(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - informational (msg) { + informational(msg) { return this.send(msg, { - severity: 6, - colorCode: this.informationalColor + severity: 6, + colorCode: this.informationalColor, }); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - info (msg) { + info(msg) { return this.informational(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - log (msg) { + log(msg) { return this.informational(msg); } /** @@ -1719,26 +1731,26 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - debug (msg) { + debug(msg) { return this.send(msg, { - severity: 7, - colorCode: this.debugColor + severity: 7, + colorCode: this.debugColor, }); } } - + /** * A class to work with IBM LEEF (Log Event Extended Format) messages this form * of system messages are designed to work with security systems. Messages can - * be saved to file (Saving to file if not part of this module but a LEEF - * formatted message produced by this module can be saved externally to it) or - * sent via Syslog. - * Most APIs will return a promise. These APIs can be used using + * be saved to file (Saving to file if not part of this module but a LEEF + * formatted message produced by this module can be saved externally to it) or + * sent via Syslog. + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * - * A Syslog class with a configured Syslog server target can also be used as - * the input into the formatting classes so that it may run independently. The - * LEEF format is designed to send event data to a SIEM system and should not + * + * A Syslog class with a configured Syslog server target can also be used as + * the input into the formatting classes so that it may run independently. The + * LEEF format is designed to send event data to a SIEM system and should not * be as a logging stream. This class is meant to be used once per message. * @requires moment * @version 0.0.0 @@ -1751,22 +1763,22 @@ class LEEF { * @param {object} [options] - Options object * @param {string} [options.vendor='unknown'] - The vendor of the system that * generated the event being reported - * @param {string} [options.product='unknown'] - The product name of the + * @param {string} [options.product='unknown'] - The product name of the * system that genrated the event being reported - * @param {string} [options.version='unknown'] - The version name of the + * @param {string} [options.version='unknown'] - The version name of the * system that genrated the event being reported - * @param {string} [options.eventId='unknown'] - The eventId of the + * @param {string} [options.eventId='unknown'] - The eventId of the * system that genrated the event being reported - * @param {object} [options.attributes] - LEEF message attributes which + * @param {object} [options.attributes] - LEEF message attributes which * defaults to all base attributes with null values, new attributes should * be added as new elements to this object - * @param {boolean} [options.syslogHeader='true'] - Should the LEEF message + * @param {boolean} [options.syslogHeader='true'] - Should the LEEF message * include a Syslog header with Timestamp and source * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -1779,8 +1791,8 @@ class LEEF { /** @type {string} */ this.eventId = options.eventId || 'unknown'; /** @type {boolean} */ - this.syslogHeader = typeof options.syslogHeader === 'boolean' - ? options.syslogHeader : true; + this.syslogHeader = typeof options.syslogHeader === 'boolean' + ? options.syslogHeader : true; /** @type {object} */ this.attributes = options.attributes || { cat: null, @@ -1844,7 +1856,7 @@ class LEEF { * @public * @return {Promise} - string with formatted message */ - buildMessage () { + buildMessage() { return new Promise((resolve, reject) => { let fmtMsg = 'LEEF:2.0'; fmtMsg += '|' + this.vendor; @@ -1852,7 +1864,7 @@ class LEEF { fmtMsg += '|' + this.version; fmtMsg += '|' + this.eventId; fmtMsg += '|'; - + // Build LEEF Attributes const Tab = '\x09'; const leefAttribs = Object.entries(this.attributes); @@ -1865,14 +1877,14 @@ class LEEF { resolve(fmtMsg); }); } - + /** * @public * @param {Syslog} [options=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - send (options) { + send(options) { return new Promise((resolve, reject) => { this.buildMessage() .then((result) => { @@ -1894,42 +1906,42 @@ class LEEF { /** * A class to work with HP CEF (Common Event Format) messages. This form * of system messages are designed to work with security systems. Messages can - * be saved to file (Saving to file if not part of this module but a CEF - * formatted message produced by this module can be saved externally to it) or + * be saved to file (Saving to file if not part of this module but a CEF + * formatted message produced by this module can be saved externally to it) or * sent via Syslog. - * Most APIs will return a promise. These APIs can be used using + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * - * A Syslog class with a configured Syslog server target can also be used as - * the input into the formatting classes so that it may run independently. The CEF - * format is designed to send event data to a SIEM system and should not be as - * a logging stream. This class is meant to be used once per message. + * + * A Syslog class with a configured Syslog server target can also be used as + * the input into the formatting classes so that it may run independently. The + * CEF format is designed to send event data to a SIEM system and should not be + * as a logging stream. This class is meant to be used once per message. * @requires moment * @version 0.0.0 * @since 0.0.0 */ class CEF { /** - * Construct a new CEF formatting object with user options + * Construct a new CEF formatting object with user options * @public * @param {object} [options] - Options object - * @param {string} [options.deviceVendor='unknown'] - The vendor of the system + * @param {string} [options.deviceVendor='unknown'] - The vendor of the system * that generated the event being reported - * @param {string} [options.deviceProduct='unknown'] - The product name of the + * @param {string} [options.deviceProduct='unknown'] - The product name of the * system that genrated the event being reported - * @param {string} [options.deviceVersion='unknown'] - The version name of the + * @param {string} [options.deviceVersion='unknown'] - The version name of the * system that genrated the event being reported - * @param {string} [options.deviceEventClassId='unknown'] - The eventId of the + * @param {string} [options.deviceEventClassId='unknown'] - The eventId of the * system that genrated the event being reported - * @param {string} [options.name='unknown'] - Name of the service generating + * @param {string} [options.name='unknown'] - Name of the service generating * the notice * @param {string} [options.severity='unknown'] - Severity of the notification * @param {string} [options.extensions={}] - Any CEF Key=Value extensions * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -1947,163 +1959,163 @@ class CEF { this.severity = options.severity || 'Unknown'; /** @type {object} */ this.extensions = options.extensions || { - 'deviceAction': null, - 'applicationProtocol': null, - 'deviceCustomIPv6Address1': null, + deviceAction: null, + applicationProtocol: null, + deviceCustomIPv6Address1: null, 'deviceCustomIPv6 Address1Label': null, - 'deviceCustomIPv6Address3': null, + deviceCustomIPv6Address3: null, 'deviceCustomIPv6Address3 Label': null, 'deviceCustomIPv6 Address4': null, 'deviceCustomIPv6 Address4Label': null, - 'deviceEventCategory': null, - 'deviceCustomFloatingPoint1': null, + deviceEventCategory: null, + deviceCustomFloatingPoint1: null, 'deviceCustom FloatingPoint1Label': null, - 'deviceCustomFloatingPoint2': null, + deviceCustomFloatingPoint2: null, 'deviceCustomFloatingPoint2 Label': null, - 'deviceCustomFloatingPoint3': null, + deviceCustomFloatingPoint3: null, 'deviceCustom FloatingPoint3Label': null, - 'deviceCustomFloatingPoint4': null, + deviceCustomFloatingPoint4: null, 'deviceCustom FloatingPoint4Label': null, - 'deviceCustomNumber1': null, - 'deviceCustomNumber1Label': null, - 'DeviceCustomNumber2': null, - 'deviceCustomNumber2Label': null, - 'deviceCustomNumber3': null, - 'deviceCustomNumber3Label': null, - 'baseEventCount': null, - 'deviceCustomString1': null, - 'deviceCustomString1Label': null, - 'deviceCustomString2': null, - 'deviceCustomString2Label': null, - 'deviceCustomString3': null, - 'deviceCustomString3Label': null, - 'deviceCustomString4': null, - 'deviceCustomString4Label': null, - 'deviceCustomString5': null, - 'deviceCustomString5Label': null, - 'deviceCustomString6': null, - 'deviceCustomString6Label': null, - 'destinationDnsDomain': null, - 'destinationServiceName': null, + deviceCustomNumber1: null, + deviceCustomNumber1Label: null, + DeviceCustomNumber2: null, + deviceCustomNumber2Label: null, + deviceCustomNumber3: null, + deviceCustomNumber3Label: null, + baseEventCount: null, + deviceCustomString1: null, + deviceCustomString1Label: null, + deviceCustomString2: null, + deviceCustomString2Label: null, + deviceCustomString3: null, + deviceCustomString3Label: null, + deviceCustomString4: null, + deviceCustomString4Label: null, + deviceCustomString5: null, + deviceCustomString5Label: null, + deviceCustomString6: null, + deviceCustomString6Label: null, + destinationDnsDomain: null, + destinationServiceName: null, 'destinationTranslated Address': null, - 'destinationTranslatedPort': null, - 'deviceCustomDate1': null, - 'deviceCustomDate1Label': null, - 'deviceCustomDate2': null, - 'deviceCustomDate2Label': null, - 'deviceDirection': null, - 'deviceDnsDomain': null, - 'deviceExternalId': null, - 'deviceFacility': null, - 'deviceInboundInterface': null, - 'deviceNtDomain': null, - 'deviceOutboundInterface': null, - 'devicePayloadId': null, - 'deviceProcessName': null, - 'deviceTranslatedAddress': null, - 'destinationHostName': null, - 'destinationMacAddress': null, - 'destinationNtDomain': null, - 'destinationProcessId': null, - 'destinationUserPrivileges': null, - 'destinationProcessName': null, - 'destinationPort': null, - 'destinationAddress': null, - 'deviceTimeZone': null, - 'destinationUserId': null, - 'destinationUserName': null, - 'deviceAddress': null, - 'deviceHostName': null, - 'deviceMacAddress': null, - 'deviceProcessId': null, - 'endTime': null, - 'externalId': null, - 'fileCreateTime': null, - 'fileHash': null, - 'fileId': null, - 'fileModificationTime': null, - 'filePath': null, - 'filePermission': null, - 'fileType': null, - 'flexDate1': null, - 'flexDate1Label': null, - 'flexString1': null, - 'flexString1Label': null, - 'flexString2': null, - 'flexString2Label': null, - 'filename': null, - 'fileSize': null, - 'bytesIn': null, - 'message': null, - 'oldFileCreateTime': null, - 'oldFileHash': null, - 'oldFileId': null, - 'oldFileModificationTime': null, - 'oldFileName': null, - 'oldFilePath': null, - 'oldFileSize': null, - 'oldFileType': null, - 'bytesOut': null, - 'eventOutcome': null, - 'transportProtocol': null, - 'Reason': null, - 'requestUrl': null, - 'requestClientApplication': null, - 'requestContext': null, - 'requestCookies': null, - 'requestMethod': null, - 'deviceReceiptTime': null, - 'sourceHostName': null, - 'sourceMacAddress': null, - 'sourceNtDomain': null, - 'sourceDnsDomain': null, - 'sourceServiceName': null, - 'sourceTranslatedAddress': null, - 'sourceTranslatedPort': null, - 'sourceProcessId': null, - 'sourceUserPrivileges': null, - 'sourceProcessName': null, - 'sourcePort': null, - 'sourceAddress': null, - 'startTime': null, - 'sourceUserId': null, - 'sourceUserName': null, - 'type': null, - 'agentDnsDomain': null, - 'agentNtDomain': null, - 'agentTranslatedAddress': null, + destinationTranslatedPort: null, + deviceCustomDate1: null, + deviceCustomDate1Label: null, + deviceCustomDate2: null, + deviceCustomDate2Label: null, + deviceDirection: null, + deviceDnsDomain: null, + deviceExternalId: null, + deviceFacility: null, + deviceInboundInterface: null, + deviceNtDomain: null, + deviceOutboundInterface: null, + devicePayloadId: null, + deviceProcessName: null, + deviceTranslatedAddress: null, + destinationHostName: null, + destinationMacAddress: null, + destinationNtDomain: null, + destinationProcessId: null, + destinationUserPrivileges: null, + destinationProcessName: null, + destinationPort: null, + destinationAddress: null, + deviceTimeZone: null, + destinationUserId: null, + destinationUserName: null, + deviceAddress: null, + deviceHostName: null, + deviceMacAddress: null, + deviceProcessId: null, + endTime: null, + externalId: null, + fileCreateTime: null, + fileHash: null, + fileId: null, + fileModificationTime: null, + filePath: null, + filePermission: null, + fileType: null, + flexDate1: null, + flexDate1Label: null, + flexString1: null, + flexString1Label: null, + flexString2: null, + flexString2Label: null, + filename: null, + fileSize: null, + bytesIn: null, + message: null, + oldFileCreateTime: null, + oldFileHash: null, + oldFileId: null, + oldFileModificationTime: null, + oldFileName: null, + oldFilePath: null, + oldFileSize: null, + oldFileType: null, + bytesOut: null, + eventOutcome: null, + transportProtocol: null, + Reason: null, + requestUrl: null, + requestClientApplication: null, + requestContext: null, + requestCookies: null, + requestMethod: null, + deviceReceiptTime: null, + sourceHostName: null, + sourceMacAddress: null, + sourceNtDomain: null, + sourceDnsDomain: null, + sourceServiceName: null, + sourceTranslatedAddress: null, + sourceTranslatedPort: null, + sourceProcessId: null, + sourceUserPrivileges: null, + sourceProcessName: null, + sourcePort: null, + sourceAddress: null, + startTime: null, + sourceUserId: null, + sourceUserName: null, + type: null, + agentDnsDomain: null, + agentNtDomain: null, + agentTranslatedAddress: null, 'agentTranslatedZone ExternalID': null, - 'agentTranslatedZoneURI': null, - 'agentZoneExternalID': null, - 'agentZoneURI': null, - 'agentAddress': null, - 'agentHostName': null, - 'agentId': null, - 'agentMacAddress': null, - 'agentReceiptTime': null, - 'agentType': null, - 'agentTimeZone': null, - 'agentVersion': null, - 'customerExternalID': null, - 'customerURI': null, + agentTranslatedZoneURI: null, + agentZoneExternalID: null, + agentZoneURI: null, + agentAddress: null, + agentHostName: null, + agentId: null, + agentMacAddress: null, + agentReceiptTime: null, + agentType: null, + agentTimeZone: null, + agentVersion: null, + customerExternalID: null, + customerURI: null, 'destinationTranslated ZoneExternalID': null, 'destinationTranslated ZoneURI': null, - 'destinationZoneExternalID': null, - 'destinationZoneURI': null, + destinationZoneExternalID: null, + destinationZoneURI: null, 'deviceTranslatedZone ExternalID': null, - 'deviceTranslatedZoneURI': null, - 'deviceZoneExternalID': null, - 'deviceZoneURI': null, - 'destinationGeoLatitude': null, - 'destinationGeoLongitude': null, - 'eventId': null, - 'rawEvent': null, - 'sourceGeoLatitude': null, - 'sourceGeoLongitude': null, + deviceTranslatedZoneURI: null, + deviceZoneExternalID: null, + deviceZoneURI: null, + destinationGeoLatitude: null, + destinationGeoLongitude: null, + eventId: null, + rawEvent: null, + sourceGeoLatitude: null, + sourceGeoLongitude: null, 'sourceTranslatedZone ExternalID': null, - 'sourceTranslatedZoneURI': null, - 'sourceZoneExternalID': null, - 'sourceZoneURI': null, + sourceTranslatedZoneURI: null, + sourceZoneExternalID: null, + sourceZoneURI: null, }; if (options.server) { if (options.server.constructor__) { @@ -2119,167 +2131,1168 @@ class CEF { * @public * @return {Promise} - True if validated * @throws {Error} - First element to fail validation - */ - validate () { - return new Promise ((resolve, reject) => { + */ + validate() { + return new Promise((resolve, reject) => { const Extensions = { - 'deviceAction': {key: 'act', type:'String', len:63, discription: 'Action taken by the device.'}, - 'applicationProtocol': {key: 'app', type:'String', len:31, discription: 'Application level protocol, example values are HTTP, HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.'}, - 'deviceCustomIPv6Address1': {key: 'c6a1', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6 Address1Label': {key: 'c6a1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomIPv6Address3': {key: 'c6a3', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6Address3 Label': {key: 'c6a3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomIPv6 Address4': {key: 'c6a4', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6 Address4Label': {key: 'C6a4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceEventCategory': {key: 'cat', type:'String', len:1023, discription: 'Represents the category assigned by the originating device. Devices often use their own categorization schema to classify event. Example: “/Monitor/Disk/Read”'}, - 'deviceCustomFloatingPoint1': {key: 'cfp1', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint1Label': {key: 'cfp1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint2': {key: 'cfp2', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustomFloatingPoint2 Label': {key: 'cfp2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint3': {key: 'cfp3', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint3Label': {key: 'cfp3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint4': {key: 'cfp4', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint4Label': {key: 'cfp4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomNumber1': {key: 'cn1', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber1Label': {key: 'cn1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'DeviceCustomNumber2': {key: 'cn2', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber2Label': {key: 'cn2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomNumber3': {key: 'cn3', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber3Label': {key: 'cn3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'baseEventCount': {key: 'cnt', type:'Number', len:null, discription: 'A count associated with this event. How many times was this same event observed? Count can be omitted if it is 1.'}, - 'deviceCustomString1': {key: 'cs1', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString1Label': {key: 'cs1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString2': {key: 'cs2', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString2Label': {key: 'cs2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString3': {key: 'cs3', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString3Label': {key: 'cs3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString4': {key: 'cs4', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString4Label': {key: 'cs4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString5': {key: 'cs5', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString5Label': {key: 'cs5Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString6': {key: 'cs6', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString6Label': {key: 'cs6Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'destinationDnsDomain': {key: 'destination DnsDomain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'destinationServiceName': {key: 'destination ServiceName', type:'String', len:1023, discription: 'The service targeted by this event. Example: “sshd”'}, - 'destinationTranslated Address': {key: 'Destination Translated Address', type:'String', len:null, discription: 'Identifies the translated destination that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'destinationTranslatedPort': {key: 'Destination TranslatedPort', type:'Number', len:null, discription: 'Port after it was translated; for example, a firewall. Valid port numbers are 0 to 65535.'}, - 'deviceCustomDate1': {key: 'deviceCustom Date1', type:'String', len:null, discription: 'One of two timestamp fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomDate1Label': {key: 'deviceCustom Date1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomDate2': {key: 'deviceCustom Date2', type:'String', len:null, discription: 'One of two timestamp fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomDate2Label': {key: 'deviceCustom Date2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceDirection': {key: 'deviceDirection', type:'Number', len:null, discription: 'Any information about what direction the observed communication has taken. The following values are supported: “0” for inbound or “1” for outbound'}, - 'deviceDnsDomain': {key: 'deviceDns Domain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'deviceExternalId': {key: 'device ExternalId', type:'String', len:255, discription: 'A name that uniquely identifies the device generating this event.'}, - 'deviceFacility': {key: 'deviceFacility', type:'String', len:1023, discription: 'The facility generating this event. For example, Syslog has an explicit facility associated with every event.'}, - 'deviceInboundInterface': {key: 'deviceInbound Interface', type:'String', len:128, discription: 'Interface on which the packet or data entered the device.'}, - 'deviceNtDomain': {key: 'deviceNt Domain', type:'String', len:255, discription: 'The Windows domain name of the device address.'}, - 'deviceOutboundInterface': {key: 'Device Outbound Interface', type:'String', len:128, discription: 'Interface on which the packet or data left the device.'}, - 'devicePayloadId': {key: 'Device PayloadId', type:'String', len:128, discription: 'Unique identifier for the payload associated with the event.'}, - 'deviceProcessName': {key: 'deviceProcess Name', type:'String', len:1023, discription: 'Process name associated with the event. An example might be the process generating the syslog entry in UNIX.'}, - 'deviceTranslatedAddress': {key: 'device Translated Address', type:'String', len:null, discription: 'Identifies the translated device address that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'destinationHostName': {key: 'dhost', type:'String', len:1023, discription: 'Identifies the destination that an event refers to in an IP network. The format should be a fully qualified domain name (FQDN) associated with the destination node, when a node is available. Examples: “host.domain.com” or “host”.'}, - 'destinationMacAddress': {key: 'dmac', type:'String', len:null, discription: 'Six colon-seperated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'destinationNtDomain': {key: 'dntdom', type:'String', len:255, discription: 'The Windows domain name of the destination address.'}, - 'destinationProcessId': {key: 'dpid', type:'Number', len:null, discription: 'Provides the ID of the destination process associated with the event. For example, if an event contains process ID 105, “105” is the process ID.'}, - 'destinationUserPrivileges': {key: 'dpriv', type:'String', len:1023, discription: 'The typical values are “Administrator”, “User”, and “Guest”. This identifies the destination user’s privileges. In UNIX, for example, activity executed on the root user would be identified with destinationUser Privileges of “Administrator”.'}, - 'destinationProcessName': {key: 'dproc', type:'String', len:1023, discription: 'The name of the event’s destination process. Example: “telnetd” or “sshd”.'}, - 'destinationPort': {key: 'dpt', type:'Number', len:null, discription: 'The valid port numbers are between 0 and 65535.'}, - 'destinationAddress': {key: 'dst', type:'String', len:null, discription: 'Identifies the destination address that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'deviceTimeZone': {key: 'dtz', type:'String', len:255, discription: 'The timezone for the device generating the event.'}, - 'destinationUserId': {key: 'duid', type:'String', len:1023, discription: 'Identifies the destination user by ID. For example, in UNIX, the root user is generally associated with user ID 0.'}, - 'destinationUserName': {key: 'duser', type:'String', len:1023, discription: 'Identifies the destination user by name. This is the user associated with the event’s destination. Email addresses are often mapped into the UserName fields. The recipient is a candidate to put into this field.'}, - 'deviceAddress': {key: 'dvc', type:'String', len:null, discription: 'Identifies the device address that an event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'deviceHostName': {key: 'dvchost', type:'String', len:100, discription: 'The format should be a fully qualified domain name (FQDN) associated with the device node, when a node is available. Example: “host.domain.com” or “host”.'}, - 'deviceMacAddress': {key: 'dvcmac', type:'String', len:null, discription: 'Six colon-separated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'deviceProcessId': {key: 'dvcpid', type:'Number', len:null, discription: 'Provides the ID of the process on the device generating the event.'}, - 'endTime': {key: 'end', type:'String', len:null, discription: 'The time at which the activity related to the event ended. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st1970). An example would be reporting the end of a session.'}, - 'externalId': {key: 'externalId', type:'String', len:40, discription: 'The ID used by an originating device. They are usually increasing numbers, associated with events.'}, - 'fileCreateTime': {key: 'fileCreateTime', type:'String', len:null, discription: 'Time when the file was created.'}, - 'fileHash': {key: 'fileHash', type:'String', len:255, discription: 'Hash of a file.'}, - 'fileId': {key: 'fileId', type:'String', len:1023, discription: 'An ID associated with a file could be the inode.'}, - 'fileModificationTime': {key: 'fileModification Time', type:'String', len:null, discription: 'Time when the file was last modified.'}, - 'filePath': {key: 'filePath', type:'String', len:1023, discription: 'Full path to the file, including file name itself. Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe or /usr/bin/zip'}, - 'filePermission': {key: 'filePermission', type:'String', len:1023, discription: 'Permissions of the file.'}, - 'fileType': {key: 'fileType', type:'String', len:1023, discription: 'Type of file (pipe, socket, etc.)'}, - 'flexDate1': {key: 'flexDate1', type:'String', len:null, discription: 'A timestamp field available to map a timestamp that does not apply to any other defined timestamp field in this dictionary. Use all flex fields sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexDate1Label': {key: 'flexDate1Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'flexString1': {key: 'flexString1', type:'String', len:1023, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexString1Label': {key: 'flexString1 Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'flexString2': {key: 'flexString2', type:'String', len:1023, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexString2Label': {key: 'flex String2Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'filename': {key: 'fname', type:'String', len:1023, discription: 'Name of the file only (without its path).'}, - 'fileSize': {key: 'fsize', type:'Number', len:null, discription: 'Size of the file.'}, - 'bytesIn': {key: 'in', type:'Number', len:null, discription: 'Number of bytes transferred inbound, relative to the source to destination relationship, meaning that data was flowing from source to destination.'}, - 'message': {key: 'msg', type:'String', len:1023, discription: 'An arbitrary message giving more details about the event. Multi-line entries can be produced by using \n as the new line separator.'}, - 'oldFileCreateTime': {key: 'oldFileCreate Time', type:'String', len:null, discription: 'Time when old file was created.'}, - 'oldFileHash': {key: 'oldFileHash', type:'String', len:255, discription: 'Hash of the old file.'}, - 'oldFileId': {key: 'oldFileId', type:'String', len:1023, discription: 'An ID associated with the old file could be the inode.'}, - 'oldFileModificationTime': {key: 'oldFile Modification Time', type:'String', len:null, discription: 'Time when old file was last modified.'}, - 'oldFileName': {key: 'oldFileName', type:'String', len:1023, discription: 'Name of the old file.'}, - 'oldFilePath': {key: 'oldFilePath', type:'String', len:1023, discription: 'Full path to the old fiWindowsNT\Accessories le, including the file name itself. Examples: c:\Program Files\wordpad.exe or /usr/bin/zip'}, - 'oldFileSize': {key: 'oldFileSize', type:'Number', len:null, discription: 'Size of the old file.'}, - 'oldFileType': {key: 'oldFileType', type:'String', len:1023, discription: 'Type of the old file (pipe, socket, etc.)'}, - 'bytesOut': {key: 'out', type:'Number', len:null, discription: 'Number of bytes transferred outbound relative to the source to destination relationship. For example, the byte number of data flowing from the destination to the source.'}, - 'eventOutcome': {key: 'outcome', type:'String', len:63, discription: 'Displays the outcome, usually as ‘success’ or ‘failure’.'}, - 'transportProtocol': {key: 'proto', type:'String', len:31, discription: 'Identifies the Layer-4 protocol used. The possible values are protocols such as TCP or UDP.'}, - 'Reason': {key: 'reason', type:'String', len:1023, discription: 'The reason an audit event was generated. For example “badd password” or “unknown user”. This could also be an error or return code. Example: “0x1234”'}, - 'requestUrl': {key: 'request', type:'String', len:1023, discription: 'In the case of an HTTP request, this field contains the URL accessed. The URL should contain the protocol as well. Example: “http://www/secure.com”'}, - 'requestClientApplication': {key: 'requestClient Application', type:'String', len:1023, discription: 'The User-Agent associated with the request.'}, - 'requestContext': {key: 'requestContext', type:'String', len:2048, discription: 'Description of the content from which the request originated (for example, HTTP Referrer)'}, - 'requestCookies': {key: 'requestCookies', type:'String', len:1023, discription: 'Cookies associated with the request.'}, - 'requestMethod': {key: 'requestMethod', type:'String', len:1023, discription: 'The method used to access a URL. Possible values: “POST”, “GET”, etc.'}, - 'deviceReceiptTime': {key: 'rt', type:'String', len:null, discription: 'The time at which the event related to the activity was received. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st 1970)'}, - 'sourceHostName': {key: 'shost', type:'String', len:1023, discription: 'Identifies the source that an event refers to in an IP network. The format should be a fully qualified domain name (DQDN) associated with the source node, when a mode is available. Examples: “host” or “host.domain.com”.'}, - 'sourceMacAddress': {key: 'smac', type:'String', len:null, discription: 'Six colon-separated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'sourceNtDomain': {key: 'sntdom', type:'String', len:255, discription: 'The Windows domain name for the source address.'}, - 'sourceDnsDomain': {key: 'sourceDns Domain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'sourceServiceName': {key: 'source ServiceName', type:'String', len:1023, discription: 'The service that is responsible for generating this event.'}, - 'sourceTranslatedAddress': {key: 'source Translated Address', type:'String', len:null, discription: 'Identifies the translated source that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'sourceTranslatedPort': {key: 'source TranslatedPort', type:'Number', len:null, discription: 'A port number after being translated by, for example, a firewall. Valid port numbers are 0 to 65535.'}, - 'sourceProcessId': {key: 'spid', type:'Number', len:null, discription: 'The ID of the source process associated with the event.'}, - 'sourceUserPrivileges': {key: 'spriv', type:'String', len:1023, discription: 'The typical values are “Administrator”, “User”, and “Guest”. It identifies the source user’s privileges. In UNIX, for example, activity executed by the root user would be identified with “Administrator”.'}, - 'sourceProcessName': {key: 'sproc', type:'String', len:1023, discription: 'The name of the event’s source process.'}, - 'sourcePort': {key: 'spt', type:'Number', len:null, discription: 'The valid port numbers are 0 to 65535.'}, - 'sourceAddress': {key: 'src', type:'String', len:null, discription: 'Identifies the source that an event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'startTime': {key: 'start', type:'String', len:null, discription: 'The time when the activity the event referred to started. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st 1970)'}, - 'sourceUserId': {key: 'suid', type:'String', len:1023, discription: 'Identifies the source user by ID. This is the user associated with the source of the event. For example, in UNIX, the root user is generally associated with user ID 0.'}, - 'sourceUserName': {key: 'suser', type:'String', len:1023, discription: 'Identifies the source user by name. Email addresses are also mapped into the UserName fields. The sender is a candidate to put into this field.'}, - 'type': {key: 'type', type:'Number', len:null, discription: '0 means base event, 1 means aggregated, 2 means correlation, and 3 means action. This field can be omitted for base events (type 0).'}, - 'agentDnsDomain': {key: 'agentDns Domain', type:'String', len:255, discription: 'The DNS domain name of the ArcSight connector that processed the event.'}, - 'agentNtDomain': {key: 'agentNtDomain', type:'String', len:255, discription: ''}, - 'agentTranslatedAddress': {key: 'agentTranslated Address', type:'String', len:null, discription: ''}, - 'agentTranslatedZone ExternalID': {key: 'agentTranslated ZoneExternalID', type:'String', len:200, discription: ''}, - 'agentTranslatedZoneURI': {key: 'agentTranslated Zone URI', type:'String', len:2048, discription: ''}, - 'agentZoneExternalID': {key: 'agentZone ExternalID', type:'String', len:200, discription: ''}, - 'agentZoneURI': {key: 'agentZoneURI', type:'String', len:2048, discription: ''}, - 'agentAddress': {key: 'agt', type:'String', len:null, discription: 'The IP address of the ArcSight connector that processed the event.'}, - 'agentHostName': {key: 'ahost', type:'String', len:1023, discription: 'The hostname of the ArcSight connector that processed the event.'}, - 'agentId': {key: 'aid', type:'String', len:40, discription: 'The agent ID of the ArcSight connector that processed the event.'}, - 'agentMacAddress': {key: 'amac', type:'String', len:null, discription: 'The MAC address of the ArcSight connector that processed the event.'}, - 'agentReceiptTime': {key: 'art', type:'String', len:null, discription: 'The time at which information about the event was received by the ArcSight connector.'}, - 'agentType': {key: 'at', type:'String', len:63, discription: 'The agent type of the ArcSight connector that processed the event'}, - 'agentTimeZone': {key: 'atz', type:'String', len:255, discription: 'The agent time zone of the ArcSight connector that processed the event.'}, - 'agentVersion': {key: 'av', type:'String', len:31, discription: 'The version of the ArcSight connector that processed the event.'}, - 'customerExternalID': {key: 'customer ExternalID', type:'String', len:200, discription: ''}, - 'customerURI': {key: 'customerURI', type:'String', len:2048, discription: ''}, - 'destinationTranslated ZoneExternalID': {key: 'destination TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'destinationTranslated ZoneURI': {key: 'destination Translated ZoneURI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the destination asset has been assigned to in ArcSight.'}, - 'destinationZoneExternalID': {key: 'destinationZone ExternalID', type:'String', len:200, discription: ''}, - 'destinationZoneURI': {key: 'destinationZone URI', type:'String', len:2048, discription: 'The URI for the Zone that the destination asset has been assigned to in ArcSight.'}, - 'deviceTranslatedZone ExternalID': {key: 'device TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'deviceTranslatedZoneURI': {key: 'device TranslatedZone URI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the device asset has been assigned to in ArcSight.'}, - 'deviceZoneExternalID': {key: 'deviceZone ExternalID', type:'String', len:200, discription: ''}, - 'deviceZoneURI': {key: 'deviceZoneURI', type:'String', len:2048, discription: 'Thee URI for the Zone that the device asset has been assigned to in ArcSight.'}, - 'destinationGeoLatitude': {key: 'dlat', type:'Number', len:null, discription: 'The latitudinal value from which the destination’s IP address belongs.'}, - 'destinationGeoLongitude': {key: 'dlong', type:'Number', len:null, discription: 'The longitudinal value from which the destination’s IP address belongs.'}, - 'eventId': {key: 'eventId', type:'Number', len:null, discription: 'This is a unique ID that ArcSight assigns to each event.'}, - 'rawEvent': {key: 'rawEvent', type:'String', len:4000, discription: ''}, - 'sourceGeoLatitude': {key: 'slat', type:'Number', len:null, discription: ''}, - 'sourceGeoLongitude': {key: 'slong', type:'Number', len:null, discription: ''}, - 'sourceTranslatedZone ExternalID': {key: 'source TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'sourceTranslatedZoneURI': {key: 'source TranslatedZone URI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the destination asset has been assigned to in ArcSight.'}, - 'sourceZoneExternalID': {key: 'sourceZone ExternalID', type:'String', len:200, discription: ''}, - 'sourceZoneURI': {key: 'sourceZoneURI', type:'String', len:2048, discription: 'The URI for the Zone that the source asset has been assigned to in ArcSight.'}, + deviceAction: { + key: 'act', + type: 'String', + len: 63, + discription: 'Action taken by the device.', + }, + applicationProtocol: { + key: 'app', + type: 'String', + len: 31, + discription: 'Application level protocol, example values are HTTP, ' + + 'HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.', + }, + deviceCustomIPv6Address1: { + key: 'c6a1', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6 Address1Label': { + key: 'c6a1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomIPv6Address3: { + key: 'c6a3', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6Address3 Label': { + key: 'c6a3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + 'deviceCustomIPv6 Address4': { + key: 'c6a4', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6 Address4Label': { + key: 'C6a4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceEventCategory: { + key: 'cat', + type: 'String', + len: 1023, + discription: 'Represents the category assigned by the originating ' + + 'device. Devices often use their own categorization schema to ' + + 'classify event. Example: “/Monitor/Disk/Read”', + }, + deviceCustomFloatingPoint1: { + key: 'cfp1', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint1Label': { + key: 'cfp1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint2: { + key: 'cfp2', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustomFloatingPoint2 Label': { + key: 'cfp2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint3: { + key: 'cfp3', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint3Label': { + key: 'cfp3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint4: { + key: 'cfp4', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint4Label': { + key: 'cfp4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomNumber1: { + key: 'cn1', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber1Label: { + key: 'cn1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + DeviceCustomNumber2: { + key: 'cn2', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber2Label: { + key: 'cn2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomNumber3: { + key: 'cn3', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber3Label: { + key: 'cn3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + baseEventCount: { + key: 'cnt', + type: 'Number', + len: null, + discription: 'A count associated with this event. How many times ' + + 'was this same event observed? Count can be omitted if it is 1.', + }, + deviceCustomString1: { + key: 'cs1', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString1Label: { + key: 'cs1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString2: { + key: 'cs2', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString2Label: { + key: 'cs2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString3: { + key: 'cs3', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString3Label: { + key: 'cs3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString4: { + key: 'cs4', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString4Label: { + key: 'cs4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString5: { + key: 'cs5', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString5Label: { + key: 'cs5Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString6: { + key: 'cs6', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString6Label: { + key: 'cs6Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + destinationDnsDomain: { + key: 'destination DnsDomain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + destinationServiceName: { + key: 'destination ServiceName', + type: 'String', + len: 1023, + discription: 'The service targeted by this event. Example: “sshd”', + }, + 'destinationTranslated Address': { + key: 'Destination Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated destination that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”', + }, + destinationTranslatedPort: { + key: 'Destination TranslatedPort', + type: 'Number', + len: null, + discription: 'Port after it was translated; for example, a ' + + 'firewall. Valid port numbers are 0 to 65535.', + }, + deviceCustomDate1: { + key: 'deviceCustom Date1', + type: 'String', + len: null, + discription: 'One of two timestamp fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomDate1Label: { + key: 'deviceCustom Date1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomDate2: { + key: 'deviceCustom Date2', + type: 'String', + len: null, + discription: 'One of two timestamp fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomDate2Label: { + key: 'deviceCustom Date2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceDirection: { + key: 'deviceDirection', + type: 'Number', + len: null, + discription: 'Any information about what direction the observed ' + + 'communication has taken. The following values are supported: ' + + '“0” for inbound or “1” for outbound', + }, + deviceDnsDomain: { + key: 'deviceDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + deviceExternalId: { + key: 'device ExternalId', + type: 'String', + len: 255, + discription: 'A name that uniquely identifies the device ' + + 'generating this event.', + }, + deviceFacility: { + key: 'deviceFacility', + type: 'String', + len: 1023, + discription: 'The facility generating this event. For example, ' + + 'Syslog has an explicit facility associated with every event.', + }, + deviceInboundInterface: { + key: 'deviceInbound Interface', + type: 'String', + len: 128, + discription: 'Interface on which the packet or data entered the ' + + 'device.', + }, + deviceNtDomain: { + key: 'deviceNt Domain', + type: 'String', + len: 255, + discription: 'The Windows domain name of the device address.', + }, + deviceOutboundInterface: { + key: 'Device Outbound Interface', + type: 'String', + len: 128, + discription: 'Interface on which the packet or data left the ' + + 'device.', + }, + devicePayloadId: { + key: 'Device PayloadId', + type: 'String', + len: 128, + discription: 'Unique identifier for the payload associated with ' + + 'the event.', + }, + deviceProcessName: { + key: 'deviceProcess Name', + type: 'String', + len: 1023, + discription: 'Process name associated with the event. An example ' + + 'might be the process generating the syslog entry in UNIX.', + }, + deviceTranslatedAddress: { + key: 'device Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated device address that the ' + + 'event refers to in an IP network. The format is an IPv4 ' + + 'address. Example: “192.168.10.1”', + }, + destinationHostName: { + key: 'dhost', + type: 'String', + len: 1023, + discription: 'Identifies the destination that an event refers to ' + + 'in an IP network. The format should be a fully qualified ' + + 'domain name (FQDN) associated with the destination node, when ' + + 'a node is available. Examples: “host.domain.com” or “host”.', + }, + destinationMacAddress: { + key: 'dmac', + type: 'String', + len: null, + discription: 'Six colon-seperated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + destinationNtDomain: { + key: 'dntdom', + type: 'String', + len: 255, + discription: 'The Windows domain name of the destination address.', + }, + destinationProcessId: { + key: 'dpid', + type: 'Number', + len: null, + discription: 'Provides the ID of the destination process ' + + 'associated with the event. For example, if an event contains ' + + 'process ID 105, 105” is the process ID.', + }, + destinationUserPrivileges: { + key: 'dpriv', + type: 'String', + len: 1023, + discription: 'The typical values are “Administrator”, “User”, and ' + + '“Guest”. This identifies the destination user’s privileges. ' + + 'In UNIX, for example, activity executed on the root user ' + + 'would be identified with destinationUser Privileges of ' + + '“Administrator”.', + }, + destinationProcessName: { + key: 'dproc', + type: 'String', + len: 1023, + discription: 'The name of the event’s destination process. ' + + 'Example: “telnetd” or “sshd”.', + }, + destinationPort: { + key: 'dpt', + type: 'Number', + len: null, + discription: 'The valid port numbers are between 0 and 65535.', + }, + destinationAddress: { + key: 'dst', + type: 'String', + len: null, + discription: 'Identifies the destination address that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”', + }, + deviceTimeZone: { + key: 'dtz', + type: 'String', + len: 255, + discription: 'The timezone for the device generating the event.', + }, + destinationUserId: { + key: 'duid', + type: 'String', + len: 1023, + discription: 'Identifies the destination user by ID. For example, ' + + 'in UNIX, the root user is generally associated with user ' + + 'ID 0.', + }, + destinationUserName: { + key: 'duser', + type: 'String', + len: 1023, + discription: 'Identifies the destination user by name. This is the ' + + 'user associated with the event’s destination. Email addresses ' + + 'are often mapped into the UserName fields. The recipient is a ' + + 'candidate to put into this field.', + }, + deviceAddress: { + key: 'dvc', + type: 'String', + len: null, + discription: 'Identifies the device address that an event refers ' + + 'to in an IP network. The format is an IPv4 address. Example: ' + + '“192.168.10.1”.', + }, + deviceHostName: { + key: 'dvchost', + type: 'String', + len: 100, + discription: 'The format should be a fully qualified domain name ' + + '(FQDN) associated with the device node, when a node is ' + + 'available. Example: “host.domain.com” or “host”.', + }, + deviceMacAddress: { + key: 'dvcmac', + type: 'String', + len: null, + discription: 'Six colon-separated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + deviceProcessId: { + key: 'dvcpid', + type: 'Number', + len: null, + discription: 'Provides the ID of the process on the device ' + + 'generating the event.', + }, + endTime: { + key: 'end', + type: 'String', + len: null, + discription: 'The time at which the activity related to the event ' + + 'ended. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + + 'since epoch (Jan 1st1970). An example would be reporting the ' + + 'end of a session.', + }, + externalId: { + key: 'externalId', + type: 'String', + len: 40, + discription: 'The ID used by an originating device. They are ' + + 'usually increasing numbers, associated with events.', + }, + fileCreateTime: { + key: 'fileCreateTime', + type: 'String', + len: null, + discription: 'Time when the file was created.', + }, + fileHash: { + key: 'fileHash', + type: 'String', + len: 255, + discription: 'Hash of a file.', + }, + fileId: { + key: 'fileId', + type: 'String', + len: 1023, + discription: 'An ID associated with a file could be the inode.', + }, + fileModificationTime: { + key: 'fileModification Time', + type: 'String', + len: null, + discription: 'Time when the file was last modified.', + }, + filePath: { + key: 'filePath', + type: 'String', + len: 1023, + discription: 'Full path to the file, including file name itself. ' + + 'Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe ' + + 'or /usr/bin/zip', + }, + filePermission: { + key: 'filePermission', + type: 'String', + len: 1023, + discription: 'Permissions of the file.', + }, + fileType: { + key: 'fileType', + type: 'String', + len: 1023, + discription: 'Type of file (pipe, socket, etc.)', + }, + flexDate1: { + key: 'flexDate1', + type: 'String', + len: null, + discription: 'A timestamp field available to map a timestamp that ' + + 'does not apply to any other defined timestamp field in this ' + + 'dictionary. Use all flex fields sparingly and seek a more ' + + 'specific, dictionary supplied field when possible. These ' + + 'fields are typically reserved for customer use and should not ' + + 'be set by vendors unless necessary.', + }, + flexDate1Label: { + key: 'flexDate1Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + flexString1: { + key: 'flexString1', + type: 'String', + len: 1023, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. These fields are typically reserved for ' + + 'customer use and should not be set by vendors unless ' + + 'necessary.', + }, + flexString1Label: { + key: 'flexString1 Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + flexString2: { + key: 'flexString2', + type: 'String', + len: 1023, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. These fields are typically reserved for ' + + 'customer use and should not be set by vendors unless ' + + 'necessary.', + }, + flexString2Label: { + key: 'flex String2Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + filename: { + key: 'fname', + type: 'String', + len: 1023, + discription: 'Name of the file only (without its path).', + }, + fileSize: { + key: 'fsize', + type: 'Number', + len: null, + discription: 'Size of the file.', + }, + bytesIn: { + key: 'in', + type: 'Number', + len: null, + discription: 'Number of bytes transferred inbound, relative to the ' + + 'source to destination relationship, meaning that data was ' + + 'flowing from source to destination.', + }, + message: { + key: 'msg', + type: 'String', + len: 1023, + discription: 'An arbitrary message giving more details about the ' + + 'event. Multi-line entries can be produced by using \n as the ' + + 'new line separator.', + }, + oldFileCreateTime: { + key: 'oldFileCreate Time', + type: 'String', + len: null, + discription: 'Time when old file was created.', + }, + oldFileHash: { + key: 'oldFileHash', + type: 'String', + len: 255, + discription: 'Hash of the old file.', + }, + oldFileId: { + key: 'oldFileId', + type: 'String', + len: 1023, + discription: 'An ID associated with the old file could be the ' + + 'inode.', + }, + oldFileModificationTime: { + key: 'oldFile Modification Time', + type: 'String', + len: null, + discription: 'Time when old file was last modified.', + }, + oldFileName: { + key: 'oldFileName', + type: 'String', + len: 1023, + discription: 'Name of the old file.', + }, + oldFilePath: { + key: 'oldFilePath', + type: 'String', + len: 1023, + discription: 'Full path to the old fiWindowsNT\\Accessories le, ' + + 'including the file name itself. Examples: c:\\Program ' + + 'Files\\wordpad.exe or /usr/bin/zip', + }, + oldFileSize: { + key: 'oldFileSize', + type: 'Number', + len: null, + discription: 'Size of the old file.', + }, + oldFileType: { + key: 'oldFileType', + type: 'String', + len: 1023, + discription: 'Type of the old file (pipe, socket, etc.)', + }, + bytesOut: { + key: 'out', + type: 'Number', + len: null, + discription: 'Number of bytes transferred outbound relative to the ' + + 'source to destination relationship. For example, the byte ' + + 'number of data flowing from the destination to the source.', + }, + eventOutcome: { + key: 'outcome', + type: 'String', + len: 63, + discription: 'Displays the outcome, usually as ‘success’ or ' + + '‘failure’.', + }, + transportProtocol: { + key: 'proto', + type: 'String', + len: 31, + discription: 'Identifies the Layer-4 protocol used. The possible ' + + 'values are protocols such as TCP or UDP.', + }, + Reason: { + key: 'reason', + type: 'String', + len: 1023, + discription: 'The reason an audit event was generated. For ' + + 'example “badd password” or “unknown user”. This could also be ' + + 'an error or return code. Example: “0x1234”', + }, + requestUrl: { + key: 'request', + type: 'String', + len: 1023, + discription: 'In the case of an HTTP request, this field contains ' + + 'the URL accessed. The URL should contain the protocol as ' + + 'well. Example: “http://www/secure.com”', + }, + requestClientApplication: { + key: 'requestClient Application', + type: 'String', + len: 1023, + discription: 'The User-Agent associated with the request.', + }, + requestContext: { + key: 'requestContext', + type: 'String', + len: 2048, + discription: 'Description of the content from which the request ' + + 'originated (for example, HTTP Referrer)', + }, + requestCookies: { + key: 'requestCookies', + type: 'String', + len: 1023, + discription: 'Cookies associated with the request.', + }, + requestMethod: { + key: 'requestMethod', + type: 'String', + len: 1023, + discription: 'The method used to access a URL. Possible values: ' + + '“POST”, “GET”, etc.', + }, + deviceReceiptTime: { + key: 'rt', + type: 'String', + len: null, + discription: 'The time at which the event related to the activity ' + + 'was received. The format is MMM dd yyyy HH:mm:ss or ' + + 'milliseconds since epoch (Jan 1st 1970)', + }, + sourceHostName: { + key: 'shost', + type: 'String', + len: 1023, + discription: 'Identifies the source that an event refers to in an ' + + 'IP network. The format should be a fully qualified domain ' + + 'name (DQDN) associated with the source node, when a mode is ' + + 'available. Examples: “host” or “host.domain.com”.', + }, + sourceMacAddress: { + key: 'smac', + type: 'String', + len: null, + discription: 'Six colon-separated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + sourceNtDomain: { + key: 'sntdom', + type: 'String', + len: 255, + discription: 'The Windows domain name for the source address.', + }, + sourceDnsDomain: { + key: 'sourceDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + sourceServiceName: { + key: 'source ServiceName', + type: 'String', + len: 1023, + discription: 'The service that is responsible for generating this ' + + 'event.', + }, + sourceTranslatedAddress: { + key: 'source Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated source that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”.', + }, + sourceTranslatedPort: { + key: 'source TranslatedPort', + type: 'Number', + len: null, + discription: 'A port number after being translated by, for ' + + 'example, a firewall. Valid port numbers are 0 to 65535.', + }, + sourceProcessId: { + key: 'spid', + type: 'Number', + len: null, + discription: 'The ID of the source process associated with the ' + + 'event.', + }, + sourceUserPrivileges: { + key: 'spriv', + type: 'String', + len: 1023, + discription: 'The typical values are “Administrator”, “User”, and ' + + '“Guest”. It identifies the source user’s privileges. In UNIX, ' + + 'for example, activity executed by the root user would be ' + + 'identified with “Administrator”.', + }, + sourceProcessName: { + key: 'sproc', + type: 'String', + len: 1023, + discription: 'The name of the event’s source process.', + }, + sourcePort: { + key: 'spt', + type: 'Number', + len: null, + discription: 'The valid port numbers are 0 to 65535.', + }, + sourceAddress: { + key: 'src', + type: 'String', + len: null, + discription: 'Identifies the source that an event refers to in an ' + + 'IP network. The format is an IPv4 address. Example: ' + + '“192.168.10.1”.', + }, + startTime: { + key: 'start', + type: 'String', + len: null, + discription: 'The time when the activity the event referred to ' + + 'started. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + + 'since epoch (Jan 1st 1970)', + }, + sourceUserId: { + key: 'suid', + type: 'String', + len: 1023, + discription: 'Identifies the source user by ID. This is the user ' + + 'associated with the source of the event. For example, in ' + + 'UNIX, the root user is generally associated with user ID 0.', + }, + sourceUserName: { + key: 'suser', + type: 'String', + len: 1023, + discription: 'Identifies the source user by name. Email addresses ' + + 'are also mapped into the UserName fields. The sender is a ' + + 'candidate to put into this field.', + }, + type: { + key: 'type', + type: 'Number', + len: null, + discription: '0 means base event, 1 means aggregated, 2 means ' + + 'correlation, and 3 means action. This field can be omitted ' + + 'for base events (type 0).', + }, + agentDnsDomain: { + key: 'agentDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain name of the ArcSight connector that ' + + 'processed the event.', + }, + agentNtDomain: { + key: 'agentNtDomain', + type: 'String', + len: 255, + discription: '', + }, + agentTranslatedAddress: { + key: 'agentTranslated Address', + type: 'String', + len: null, + discription: '', + }, + 'agentTranslatedZone ExternalID': { + key: 'agentTranslated ZoneExternalID', + type: 'String', + len: 200, + discription: '', + }, + agentTranslatedZoneURI: { + key: 'agentTranslated Zone URI', + type: 'String', + len: 2048, + discription: '', + }, + agentZoneExternalID: { + key: 'agentZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + agentZoneURI: { + key: 'agentZoneURI', + type: 'String', + len: 2048, + discription: '', + }, + agentAddress: { + key: 'agt', + type: 'String', + len: null, + discription: 'The IP address of the ArcSight connector that ' + + 'processed the event.', + }, + agentHostName: { + key: 'ahost', + type: 'String', + len: 1023, + discription: 'The hostname of the ArcSight connector that ' + + 'processed the event.', + }, + agentId: { + key: 'aid', + type: 'String', + len: 40, + discription: 'The agent ID of the ArcSight connector that ' + + 'processed the event.', + }, + agentMacAddress: { + key: 'amac', + type: 'String', + len: null, + discription: 'The MAC address of the ArcSight connector that ' + + 'processed the event.', + }, + agentReceiptTime: { + key: 'art', + type: 'String', + len: null, + discription: 'The time at which information about the event was ' + + 'received by the ArcSight connector.', + }, + agentType: { + key: 'at', + type: 'String', + len: 63, + discription: 'The agent type of the ArcSight connector that ' + + 'processed the event', + }, + agentTimeZone: { + key: 'atz', + type: 'String', + len: 255, + discription: 'The agent time zone of the ArcSight connector that ' + + 'processed the event.', + }, + agentVersion: { + key: 'av', + type: 'String', + len: 31, + discription: 'The version of the ArcSight connector that processed ' + + 'the event.', + }, + customerExternalID: { + key: 'customer ExternalID', + type: 'String', + len: 200, + discription: '', + }, + customerURI: { + key: 'customerURI', + type: 'String', + len: 2048, + discription: '', + }, + 'destinationTranslated ZoneExternalID': { + key: 'destination TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + 'destinationTranslated ZoneURI': { + key: 'destination Translated ZoneURI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the destination ' + + 'asset has been assigned to in ArcSight.', + }, + destinationZoneExternalID: { + key: 'destinationZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + destinationZoneURI: { + key: 'destinationZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Zone that the destination asset has ' + + 'been assigned to in ArcSight.', + }, + 'deviceTranslatedZone ExternalID': { + key: 'device TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + deviceTranslatedZoneURI: { + key: 'device TranslatedZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the device ' + + 'asset has been assigned to in ArcSight.', + }, + deviceZoneExternalID: { + key: 'deviceZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + deviceZoneURI: { + key: 'deviceZoneURI', + type: 'String', + len: 2048, + discription: 'Thee URI for the Zone that the device asset has been ' + + 'assigned to in ArcSight.', + }, + destinationGeoLatitude: { + key: 'dlat', + type: 'Number', + len: null, + discription: 'The latitudinal value from which the ' + + 'destination’s IP address belongs.', + }, + destinationGeoLongitude: { + key: 'dlong', + type: 'Number', + len: null, + discription: 'The longitudinal value from which the destination’s ' + + 'IP address belongs.', + }, + eventId: { + key: 'eventId', + type: 'Number', + len: null, + discription: 'This is a unique ID that ArcSight assigns to each ' + + 'event.', + }, + rawEvent: { + key: 'rawEvent', + type: 'String', + len: 4000, + discription: '', + }, + sourceGeoLatitude: { + key: 'slat', + type: 'Number', + len: null, + discription: '', + }, + sourceGeoLongitude: { + key: 'slong', + type: 'Number', + len: null, + discription: '', + }, + 'sourceTranslatedZone ExternalID': { + key: 'source TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + sourceTranslatedZoneURI: { + key: 'source TranslatedZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the destination ' + + 'asset has been assigned to in ArcSight.', + }, + sourceZoneExternalID: { + key: 'sourceZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + sourceZoneURI: { + key: 'sourceZoneURI', + type: 'String', + len: 2048, + discription: 'The URI for the Zone that the source asset has been ' + + 'assigned to in ArcSight.' }, }; if (typeof this.deviceVendor !== 'string' || typeof this.deviceProduct !== 'string' @@ -2314,10 +3327,10 @@ class CEF { const cefExtsLen = cefExts.length; for (let ext = 0; ext < cefExtsLen; ext++) { if (cefExts[ext][1] !== null) { - if(Extensions[cefExts[ext][0]]) { + if (Extensions[cefExts[ext][0]]) { if (typeof cefExts[ext][1] === Extensions[cefExts[ext][0]] - .type - .toLowerCase()) { + .type + .toLowerCase()) { if (Extensions[cefExts[ext][0]].len > 0 && typeof cefExts[ext][1] === 'string' && cefExts[ext][1].length > Extensions[cefExts[ext][0]].len){ @@ -2347,9 +3360,10 @@ class CEF { * Build a CEF formated string * @public * @return {Promise} - String with formated message - */ - buildMessage () { - return new Promise((resolve, reject) => { + */ + buildMessage() { + return new Promise((resolve, + reject) => { let fmtMsg = 'CEF:0'; fmtMsg += '|' + this.deviceVendor; fmtMsg += '|' + this.deviceProduct; @@ -2358,7 +3372,7 @@ class CEF { fmtMsg += '|' + this.name; fmtMsg += '|' + this.severity; fmtMsg += '|'; - + const cefExts = Object.entries(this.extensions); const cefExtsLen = cefExts.length; for (let ext = 0; ext < cefExtsLen; ext++) { @@ -2372,11 +3386,12 @@ class CEF { /** * @public * @param {Syslog} [options=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - send (options) { - return new Promise((resolve, reject) => { + send(options) { + return new Promise((resolve, + reject) => { this.buildMessage() .then((result) => { if (!this.server) { @@ -2397,10 +3412,10 @@ class CEF { module.exports = { RgbToAnsi: rgbToAnsi, RFC3164: RFC3164, - RFC5424:RFC5424, + RFC5424: RFC5424, LEEF: LEEF, CEF: CEF, - Syslog: Syslog + Syslog: Syslog, }; @@ -2417,7 +3432,7 @@ module.exports = {
    - Documentation generated by JSDoc 3.5.5 on Tue Sep 25 2018 19:37:57 GMT+0000 (Coordinated Universal Time) using the docdash theme. + Documentation generated by JSDoc 3.5.5 on Mon Oct 15 2018 00:40:26 GMT+0000 (Coordinated Universal Time) using the docdash theme.
    diff --git a/docs/module-SyslogPro-CEF.html b/docs/module-SyslogPro-CEF.html index 20adddc..03ad1f7 100644 --- a/docs/module-SyslogPro-CEF.html +++ b/docs/module-SyslogPro-CEF.html @@ -51,16 +51,16 @@
    A class to work with HP CEF (Common Event Format) messages. This form of system messages are designed to work with security systems. Messages can -be saved to file (Saving to file if not part of this module but a CEF -formatted message produced by this module can be saved externally to it) or +be saved to file (Saving to file if not part of this module but a CEF +formatted message produced by this module can be saved externally to it) or sent via Syslog. -Most APIs will return a promise. These APIs can be used using +Most APIs will return a promise. These APIs can be used using `then(...)/catch(...)` -A Syslog class with a configured Syslog server target can also be used as -the input into the formatting classes so that it may run independently. The CEF -format is designed to send event data to a SIEM system and should not be as -a logging stream. This class is meant to be used once per message.
    +A Syslog class with a configured Syslog server target can also be used as +the input into the formatting classes so that it may run independently. The +CEF format is designed to send event data to a SIEM system and should not be +as a logging stream. This class is meant to be used once per message. @@ -87,7 +87,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -261,7 +261,7 @@ a logging stream. This class is meant to be used once per message. - The vendor of the system + The vendor of the system that generated the event being reported @@ -301,7 +301,7 @@ a logging stream. This class is meant to be used once per message. - The product name of the + The product name of the system that genrated the event being reported @@ -341,7 +341,7 @@ a logging stream. This class is meant to be used once per message. - The version name of the + The version name of the system that genrated the event being reported @@ -381,7 +381,7 @@ a logging stream. This class is meant to be used once per message. - The eventId of the + The eventId of the system that genrated the event being reported @@ -421,7 +421,7 @@ a logging stream. This class is meant to be used once per message. - Name of the service generating + Name of the service generating the notice @@ -539,7 +539,7 @@ a logging stream. This class is meant to be used once per message. - A Syslog server connection that should be used to send messages directly + A Syslog server connection that should be used to send messages directly from this class. @see SyslogPro~Syslog @@ -610,7 +610,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -669,7 +669,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -738,7 +738,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -807,7 +807,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -876,7 +876,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -945,7 +945,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1014,7 +1014,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1083,7 +1083,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1142,7 +1142,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1221,7 +1221,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1327,7 +1327,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1437,7 +1437,7 @@ a logging stream. This class is meant to be used once per message. - A Syslog server connection that should be used to send messages directly + A Syslog server connection that should be used to send messages directly from this class. @see SyslogPro~Syslog @@ -1477,7 +1477,7 @@ a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1615,7 +1615,7 @@ a logging stream. This class is meant to be used once per message.
    - Documentation generated by JSDoc 3.5.5 on Tue Sep 25 2018 19:37:57 GMT+0000 (Coordinated Universal Time) using the docdash theme. + Documentation generated by JSDoc 3.5.5 on Mon Oct 15 2018 00:40:26 GMT+0000 (Coordinated Universal Time) using the docdash theme.
    diff --git a/docs/module-SyslogPro-LEEF.html b/docs/module-SyslogPro-LEEF.html index accdf0a..deeeec2 100644 --- a/docs/module-SyslogPro-LEEF.html +++ b/docs/module-SyslogPro-LEEF.html @@ -51,15 +51,15 @@
    A class to work with IBM LEEF (Log Event Extended Format) messages this form of system messages are designed to work with security systems. Messages can -be saved to file (Saving to file if not part of this module but a LEEF -formatted message produced by this module can be saved externally to it) or -sent via Syslog. -Most APIs will return a promise. These APIs can be used using +be saved to file (Saving to file if not part of this module but a LEEF +formatted message produced by this module can be saved externally to it) or +sent via Syslog. +Most APIs will return a promise. These APIs can be used using `then(...)/catch(...)` -A Syslog class with a configured Syslog server target can also be used as -the input into the formatting classes so that it may run independently. The -LEEF format is designed to send event data to a SIEM system and should not +A Syslog class with a configured Syslog server target can also be used as +the input into the formatting classes so that it may run independently. The +LEEF format is designed to send event data to a SIEM system and should not be as a logging stream. This class is meant to be used once per message.
    @@ -87,7 +87,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -301,7 +301,7 @@ be as a logging stream. This class is meant to be used once per message. - The product name of the + The product name of the system that genrated the event being reported @@ -341,7 +341,7 @@ be as a logging stream. This class is meant to be used once per message. - The version name of the + The version name of the system that genrated the event being reported @@ -381,7 +381,7 @@ be as a logging stream. This class is meant to be used once per message. - The eventId of the + The eventId of the system that genrated the event being reported @@ -419,7 +419,7 @@ be as a logging stream. This class is meant to be used once per message. - LEEF message attributes which + LEEF message attributes which defaults to all base attributes with null values, new attributes should be added as new elements to this object @@ -460,7 +460,7 @@ be as a logging stream. This class is meant to be used once per message. - Should the LEEF message + Should the LEEF message include a Syslog header with Timestamp and source @@ -500,7 +500,7 @@ be as a logging stream. This class is meant to be used once per message. - A Syslog server connection that should be used to send messages directly + A Syslog server connection that should be used to send messages directly from this class. @see SyslogPro~Syslog @@ -571,7 +571,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -640,7 +640,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -699,7 +699,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -768,7 +768,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -837,7 +837,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -896,7 +896,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -965,7 +965,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1034,7 +1034,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1113,7 +1113,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1219,7 +1219,7 @@ be as a logging stream. This class is meant to be used once per message.
    Source:
    @@ -1329,7 +1329,7 @@ be as a logging stream. This class is meant to be used once per message. - A Syslog server connection that should be used to send messages directly + A Syslog server connection that should be used to send messages directly from this class. @see SyslogPro~Syslog @@ -1372,7 +1372,7 @@ be as a logging stream. This class is meant to be used once per message.
    - Documentation generated by JSDoc 3.5.5 on Tue Sep 25 2018 19:37:57 GMT+0000 (Coordinated Universal Time) using the docdash theme. + Documentation generated by JSDoc 3.5.5 on Mon Oct 15 2018 00:40:26 GMT+0000 (Coordinated Universal Time) using the docdash theme.
    diff --git a/docs/module-SyslogPro-RFC3164.html b/docs/module-SyslogPro-RFC3164.html index 6bdbc61..73a7190 100644 --- a/docs/module-SyslogPro-RFC3164.html +++ b/docs/module-SyslogPro-RFC3164.html @@ -49,16 +49,16 @@ RFC3164 -
    A class to work with RFC3164 formatted syslog messages. The messaging is fully configurable and ANSI foreground -colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. -Most APIs will return a promise. These APIs can be used using -`then(...)/catch(...)` +
    A class to work with RFC3164 formatted syslog messages. The messaging is +fully configurable and ANSI foreground colors can be added. Both ANSI 8 and +ANSI 256 color are fully supported. Most APIs will return a promise. These +APIs can be used using `then(...)/catch(...)` A Syslog class with a configured -Syslog server target can also be used as the input into the formatting +Syslog server target can also be used as the input into the formatting classes so that it may run independently. -The RFC3164 Syslog logging format is meant to be used as a stream of log data +The RFC3164 Syslog logging format is meant to be used as a stream of log data from a service or application. This class is designed to be used in this fashion where new messages are written to the class as needed.
    @@ -87,7 +87,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -339,7 +339,7 @@ fashion where new messages are written to the class as needed. - Facility code to use sending this + Facility code to use sending this message @@ -379,7 +379,7 @@ fashion where new messages are written to the class as needed. - Apply color coding encoding tag + Apply color coding encoding tag with syslog message text @@ -419,7 +419,7 @@ fashion where new messages are written to the class as needed. - Use the extended ANSI + Use the extended ANSI color set encoding tag with syslog message text @@ -457,7 +457,7 @@ fashion where new messages are written to the class as needed. - User defended colors for + User defended colors for severities
    Properties
    @@ -512,9 +512,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in + the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + & 0-255 Extended) @@ -547,9 +547,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in the + form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + 0-255 Extended) @@ -582,9 +582,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in + the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + & 0-255 Extended) @@ -617,9 +617,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in the + form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + 0-255 Extended) @@ -652,9 +652,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in + the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + & 0-255 Extended) @@ -687,9 +687,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in the + form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + 0-255 Extended) @@ -722,9 +722,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color + in the form of #FFFFFF or as or the ANSI color code number (30-37 + Standard & 0-255 Extended) @@ -757,9 +757,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in the + form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + 0-255 Extended) @@ -805,7 +805,7 @@ fashion where new messages are written to the class as needed. - A Syslog server connection that should be used to send messages directly + A Syslog server connection that should be used to send messages directly from this class. @see SyslogPro~Syslog @@ -876,7 +876,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -935,7 +935,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1004,7 +1004,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1063,7 +1063,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1122,7 +1122,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1181,7 +1181,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1240,7 +1240,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1299,7 +1299,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1368,7 +1368,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1427,7 +1427,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1486,7 +1486,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1545,7 +1545,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1614,7 +1614,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1798,7 +1798,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2036,7 +2036,7 @@ fashion where new messages are written to the class as needed. - The ANSI color code to use if + The ANSI color code to use if message coloration is selected @@ -2134,7 +2134,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2318,7 +2318,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2502,7 +2502,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2686,7 +2686,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2870,7 +2870,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3054,7 +3054,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3238,7 +3238,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3422,7 +3422,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3516,7 +3516,8 @@ fashion where new messages are written to the class as needed. - The informational message to send to the Syslog server + The informational message to send to the Syslog + server @@ -3606,7 +3607,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3700,7 +3701,8 @@ fashion where new messages are written to the class as needed. - The informational message to send to the Syslog server + The informational message to send to the Syslog + server @@ -3790,7 +3792,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3884,7 +3886,8 @@ fashion where new messages are written to the class as needed. - The informational message to send to the Syslog server + The informational message to send to the Syslog + server @@ -3974,7 +3977,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -4158,7 +4161,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -4342,7 +4345,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -4389,8 +4392,8 @@ fashion where new messages are written to the class as needed.
    - send a RFC5424 formatted message. Returns a promise with the formatted - message that was sent. If no server connection was defined when the + send a RFC5424 formatted message. Returns a promise with the formatted + message that was sent. If no server connection was defined when the class was created a default Syslog connector will be used.
    @@ -4686,7 +4689,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -4792,8 +4795,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -4827,8 +4830,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -4862,8 +4865,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -4897,8 +4900,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -4932,8 +4935,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -4967,8 +4970,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -5002,9 +5005,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in the + form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + 0-255 Extended) @@ -5037,8 +5040,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -5107,7 +5110,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -5291,7 +5294,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -5478,7 +5481,7 @@ fashion where new messages are written to the class as needed.
    - Documentation generated by JSDoc 3.5.5 on Tue Sep 25 2018 19:37:57 GMT+0000 (Coordinated Universal Time) using the docdash theme. + Documentation generated by JSDoc 3.5.5 on Mon Oct 15 2018 00:40:26 GMT+0000 (Coordinated Universal Time) using the docdash theme.
    diff --git a/docs/module-SyslogPro-RFC5424.html b/docs/module-SyslogPro-RFC5424.html index 85c7229..61ec7d5 100644 --- a/docs/module-SyslogPro-RFC5424.html +++ b/docs/module-SyslogPro-RFC5424.html @@ -49,16 +49,17 @@ RFC5424 -
    A class to work with RFC5424 formatted syslog messages. The messaging is fully configurable and ANSI foreground -colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. -Most APIs will return a promise. These APIs can be used using +
    A class to work with RFC5424 formatted syslog messages. The messaging is +fully configurable and ANSI foreground * colors can be added. Both ANSI 8 +and ANSI 256 color are fully supported. +Most APIs will return a promise. These APIs can be used using `then(...)/catch(...)` A Syslog class with a configured -Syslog server target can also be used as the input into the formatting +Syslog server target can also be used as the input into the formatting classes so that it may run independently. -The RFC5424 Syslog logging format is meant to be used as a stream of log data +The RFC5424 Syslog logging format is meant to be used as a stream of log data from a service or application. This class is designed to be used in this fashion where new messages are written to the class as needed.
    @@ -87,7 +88,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -378,7 +379,7 @@ fashion where new messages are written to the class as needed. - RFC standard is for + RFC standard is for local time @@ -418,7 +419,7 @@ fashion where new messages are written to the class as needed. - Timestamp with ms + Timestamp with ms resolution @@ -498,7 +499,7 @@ fashion where new messages are written to the class as needed. - Included + Included any provided structured data @@ -616,7 +617,7 @@ fashion where new messages are written to the class as needed. - Included the UTF8 + Included the UTF8 encoding tag with syslog message text @@ -654,7 +655,7 @@ fashion where new messages are written to the class as needed. - User defended colors for + User defended colors for severities
    Properties
    @@ -709,9 +710,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in + the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + & 0-255 Extended) @@ -744,9 +745,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in the + form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + 0-255 Extended) @@ -779,9 +780,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in + the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + & 0-255 Extended) @@ -814,9 +815,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in the + form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + 0-255 Extended) @@ -849,9 +850,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in + the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + & 0-255 Extended) @@ -884,9 +885,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in the + form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + 0-255 Extended) @@ -919,9 +920,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color + in the form of #FFFFFF or as or the ANSI color code number (30-37 + Standard & 0-255 Extended) @@ -954,9 +955,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in the + form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + 0-255 Extended) @@ -1002,7 +1003,7 @@ fashion where new messages are written to the class as needed. - A Syslog server connection that should be used to send messages directly + A Syslog server connection that should be used to send messages directly from this class. @see SyslogPro~Syslog @@ -1073,7 +1074,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1132,7 +1133,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1201,7 +1202,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1260,7 +1261,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1319,7 +1320,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1378,7 +1379,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1437,7 +1438,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1506,7 +1507,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1565,7 +1566,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1634,7 +1635,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1693,7 +1694,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1752,7 +1753,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1811,7 +1812,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1880,7 +1881,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -1949,7 +1950,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2018,7 +2019,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2087,7 +2088,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2156,7 +2157,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2225,7 +2226,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2409,7 +2410,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -2647,7 +2648,7 @@ fashion where new messages are written to the class as needed. - Facility code to use sending this + Facility code to use sending this message @@ -2687,7 +2688,7 @@ fashion where new messages are written to the class as needed. - The process id of the service sending + The process id of the service sending this message @@ -2725,10 +2726,10 @@ fashion where new messages are written to the class as needed. - An array of structure - data strings conforming to the IETF/IANA defined SD-IDs or IANA - registered SMI Network Management Private Enterprise Code SD-ID - conforming to the format + An array of structure + data strings conforming to the IETF/IANA defined SD-IDs or IANA + registered SMI Network Management Private Enterprise Code SD-ID + conforming to the format [name@ parameter=value] @@ -2768,7 +2769,7 @@ fashion where new messages are written to the class as needed. - The ANSI color code to use if + The ANSI color code to use if message coloration is selected @@ -2866,7 +2867,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3050,7 +3051,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3234,7 +3235,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3418,7 +3419,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3602,7 +3603,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3786,7 +3787,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -3970,7 +3971,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -4154,7 +4155,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -4248,7 +4249,8 @@ fashion where new messages are written to the class as needed. - The informational message to send to the Syslog server + The informational message to send to the Syslog + server @@ -4338,7 +4340,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -4432,7 +4434,8 @@ fashion where new messages are written to the class as needed. - The informational message to send to the Syslog server + The informational message to send to the Syslog + server @@ -4522,7 +4525,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -4616,7 +4619,8 @@ fashion where new messages are written to the class as needed. - The informational message to send to the Syslog server + The informational message to send to the Syslog + server @@ -4706,7 +4710,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -4890,7 +4894,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -5074,7 +5078,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -5121,8 +5125,8 @@ fashion where new messages are written to the class as needed.
    - send a RFC5424 formatted message. Returns a promise with the formatted - message that was sent. If no server connection was defined when the + send a RFC5424 formatted message. Returns a promise with the formatted + message that was sent. If no server connection was defined when the class was created a default Syslog connector will be used.
    @@ -5267,7 +5271,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -5373,8 +5377,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -5408,8 +5412,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -5443,8 +5447,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -5478,8 +5482,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -5513,8 +5517,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -5548,8 +5552,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -5583,9 +5587,9 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - Extended) + A RGB Hex coded color in the + form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + 0-255 Extended) @@ -5618,8 +5622,8 @@ fashion where new messages are written to the class as needed. - A RGB Hex coded color in the form - of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + A RGB Hex coded color in the form + of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 Extended) @@ -5688,7 +5692,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -5872,7 +5876,7 @@ fashion where new messages are written to the class as needed.
    Source:
    @@ -6059,7 +6063,7 @@ fashion where new messages are written to the class as needed.
    - Documentation generated by JSDoc 3.5.5 on Tue Sep 25 2018 19:37:57 GMT+0000 (Coordinated Universal Time) using the docdash theme. + Documentation generated by JSDoc 3.5.5 on Mon Oct 15 2018 00:40:26 GMT+0000 (Coordinated Universal Time) using the docdash theme.
    diff --git a/docs/module-SyslogPro-Syslog.html b/docs/module-SyslogPro-Syslog.html index 56a5be8..f35e341 100644 --- a/docs/module-SyslogPro-Syslog.html +++ b/docs/module-SyslogPro-Syslog.html @@ -49,11 +49,11 @@ Syslog -
    A class to work with syslog messages using UDP, TCP, or TLS transport. -There is support for Syslog message formatting RFC-3164, RFC-5424 including +
    A class to work with syslog messages using UDP, TCP, or TLS transport. +There is support for Syslog message formatting RFC-3164, RFC-5424 including Structured Data, IBM LEEF (Log Event Extended Format), and HP CEF (Common Event Format). -Syslog formatting classes can be used as input into a Syslog class to be used +Syslog formatting classes can be used as input into a Syslog class to be used simultaneously to the same Syslog server. *
    @@ -81,7 +81,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -256,8 +256,8 @@ simultaneously to the same Syslog server. * - The IP Address|FQDN of the - Syslog Server, this option if set will take presidents over any target + The IP Address|FQDN of the + Syslog Server, this option if set will take presidents over any target set in a formatting object @@ -297,9 +297,9 @@ simultaneously to the same Syslog server. * - L4 transport protocol - (udp|tcp|tls), this option if set will take presidents over any transport - set in a formatting object + L4 transport protocol + (udp|tcp|tls), this option if set will take presidents over any + transport set in a formatting object @@ -338,7 +338,7 @@ simultaneously to the same Syslog server. * - IP port, this option if set will take + IP port, this option if set will take presidents over any IP Port set in a formatting object @@ -378,8 +378,8 @@ simultaneously to the same Syslog server. * - Ignored for all other - transports, this option if set will take presidents over any timeout + Ignored for all other + transports, this option if set will take presidents over any timeout set in a formatting object @@ -418,7 +418,7 @@ simultaneously to the same Syslog server. * Array of authorized TLS server - certificates file locations, this option if set will take presidents + certificates file locations, this option if set will take presidents over any certificates set in a formatting object @@ -456,8 +456,8 @@ simultaneously to the same Syslog server. * - Client TLS certificate file - location that this client should use, this option if set will take + Client TLS certificate file + location that this client should use, this option if set will take presidents over any certificates set in a formatting object @@ -495,8 +495,8 @@ simultaneously to the same Syslog server. * - Client TLS key file - location that this client should use, this option if set will take + Client TLS key file + location that this client should use, this option if set will take presidents over any certificates set in a formatting object >>>Syslog Format Settings @@ -537,7 +537,7 @@ simultaneously to the same Syslog server. * - Valid syslog format options for + Valid syslog format options for this module are 'none', 'rfc3164', 'rfc5424', 'leef', 'cef' @@ -649,7 +649,7 @@ simultaneously to the same Syslog server. * - IBM LEEF (Log Event Extended Format) object + IBM LEEF (Log Event Extended Format) object @@ -686,7 +686,7 @@ simultaneously to the same Syslog server. * - HP CEF (Common Event Format) formatting object + HP CEF (Common Event Format) formatting object @@ -756,7 +756,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -825,7 +825,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -894,7 +894,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -963,7 +963,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1032,7 +1032,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1101,7 +1101,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1170,7 +1170,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1239,7 +1239,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1308,7 +1308,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1377,7 +1377,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1446,7 +1446,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1515,7 +1515,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1584,7 +1584,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1653,7 +1653,7 @@ simultaneously to the same Syslog server. *
    Source:
    @@ -1699,7 +1699,7 @@ simultaneously to the same Syslog server. *
    - Add a TLS server certificate which can be used to authenticate the server + Add a TLS server certificate which can be used to authenticate the server this syslog client is connecting too. This function will validate the input as a file location string and add it to an array of certificates
    @@ -1848,7 +1848,7 @@ input as a file location string and add it to an array of certificates
    Source:
    @@ -1888,7 +1888,7 @@ input as a file location string and add it to an array of certificates
    - Send the Syslog message to the selected target Syslog server using the + Send the Syslog message to the selected target Syslog server using the selected transport.
    @@ -2060,7 +2060,7 @@ selected transport.
    Source:
    @@ -2271,7 +2271,7 @@ selected transport.
    Source:
    @@ -2482,7 +2482,7 @@ selected transport.
    Source:
    @@ -2669,7 +2669,7 @@ selected transport.
    - Documentation generated by JSDoc 3.5.5 on Tue Sep 25 2018 19:37:57 GMT+0000 (Coordinated Universal Time) using the docdash theme. + Documentation generated by JSDoc 3.5.5 on Mon Oct 15 2018 00:40:26 GMT+0000 (Coordinated Universal Time) using the docdash theme.
    diff --git a/docs/module-SyslogPro.html b/docs/module-SyslogPro.html index 775a02d..5284f06 100644 --- a/docs/module-SyslogPro.html +++ b/docs/module-SyslogPro.html @@ -55,13 +55,13 @@
    The SyslogPro module for sending syslog messages -Most APIs will return a promise. These APIs can be used using +Most APIs will return a promise. These APIs can be used using `then(...)/catch(...)` -Syslog formatting classes can be used as input into a Syslog class to be used +Syslog formatting classes can be used as input into a Syslog class to be used simultaneously to the same Syslog server. The Syslog Class with a configured -Syslog server target can also be used as the input into each of the formatting -classes so that they may run independently.
    +Syslog server target can also be used as the input into each of the +formatting classes so that they may run independently. @@ -395,7 +395,7 @@ classes so that they may run independently.
    - Documentation generated by JSDoc 3.5.5 on Tue Sep 25 2018 19:37:57 GMT+0000 (Coordinated Universal Time) using the docdash theme. + Documentation generated by JSDoc 3.5.5 on Mon Oct 15 2018 00:40:26 GMT+0000 (Coordinated Universal Time) using the docdash theme.
    diff --git a/index.js b/index.js index 8581ba5..fb2c443 100644 --- a/index.js +++ b/index.js @@ -3,13 +3,13 @@ /** * @fileoverview The SyslogPro module for sending syslog messages - * Most APIs will return a promise. These APIs can be used using + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` * - * Syslog formatting classes can be used as input into a Syslog class to be used + * Syslog formatting classes can be used as input into a Syslog class to be used * simultaneously to the same Syslog server. The Syslog Class with a configured - * Syslog server target can also be used as the input into each of the formatting - * classes so that they may run independently. + * Syslog server target can also be used as the input into each of the + * formatting classes so that they may run independently. * @author Craig Yamato * @copyright (c) 2018 - Craig Yamato * @version 0.1.0 @@ -18,12 +18,12 @@ * @exports CEF * @module SyslogPro */ -"use strict"; +'use strict'; const moment = require('moment'); -const os = require("os"); +const os = require('os'); const dns = require('dns'); let dnsPromises = dns.promises; -const fs = require("fs"); +const fs = require('fs'); /** * Format the ANSI foreground color code from a RGB hex code or ANSI color code @@ -33,9 +33,10 @@ const fs = require("fs"); * @returns {Promise} - The formatted ANSI color code * @throws {Error} - A Format Error */ -function rgbToAnsi (hex, extendedColor) { +function rgbToAnsi(hex, + extendedColor) { return new Promise((resolve, reject) => { - let colorCode = 0; // Var to hold color code + let colorCode = 0; // Var to hold color code // Break HEX Code up into RGB const hexParts = /^#?([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i.exec(hex); if (hexParts || typeof hex === 'number') { @@ -45,7 +46,7 @@ function rgbToAnsi (hex, extendedColor) { } else if ((hex > 29 && hex < 38) || (hex > 89 && hex < 98)) { resolve(hex); } else { - reject (new Error('FORMAT ERROR: Color code not in range')); + reject(new Error('FORMAT ERROR: Color code not in range')); } } else { const r = parseInt(hexParts[1], 16); @@ -54,18 +55,18 @@ function rgbToAnsi (hex, extendedColor) { if (extendedColor) { if (r === g && g === b) { // Gray Scale Color - if (r < 8) { - colorCode = 16; - } else if (r > 248) { - colorCode = 231; - } else { - colorCode = Math.round(((r - 8) / 247) * 24) + 232; - } + if (r < 8) { + colorCode = 16; + } else if (r > 248) { + colorCode = 231; + } else { + colorCode = Math.round(((r - 8) / 247) * 24) + 232; + } } else { colorCode = 16 - + (36 * Math.round(r / 255 * 5)) - + (6 * Math.round(g / 255 * 5)) - + Math.round(b / 255 * 5); + + (36 * Math.round(r / 255 * 5)) + + (6 * Math.round(g / 255 * 5)) + + Math.round(b / 255 * 5); } } else { colorCode = 30; @@ -94,58 +95,58 @@ function rgbToAnsi (hex, extendedColor) { } /** - * A class to work with syslog messages using UDP, TCP, or TLS transport. - * There is support for Syslog message formatting RFC-3164, RFC-5424 including + * A class to work with syslog messages using UDP, TCP, or TLS transport. + * There is support for Syslog message formatting RFC-3164, RFC-5424 including * Structured Data, IBM LEEF (Log Event Extended Format), and HP CEF (Common * Event Format). - * Syslog formatting classes can be used as input into a Syslog class to be used - * simultaneously to the same Syslog server. * + * Syslog formatting classes can be used as input into a Syslog class to be used + * simultaneously to the same Syslog server. * * @requires moment * @version 0.0.0 * @since 0.0.0 */ class Syslog { /** - * Construct a new Syslog transport object with user options + * Construct a new Syslog transport object with user options * @public * @version 0.0.0 * @since 0.0.0 * @this Syslog * @param {object} [options] - Options object * >>>Transport Configuration - * @param {string} [options.target='localhost'] - The IP Address|FQDN of the - * Syslog Server, this option if set will take presidents over any target + * @param {string} [options.target='localhost'] - The IP Address|FQDN of the + * Syslog Server, this option if set will take presidents over any target * set in a formatting object - * @param {string} [options.protocol='udp'] - L4 transport protocol - * (udp|tcp|tls), this option if set will take presidents over any transport - * set in a formatting object - * @param {number} [options.port=514] - IP port, this option if set will take + * @param {string} [options.protocol='udp'] - L4 transport protocol + * (udp|tcp|tls), this option if set will take presidents over any + * transport set in a formatting object + * @param {number} [options.port=514] - IP port, this option if set will take * presidents over any IP Port set in a formatting object - * @param {number} [options.tcpTimeout=10000] - Ignored for all other - * transports, this option if set will take presidents over any timeout + * @param {number} [options.tcpTimeout=10000] - Ignored for all other + * transports, this option if set will take presidents over any timeout * set in a formatting object * @param {string[]} [options.tlsServerCerts] - Array of authorized TLS server - * certificates file locations, this option if set will take presidents + * certificates file locations, this option if set will take presidents * over any certificates set in a formatting object - * @param {string} [options.tlsClientCert] - Client TLS certificate file - * location that this client should use, this option if set will take + * @param {string} [options.tlsClientCert] - Client TLS certificate file + * location that this client should use, this option if set will take * presidents over any certificates set in a formatting object - * @param {string} [options.tlsClientKey] - Client TLS key file - * location that this client should use, this option if set will take + * @param {string} [options.tlsClientKey] - Client TLS key file + * location that this client should use, this option if set will take * presidents over any certificates set in a formatting object * >>>Syslog Format Settings - * @param {string} [options.format='none'] - Valid syslog format options for + * @param {string} [options.format='none'] - Valid syslog format options for * this module are 'none', 'rfc3164', 'rfc5424', 'leef', 'cef' * @param {RFC3164} [options.rfc5424] - {@link module:SyslogPro~RFC5424| * RFC5424 related settings} * @param {RFC5424} [options.rfc5424] - {@link module:SyslogPro~RFC5424| * RFC5424 related settings} - * @param {LEEF} [options.leef] - {@link module:SyslogPro~LEEF|IBM LEEF - * (Log Event Extended Format) object} - * @param {CEF} [options.cef] - {@link module:SyslogPro~CEF|HP CEF - * (Common Event Format) formatting object} + * @param {LEEF} [options.leef] - {@link module:SyslogPro~LEEF|IBM LEEF + * (Log Event Extended Format) object} + * @param {CEF} [options.cef] - {@link module:SyslogPro~CEF|HP CEF + * (Common Event Format) formatting object} */ - constructor (options) { + constructor(options) { this.constructor__ = true; if (!options) { options = {}; @@ -160,21 +161,21 @@ class Syslog { this.port = options.port || 514; /** @type {number} */ this.tcpTimeout = options.tcpTimeout || 10000; - if ((typeof options.tlsServerCerts === 'object' + if ((typeof options.tlsServerCerts === 'object' && Array.isArray(options.tlsServerCerts)) || typeof options.tlsServerCerts === 'string') { - this.addTlsServerCerts(options.tlsServerCerts); + this.addTlsServerCerts(options.tlsServerCerts); } else { /** @type {string[]} */ this.tlsServerCerts = []; } if (options.tlsClientCert) { /** @type {string} */ - this.tlsClientCert = options.tlsClientCert; + this.tlsClientCert = options.tlsClientCert; } if (options.tlsClientKey) { /** @type {string} */ - this.tlsClientKey = options.tlsClientKey; + this.tlsClientKey = options.tlsClientKey; } // Syslog Format if (typeof options.format === 'string') { @@ -228,9 +229,9 @@ class Syslog { this.cef = new CEF(); } } - + /** - * Add a TLS server certificate which can be used to authenticate the server + * Add a TLS server certificate which can be used to authenticate the server * this syslog client is connecting too. This function will validate the * input as a file location string and add it to an array of certificates * @private @@ -240,7 +241,7 @@ class Syslog { * @returns {Promise} - True * @throws {Error} - A Type Error */ - addTlsServerCerts (certs) { + addTlsServerCerts(certs) { return new Promise((resolve, reject) => { if (typeof certs === 'object' && Array.isArray(certs)) { /** @private @type {string[]} */ @@ -248,7 +249,8 @@ class Syslog { } else if (typeof certs === 'string') { this.tlsServerCerts = [certs]; } else { - let errMsg = 'TYPE ERROR: Server Cert file locations should be a string'; + let errMsg = + 'TYPE ERROR: Server Cert file locations should be a string'; errMsg += ' or array of strings'; reject(new Error(errMsg)); } @@ -262,26 +264,27 @@ class Syslog { * @returns {Promise} - The Syslog formatted string sent * @throws {Error} - Network Error */ - udpMessage (msg) { + udpMessage(msg) { return new Promise((resolve, reject) => { - const dgram = require('dgram');// Test for target DNS and Address Family (IPv4/6) by looking up the DNS + // Test for target DNS and Address Family (IPv4/6) by looking up the DNS + const dgram = require('dgram'); const dnsOptions = { - verbatim: true + verbatim: true, }; dnsPromises.lookup(this.target, dnsOptions) - .then((result) => { - const udpType = result.family === 4 ? 'udp4' : 'udp6'; - let client = dgram.createSocket(udpType); - // Turn msg in to a UTF8 buffer - let msgBuffer = Buffer.from(msg, 'utf8'); - client.send(msgBuffer, this.port, this.target, (error) => { - client.close(); - resolve(msg); - }); - }) - .catch((error) => { - reject(error); // Reject out of the sendMessage function promise + .then((result) => { + const udpType = result.family === 4 ? 'udp4' : 'udp6'; + let client = dgram.createSocket(udpType); + // Turn msg in to a UTF8 buffer + let msgBuffer = Buffer.from(msg, 'utf8'); + client.send(msgBuffer, this.port, this.target, () => { + client.close(); + resolve(msg); }); + }) + .catch((error) => { + reject(error); // Reject out of the sendMessage function promise + }); }); } /** @@ -292,42 +295,42 @@ class Syslog { * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - tcpMessage (msg) { + tcpMessage(msg) { return new Promise((resolve, reject) => { const net = require('net'); const dnsOptions = { - verbatim: true + verbatim: true, }; dnsPromises.lookup(this.target, dnsOptions) - .then((result) => { - const tcpOptions = { - host: this.target, - port: this.port, - family: result.family - }; - const client = net.createConnection(tcpOptions, () => { - // Turn msg in to a UTF8 buffer - let msgBuffer = Buffer.from(msg, 'utf8'); - client.write(msgBuffer, () => { - client.end(); - }); - }); - client.setTimeout(this.tcpTimeout); - client.on('end', () => { - resolve(msg); - }); - client.on('timeout', () => { + .then((result) => { + const tcpOptions = { + host: this.target, + port: this.port, + family: result.family, + }; + const client = net.createConnection(tcpOptions, () => { + // Turn msg in to a UTF8 buffer + let msgBuffer = Buffer.from(msg, 'utf8'); + client.write(msgBuffer, () => { client.end(); - reject(new Error('TIMEOUT ERROR: Syslog server TCP timeout')); }); - client.on('error', (error) => { - client.destroy(); - reject(error); - }); - }) - .catch((error) => { + }); + client.setTimeout(this.tcpTimeout); + client.on('end', () => { + resolve(msg); + }); + client.on('timeout', () => { + client.end(); + reject(new Error('TIMEOUT ERROR: Syslog server TCP timeout')); + }); + client.on('error', (error) => { + client.destroy(); reject(error); }); + }) + .catch((error) => { + reject(error); + }); }); } /** @@ -338,7 +341,7 @@ class Syslog { * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - tlsMessage (msg) { + tlsMessage(msg) { return new Promise((resolve, reject) => { const tls = require('tls'); const tlsOptions = { @@ -346,17 +349,17 @@ class Syslog { port: this.port, }; // Load client cert and key if requested - if (typeof this.tlsClientKey === 'string' + if (typeof this.tlsClientKey === 'string' && typeof this.tlsClientCert === 'string') { tlsOptions.key = fs.readFileSync(this.tlsClientKey); - tlsOptions.cert = fs.readFileSync(this.tlsClientCert); - } else if (typeof this.tlsClientKey !== 'string' + tlsOptions.cert = fs.readFileSync(this.tlsClientCert); + } else if (typeof this.tlsClientKey !== 'string' && typeof this.tlsClientKey !== 'undefined') { let errMsg = 'TYPE ERROR: TLS Client Key is not a file'; errMsg += 'location string'; reject(new Error(errMsg)); return; - } else if (typeof this.tlsClientCert !== 'string' + } else if (typeof this.tlsClientCert !== 'string' && typeof this.tlsClientCert !== 'undefined') { let errMsg = 'TYPE ERROR: TLS Client Cert is not a file'; errMsg += 'location string'; @@ -367,7 +370,7 @@ class Syslog { let tlsCerts = this.tlsServerCerts.length; if (tlsCerts > 0) { let tlsOptionsCerts = []; - for (let certIndex=0; certIndex { client.destroy(); reject(error); - }); + }); }); } /** - * Send the Syslog message to the selected target Syslog server using the + * Send the Syslog message to the selected target Syslog server using the * selected transport. * @private * @param {string} msg - The formatted Syslog Message @@ -409,37 +412,37 @@ class Syslog { * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - send (msg) { + send(msg) { return new Promise((resolve, reject) => { if (typeof msg !== 'string') { - reject(new Error("TYPE ERROR: Syslog message must be a string")); + reject(new Error('TYPE ERROR: Syslog message must be a string')); return; } this.protocol = this.protocol.toLowerCase(); if (this.protocol === 'udp') { this.udpMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else if (this.protocol === 'tcp') { this.tcpMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else if (this.protocol === 'tls') { this.tlsMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); + .then((result) => { + resolve(result); + }) + .catch((reson) => { + reject(reson); + }); } else { let errorMsg = 'FORMAT ERROR: Protocol not recognized, should be '; errorMsg += 'udp|tcp|tls'; @@ -448,18 +451,18 @@ class Syslog { }); } } - + /** - * A class to work with RFC3164 formatted syslog messages. The messaging is fully configurable and ANSI foreground - * colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. - * Most APIs will return a promise. These APIs can be used using - * `then(...)/catch(...)` - * + * A class to work with RFC3164 formatted syslog messages. The messaging is + * fully configurable and ANSI foreground colors can be added. Both ANSI 8 and + * ANSI 256 color are fully supported. Most APIs will return a promise. These + * APIs can be used using `then(...)/catch(...)` + * * A Syslog class with a configured - * Syslog server target can also be used as the input into the formatting + * Syslog server target can also be used as the input into the formatting * classes so that it may run independently. - * - * The RFC3164 Syslog logging format is meant to be used as a stream of log data + * + * The RFC3164 Syslog logging format is meant to be used as a stream of log data * from a service or application. This class is designed to be used in this * fashion where new messages are written to the class as needed. * @requires moment @@ -468,49 +471,49 @@ class Syslog { */ class RFC3164 { /** - * Construct a new RFC3164 formatted Syslog object with user options + * Construct a new RFC3164 formatted Syslog object with user options * @public * @this RFC3164 * @param {object} [options] - Options object * @param {string} [options.applacationName='NodeJSLogger'] - Application * @param {string} [options.hostname=os.hostname] - The name of this server - * @param {number} [options.facility=23] - Facility code to use sending this - * message - * @param {boolean} [options.color=false] - Apply color coding encoding tag - * with syslog message text - * @param {boolean} [options.extendedColor=false] - Use the extended ANSI - * color set encoding tag with syslog message text - * @param {object} [options.colors] - User defended colors for + * @param {number} [options.facility=23] - Facility code to use sending this + * message + * @param {boolean} [options.color=false] - Apply color coding encoding tag + * with syslog message text + * @param {boolean} [options.extendedColor=false] - Use the extended ANSI + * color set encoding tag with syslog message text + * @param {object} [options.colors] - User defended colors for * severities - * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) + * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.warningColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.informationalColor] - A RGB Hex coded color + * in the form of #FFFFFF or as or the ANSI color code number (30-37 + * Standard & 0-255 Extended) + * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -570,189 +573,189 @@ class RFC3164 { } /** * Sets the color to be used for messages at a set priority - * @public - * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @public + * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.alertColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.errorColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.warningColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.informationalColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [colors.debugColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) * @throws {Error} A standard error object */ - setColor (colors, extendedColor) { + setColor(colors, extendedColor) { return new Promise((resolve, reject) => { let colorPromises = []; if (colors.emergencyColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.emergencyColor, this.extendedColor) - .then((result) => { - this.emergencyColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'emergencyColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.emergencyColor, this.extendedColor) + .then((result) => { + this.emergencyColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'emergencyColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.alertColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.alertColor, this.extendedColor) - .then((result) => { - this.alertColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'alertColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.alertColor, this.extendedColor) + .then((result) => { + this.alertColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'alertColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.criticalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.criticalColor, this.extendedColor) - .then((result) => { - this.criticalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'criticalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.criticalColor, this.extendedColor) + .then((result) => { + this.criticalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'criticalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.errorColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.errorColor, this.extendedColor) - .then((result) => { - this.errorColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'errorColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.errorColor, this.extendedColor) + .then((result) => { + this.errorColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'errorColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.warningColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.warningColor, this.extendedColor) - .then((result) => { - this.warningColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'warningColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.warningColor, this.extendedColor) + .then((result) => { + this.warningColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'warningColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.noticeColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.noticeColor, this.extendedColor) - .then((result) => { - this.noticeColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'noticeColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.noticeColor, this.extendedColor) + .then((result) => { + this.noticeColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'noticeColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.informationalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.informationalColor, this.extendedColor) - .then((result) => { - this.informationalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'informationalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.informationalColor, this.extendedColor) + .then((result) => { + this.informationalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'informationalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.debugColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.debugColor, this.extendedColor) - .then((result) => { - this.debugColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'debugColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.debugColor, this.extendedColor) + .then((result) => { + this.debugColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'debugColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } Promise.all(colorPromises) - .then((results) => { - resolve(true); - }) - .catch((reson) => { - reject(reson); - }); + .then((results) => { + resolve(true); + }) + .catch((reson) => { + reject(reson); + }); }); } /** - * Building a formatted message. Returns a promise with a formatted message + * Building a formatted message. Returns a promise with a formatted message * @public * @param {string} msg - The Syslog Message * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.colorCode=36] - The ANSI color code to use if * message coloration is selected * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - buildMessage (msg, options) { + buildMessage(msg, options) { return new Promise((resolve, reject) => { options = options || {}; - let severity = typeof options.severity === 'number' ? - options.severity : 6; + let severity = typeof options.severity === 'number' ? + options.severity : 6; if (typeof msg !== 'string' || options.msgSeverity > 7) { let errMsg = 'FORMAT ERROR: Syslog message must be a string'; errMsg += ' msgSeverity must be a number between 0 and 7'; @@ -779,15 +782,17 @@ class RFC3164 { colorCode += options.msgColor; colorCode += 'm'; // ANSI Color Closer } else { - colorCode = '[39m'; // Use terminal's default color + colorCode = '[39m'; // Use terminal's default color } msg = escapeCode + colorCode + msg + resetColor; } - // RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164 uses BSD timeformat - const rfc3164DateRegEx = /((A|D|F|J|M|N|O|S)(a|c|e|p|o|u)(b|c|g|l|n|p|r|t|v|y)\s)0(\d\s\d\d:\d\d:\d\d)/; + // RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164 + // uses BSD timeformat + const rfc3164DateRegEx = +/((A|D|F|J|M|N|O|S)(a|c|e|p|o|u)(b|c|g|l|n|p|r|t|v|y)\s)0(\d\s\d\d:\d\d:\d\d)/; const timestamp = moment() - .format('MMM DD hh:mm:ss') - .replace(rfc3164DateRegEx, '$1 $5'); + .format('MMM DD hh:mm:ss') + .replace(rfc3164DateRegEx, '$1 $5'); // Build message fmtMsg = '<' + pri + '>'; fmtMsg += timestamp; @@ -799,19 +804,19 @@ class RFC3164 { }); } /** - * send a RFC5424 formatted message. Returns a promise with the formatted - * message that was sent. If no server connection was defined when the - * class was created a default Syslog connector will be used. + * send a RFC5424 formatted message. Returns a promise with the formatted + * message that was sent. If no server connection was defined when the + * class was created a default Syslog connector will be used. * @see SyslogPro~Syslog * @public * @param {string} msg - The unformatted Syslog message to send * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.colorCode=36] - The ANSI color code to use if * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - send (msg, options) { + send(msg, options) { return new Promise((resolve, reject) => { if (!this.server) { this.server = new Syslog(); @@ -830,7 +835,7 @@ class RFC3164 { reject(error); }); }); - } + } /** * Send a syslog message with a security level of 0 (Emergency) * @public @@ -838,10 +843,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emergency (msg) { + emergency(msg) { return this.send(msg, { - severity: 0, - colorCode: this.emergencyColor + severity: 0, + colorCode: this.emergencyColor, }); } /** @@ -851,7 +856,7 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emer (msg) { + emer(msg) { return this.emergency(msg); } /** @@ -861,10 +866,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - alert (msg) { + alert(msg) { return this.send(msg, { - severity: 1, - colorCode: this.alertColor + severity: 1, + colorCode: this.alertColor, }); } /** @@ -874,10 +879,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - critical (msg) { + critical(msg) { return this.send(msg, { - severity: 2, - colorCode: this.criticalColor + severity: 2, + colorCode: this.criticalColor, }); } /** @@ -887,7 +892,7 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - crit (msg) { + crit(msg) { return this.critical(msg); } /** @@ -897,10 +902,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - error (msg) { + error(msg) { return this.send(msg, { - severity: 3, - colorCode: this.errorColor + severity: 3, + colorCode: this.errorColor, }); } /** @@ -910,7 +915,7 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - err (msg) { + err(msg) { return this.error(msg); } /** @@ -920,10 +925,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warning (msg) { + warning(msg) { return this.send(msg, { - severity: 4, - colorCode: this.warningColor + severity: 4, + colorCode: this.warningColor, }); } /** @@ -933,7 +938,7 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warn (msg) { + warn(msg) { return this.warning(msg); } /** @@ -943,10 +948,10 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - notice (msg) { + notice(msg) { return this.send(msg, { - severity: 5, - colorCode: this.noticeColor + severity: 5, + colorCode: this.noticeColor, }); } /** @@ -956,40 +961,43 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - note (msg) { + note(msg) { return this.notice(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - informational (msg) { + informational(msg) { return this.send(msg, { - severity: 6, - colorCode: this.informationalColor + severity: 6, + colorCode: this.informationalColor, }); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - info (msg) { + info(msg) { return this.informational(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - log (msg) { + log(msg) { return this.informational(msg); } /** @@ -999,25 +1007,26 @@ class RFC3164 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - debug (msg) { + debug(msg) { return this.send(msg, { - severity: 7, - colorCode: this.debugColor + severity: 7, + colorCode: this.debugColor, }); } } /** - * A class to work with RFC5424 formatted syslog messages. The messaging is fully configurable and ANSI foreground - * colors can be added. Both ANSI 8 and ANSI 256 color are fully supported. - * Most APIs will return a promise. These APIs can be used using + * A class to work with RFC5424 formatted syslog messages. The messaging is + * fully configurable and ANSI foreground * colors can be added. Both ANSI 8 + * and ANSI 256 color are fully supported. + *Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * + * * A Syslog class with a configured - * Syslog server target can also be used as the input into the formatting + * Syslog server target can also be used as the input into the formatting * classes so that it may run independently. - * - * The RFC5424 Syslog logging format is meant to be used as a stream of log data + * + * The RFC5424 Syslog logging format is meant to be used as a stream of log data * from a service or application. This class is designed to be used in this * fashion where new messages are written to the class as needed. * @requires moment @@ -1026,56 +1035,56 @@ class RFC3164 { */ class RFC5424 { /** - * Construct a new RFC5424 formatted Syslog object with user options + * Construct a new RFC5424 formatted Syslog object with user options * @public * @this RFC5424 * @param {object} [options] - Options object * @param {string} [options.applacationName='NodeJSLogger'] - Application * @param {string} [options.hostname=os.hostname] - The name of this server * @param {boolean} [options.timestamp=false] - Included a Timestamp - * @param {boolean} [options.timestampUTC=false] - RFC standard is for + * @param {boolean} [options.timestampUTC=false] - RFC standard is for * local time - * @param {boolean} [options.timestampMS=false] - Timestamp with ms + * @param {boolean} [options.timestampMS=false] - Timestamp with ms * resolution * @param {boolean} [options.timestampTZ=true] - Should the timestamp * included time zone - * @param {boolean} [options.encludeStructuredData=false] - Included + * @param {boolean} [options.encludeStructuredData=false] - Included * any provided structured data - * @param {boolean} [options.utf8BOM=true] - Included the UTF8 - * @param {boolean} [options.color=false] - Included the UTF8 - * @param {boolean} [options.extendedColor=false] - Included the UTF8 - * encoding tag with syslog message text - * @param {object} [options.colors] - User defended colors for + * @param {boolean} [options.utf8BOM=true] - Included the UTF8 + * @param {boolean} [options.color=false] - Included the UTF8 + * @param {boolean} [options.extendedColor=false] - Included the UTF8 + * encoding tag with syslog message text + * @param {object} [options.colors] - User defended colors for * severities - * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) + * @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.alertColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.criticalColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.errorColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.warningColor] - A RGB Hex coded color in + * the form of #FFFFFF or as or the ANSI color code number (30-37 Standard + * & 0-255 Extended) + * @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [options.colors.informationalColor] - A RGB Hex coded color + * in the form of #FFFFFF or as or the ANSI color code number (30-37 + * Standard & 0-255 Extended) + * @param {string} [options.colors.debugColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -1170,198 +1179,198 @@ class RFC5424 { } /** * Sets the color to be used for messages at a set priority - * @public - * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @public + * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.alertColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.errorColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.warningColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) - * @param {string} [colors.informationalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * @param {string} [colors.informationalColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [colors.debugColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 * Extended) * @throws {Error} A standard error object */ - setColor (colors, extendedColor) { + setColor(colors, extendedColor) { return new Promise((resolve, reject) => { let colorPromises = []; if (colors.emergencyColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.emergencyColor, this.extendedColor) - .then((result) => { - this.emergencyColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'emergencyColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.emergencyColor, this.extendedColor) + .then((result) => { + this.emergencyColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'emergencyColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.alertColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.alertColor, this.extendedColor) - .then((result) => { - this.alertColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'alertColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.alertColor, this.extendedColor) + .then((result) => { + this.alertColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'alertColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.criticalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.criticalColor, this.extendedColor) - .then((result) => { - this.criticalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'criticalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.criticalColor, this.extendedColor) + .then((result) => { + this.criticalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'criticalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.errorColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.errorColor, this.extendedColor) - .then((result) => { - this.errorColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'errorColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.errorColor, this.extendedColor) + .then((result) => { + this.errorColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'errorColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.warningColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.warningColor, this.extendedColor) - .then((result) => { - this.warningColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'warningColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.warningColor, this.extendedColor) + .then((result) => { + this.warningColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'warningColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.noticeColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.noticeColor, this.extendedColor) - .then((result) => { - this.noticeColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'noticeColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.noticeColor, this.extendedColor) + .then((result) => { + this.noticeColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'noticeColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.informationalColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.informationalColor, this.extendedColor) - .then((result) => { - this.informationalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'informationalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.informationalColor, this.extendedColor) + .then((result) => { + this.informationalColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'informationalColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } if (colors.debugColor) { colorPromises.push( - new Promise((resolve,reject) => { - rgbToAnsi(colors.debugColor, this.extendedColor) - .then((result) => { - this.debugColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'debugColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); + new Promise((resolve, reject) => { + rgbToAnsi(colors.debugColor, this.extendedColor) + .then((result) => { + this.debugColor = result; + resolve(true); + }) + .catch((reson) => { + reson.message = 'TYPE ERROR: '; + reson.message += 'debugColor'; + reson.message += ' Not in RGB color hex or color code'; + reject(reson); + }); + })); } Promise.all(colorPromises) - .then((results) => { - resolve(true); - }) - .catch((reson) => { - reject(reson); - }); + .then((results) => { + resolve(true); + }) + .catch((reson) => { + reject(reson); + }); }); } /** - * Building a formatted message. Returns a promise with a formatted message + * Building a formatted message. Returns a promise with a formatted message * @public * @param {string} msg - The Syslog Message * @param {object} [options] - Options object - * @param {number} [options.severity=7] - An array of structure - * @param {number} [options.facility=23] - Facility code to use sending this - * message - * @param {string} [options.pid='-'] - The process id of the service sending - * this message - * @param {string[]} [options.structuredData] - An array of structure - * data strings conforming to the IETF/IANA defined SD-IDs or IANA - * registered SMI Network Management Private Enterprise Code SD-ID - * conforming to the format - * [name@ parameter=value] - * @param {number} [options.colorCode=36] - The ANSI color code to use if + * @param {number} [options.severity=7] - An array of structure + * @param {number} [options.facility=23] - Facility code to use sending this + * message + * @param {string} [options.pid='-'] - The process id of the service sending + * this message + * @param {string[]} [options.structuredData] - An array of structure + * data strings conforming to the IETF/IANA defined SD-IDs or IANA + * registered SMI Network Management Private Enterprise Code SD-ID + * conforming to the format + * [name@ parameter=value] + * @param {number} [options.colorCode=36] - The ANSI color code to use if * message coloration is selected * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - buildMessage (msg, options) { + buildMessage(msg, options) { return new Promise((resolve, reject) => { options = options || {}; - let severity = typeof options.severity === 'number' ? - options.severity : 6; + let severity = typeof options.severity === 'number' ? + options.severity : 6; if (typeof msg !== 'string' || options.severity > 7) { let errMsg = 'FORMAT ERROR: Syslog message must be a string'; errMsg += ' msgSeverity must be a number between 0 and 7'; @@ -1392,7 +1401,7 @@ class RFC5424 { colorCode += options.msgColor; colorCode += 'm'; // ANSI Color Closer } else { - colorCode = '[39m'; // Use terminal's default color + colorCode = '[39m'; // Use terminal's default color } msg = escapeCode + colorCode + msg + resetColor; } @@ -1439,7 +1448,7 @@ class RFC5424 { timeQuality += ']'; msgStructuredData.push(timeQuality); } - //Build Structured Data string + // Build Structured Data string let structuredData = '-'; const sdElementCount = msgStructuredData.length; if (this.encludeStructuredData && sdElementCount > 0) { @@ -1447,12 +1456,12 @@ class RFC5424 { let sdElements = []; const sdElementNameRegEx = /(\[)(\S*)(\s|\])/; // Loop to drop duplicates of the same SD Element name - for (let elementIndex=0; - elementIndex { if (!this.server) { this.server = new Syslog(); @@ -1515,10 +1524,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emergency (msg) { + emergency(msg) { return this.send(msg, { - severity: 0, - colorCode: this.emergencyColor + severity: 0, + colorCode: this.emergencyColor, }); } /** @@ -1528,7 +1537,7 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - emer (msg) { + emer(msg) { return this.emergency(msg); } /** @@ -1538,10 +1547,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - alert (msg) { + alert(msg) { return this.send(msg, { - severity: 1, - colorCode: this.alertColor + severity: 1, + colorCode: this.alertColor, }); } /** @@ -1551,10 +1560,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - critical (msg) { + critical(msg) { return this.send(msg, { - severity: 2, - colorCode: this.criticalColor + severity: 2, + colorCode: this.criticalColor, }); } /** @@ -1564,7 +1573,7 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - crit (msg) { + crit(msg) { return this.critical(msg); } /** @@ -1574,10 +1583,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - error (msg) { + error(msg) { return this.send(msg, { - severity: 3, - colorCode: this.errorColor + severity: 3, + colorCode: this.errorColor, }); } /** @@ -1587,7 +1596,7 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - err (msg) { + err(msg) { return this.error(msg); } /** @@ -1597,10 +1606,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warning (msg) { + warning(msg) { return this.send(msg, { - severity: 4, - colorCode: this.warningColor + severity: 4, + colorCode: this.warningColor, }); } /** @@ -1610,7 +1619,7 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - warn (msg) { + warn(msg) { return this.warning(msg); } /** @@ -1620,10 +1629,10 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - notice (msg) { + notice(msg) { return this.send(msg, { - severity: 5, - colorCode: this.noticeColor + severity: 5, + colorCode: this.noticeColor, }); } /** @@ -1633,40 +1642,43 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - note (msg) { + note(msg) { return this.notice(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - informational (msg) { + informational(msg) { return this.send(msg, { - severity: 6, - colorCode: this.informationalColor + severity: 6, + colorCode: this.informationalColor, }); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - info (msg) { + info(msg) { return this.informational(msg); } /** * Send a syslog message with a severity level of 6 (Informational) * @public - * @param {string} msg - The informational message to send to the Syslog server + * @param {string} msg - The informational message to send to the Syslog + * server * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - log (msg) { + log(msg) { return this.informational(msg); } /** @@ -1676,26 +1688,26 @@ class RFC5424 { * @returns {Promise} - The formatted syslog message sent to the Syslog server * @throws {Error} - Any bubbled-up error */ - debug (msg) { + debug(msg) { return this.send(msg, { - severity: 7, - colorCode: this.debugColor + severity: 7, + colorCode: this.debugColor, }); } } - + /** * A class to work with IBM LEEF (Log Event Extended Format) messages this form * of system messages are designed to work with security systems. Messages can - * be saved to file (Saving to file if not part of this module but a LEEF - * formatted message produced by this module can be saved externally to it) or - * sent via Syslog. - * Most APIs will return a promise. These APIs can be used using + * be saved to file (Saving to file if not part of this module but a LEEF + * formatted message produced by this module can be saved externally to it) or + * sent via Syslog. + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * - * A Syslog class with a configured Syslog server target can also be used as - * the input into the formatting classes so that it may run independently. The - * LEEF format is designed to send event data to a SIEM system and should not + * + * A Syslog class with a configured Syslog server target can also be used as + * the input into the formatting classes so that it may run independently. The + * LEEF format is designed to send event data to a SIEM system and should not * be as a logging stream. This class is meant to be used once per message. * @requires moment * @version 0.0.0 @@ -1708,22 +1720,22 @@ class LEEF { * @param {object} [options] - Options object * @param {string} [options.vendor='unknown'] - The vendor of the system that * generated the event being reported - * @param {string} [options.product='unknown'] - The product name of the + * @param {string} [options.product='unknown'] - The product name of the * system that genrated the event being reported - * @param {string} [options.version='unknown'] - The version name of the + * @param {string} [options.version='unknown'] - The version name of the * system that genrated the event being reported - * @param {string} [options.eventId='unknown'] - The eventId of the + * @param {string} [options.eventId='unknown'] - The eventId of the * system that genrated the event being reported - * @param {object} [options.attributes] - LEEF message attributes which + * @param {object} [options.attributes] - LEEF message attributes which * defaults to all base attributes with null values, new attributes should * be added as new elements to this object - * @param {boolean} [options.syslogHeader='true'] - Should the LEEF message + * @param {boolean} [options.syslogHeader='true'] - Should the LEEF message * include a Syslog header with Timestamp and source * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -1736,8 +1748,8 @@ class LEEF { /** @type {string} */ this.eventId = options.eventId || 'unknown'; /** @type {boolean} */ - this.syslogHeader = typeof options.syslogHeader === 'boolean' - ? options.syslogHeader : true; + this.syslogHeader = typeof options.syslogHeader === 'boolean' + ? options.syslogHeader : true; /** @type {object} */ this.attributes = options.attributes || { cat: null, @@ -1801,7 +1813,7 @@ class LEEF { * @public * @return {Promise} - string with formatted message */ - buildMessage () { + buildMessage() { return new Promise((resolve, reject) => { let fmtMsg = 'LEEF:2.0'; fmtMsg += '|' + this.vendor; @@ -1809,7 +1821,7 @@ class LEEF { fmtMsg += '|' + this.version; fmtMsg += '|' + this.eventId; fmtMsg += '|'; - + // Build LEEF Attributes const Tab = '\x09'; const leefAttribs = Object.entries(this.attributes); @@ -1822,14 +1834,14 @@ class LEEF { resolve(fmtMsg); }); } - + /** * @public * @param {Syslog} [options=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - send (options) { + send(options) { return new Promise((resolve, reject) => { this.buildMessage() .then((result) => { @@ -1851,42 +1863,42 @@ class LEEF { /** * A class to work with HP CEF (Common Event Format) messages. This form * of system messages are designed to work with security systems. Messages can - * be saved to file (Saving to file if not part of this module but a CEF - * formatted message produced by this module can be saved externally to it) or + * be saved to file (Saving to file if not part of this module but a CEF + * formatted message produced by this module can be saved externally to it) or * sent via Syslog. - * Most APIs will return a promise. These APIs can be used using + * Most APIs will return a promise. These APIs can be used using * `then(...)/catch(...)` - * - * A Syslog class with a configured Syslog server target can also be used as - * the input into the formatting classes so that it may run independently. The CEF - * format is designed to send event data to a SIEM system and should not be as - * a logging stream. This class is meant to be used once per message. + * + * A Syslog class with a configured Syslog server target can also be used as + * the input into the formatting classes so that it may run independently. The + * CEF format is designed to send event data to a SIEM system and should not be + * as a logging stream. This class is meant to be used once per message. * @requires moment * @version 0.0.0 * @since 0.0.0 */ class CEF { /** - * Construct a new CEF formatting object with user options + * Construct a new CEF formatting object with user options * @public * @param {object} [options] - Options object - * @param {string} [options.deviceVendor='unknown'] - The vendor of the system + * @param {string} [options.deviceVendor='unknown'] - The vendor of the system * that generated the event being reported - * @param {string} [options.deviceProduct='unknown'] - The product name of the + * @param {string} [options.deviceProduct='unknown'] - The product name of the * system that genrated the event being reported - * @param {string} [options.deviceVersion='unknown'] - The version name of the + * @param {string} [options.deviceVersion='unknown'] - The version name of the * system that genrated the event being reported - * @param {string} [options.deviceEventClassId='unknown'] - The eventId of the + * @param {string} [options.deviceEventClassId='unknown'] - The eventId of the * system that genrated the event being reported - * @param {string} [options.name='unknown'] - Name of the service generating + * @param {string} [options.name='unknown'] - Name of the service generating * the notice * @param {string} [options.severity='unknown'] - Severity of the notification * @param {string} [options.extensions={}] - Any CEF Key=Value extensions * @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - constructor (options) { + constructor(options) { /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -1904,163 +1916,163 @@ class CEF { this.severity = options.severity || 'Unknown'; /** @type {object} */ this.extensions = options.extensions || { - 'deviceAction': null, - 'applicationProtocol': null, - 'deviceCustomIPv6Address1': null, + deviceAction: null, + applicationProtocol: null, + deviceCustomIPv6Address1: null, 'deviceCustomIPv6 Address1Label': null, - 'deviceCustomIPv6Address3': null, + deviceCustomIPv6Address3: null, 'deviceCustomIPv6Address3 Label': null, 'deviceCustomIPv6 Address4': null, 'deviceCustomIPv6 Address4Label': null, - 'deviceEventCategory': null, - 'deviceCustomFloatingPoint1': null, + deviceEventCategory: null, + deviceCustomFloatingPoint1: null, 'deviceCustom FloatingPoint1Label': null, - 'deviceCustomFloatingPoint2': null, + deviceCustomFloatingPoint2: null, 'deviceCustomFloatingPoint2 Label': null, - 'deviceCustomFloatingPoint3': null, + deviceCustomFloatingPoint3: null, 'deviceCustom FloatingPoint3Label': null, - 'deviceCustomFloatingPoint4': null, + deviceCustomFloatingPoint4: null, 'deviceCustom FloatingPoint4Label': null, - 'deviceCustomNumber1': null, - 'deviceCustomNumber1Label': null, - 'DeviceCustomNumber2': null, - 'deviceCustomNumber2Label': null, - 'deviceCustomNumber3': null, - 'deviceCustomNumber3Label': null, - 'baseEventCount': null, - 'deviceCustomString1': null, - 'deviceCustomString1Label': null, - 'deviceCustomString2': null, - 'deviceCustomString2Label': null, - 'deviceCustomString3': null, - 'deviceCustomString3Label': null, - 'deviceCustomString4': null, - 'deviceCustomString4Label': null, - 'deviceCustomString5': null, - 'deviceCustomString5Label': null, - 'deviceCustomString6': null, - 'deviceCustomString6Label': null, - 'destinationDnsDomain': null, - 'destinationServiceName': null, + deviceCustomNumber1: null, + deviceCustomNumber1Label: null, + DeviceCustomNumber2: null, + deviceCustomNumber2Label: null, + deviceCustomNumber3: null, + deviceCustomNumber3Label: null, + baseEventCount: null, + deviceCustomString1: null, + deviceCustomString1Label: null, + deviceCustomString2: null, + deviceCustomString2Label: null, + deviceCustomString3: null, + deviceCustomString3Label: null, + deviceCustomString4: null, + deviceCustomString4Label: null, + deviceCustomString5: null, + deviceCustomString5Label: null, + deviceCustomString6: null, + deviceCustomString6Label: null, + destinationDnsDomain: null, + destinationServiceName: null, 'destinationTranslated Address': null, - 'destinationTranslatedPort': null, - 'deviceCustomDate1': null, - 'deviceCustomDate1Label': null, - 'deviceCustomDate2': null, - 'deviceCustomDate2Label': null, - 'deviceDirection': null, - 'deviceDnsDomain': null, - 'deviceExternalId': null, - 'deviceFacility': null, - 'deviceInboundInterface': null, - 'deviceNtDomain': null, - 'deviceOutboundInterface': null, - 'devicePayloadId': null, - 'deviceProcessName': null, - 'deviceTranslatedAddress': null, - 'destinationHostName': null, - 'destinationMacAddress': null, - 'destinationNtDomain': null, - 'destinationProcessId': null, - 'destinationUserPrivileges': null, - 'destinationProcessName': null, - 'destinationPort': null, - 'destinationAddress': null, - 'deviceTimeZone': null, - 'destinationUserId': null, - 'destinationUserName': null, - 'deviceAddress': null, - 'deviceHostName': null, - 'deviceMacAddress': null, - 'deviceProcessId': null, - 'endTime': null, - 'externalId': null, - 'fileCreateTime': null, - 'fileHash': null, - 'fileId': null, - 'fileModificationTime': null, - 'filePath': null, - 'filePermission': null, - 'fileType': null, - 'flexDate1': null, - 'flexDate1Label': null, - 'flexString1': null, - 'flexString1Label': null, - 'flexString2': null, - 'flexString2Label': null, - 'filename': null, - 'fileSize': null, - 'bytesIn': null, - 'message': null, - 'oldFileCreateTime': null, - 'oldFileHash': null, - 'oldFileId': null, - 'oldFileModificationTime': null, - 'oldFileName': null, - 'oldFilePath': null, - 'oldFileSize': null, - 'oldFileType': null, - 'bytesOut': null, - 'eventOutcome': null, - 'transportProtocol': null, - 'Reason': null, - 'requestUrl': null, - 'requestClientApplication': null, - 'requestContext': null, - 'requestCookies': null, - 'requestMethod': null, - 'deviceReceiptTime': null, - 'sourceHostName': null, - 'sourceMacAddress': null, - 'sourceNtDomain': null, - 'sourceDnsDomain': null, - 'sourceServiceName': null, - 'sourceTranslatedAddress': null, - 'sourceTranslatedPort': null, - 'sourceProcessId': null, - 'sourceUserPrivileges': null, - 'sourceProcessName': null, - 'sourcePort': null, - 'sourceAddress': null, - 'startTime': null, - 'sourceUserId': null, - 'sourceUserName': null, - 'type': null, - 'agentDnsDomain': null, - 'agentNtDomain': null, - 'agentTranslatedAddress': null, + destinationTranslatedPort: null, + deviceCustomDate1: null, + deviceCustomDate1Label: null, + deviceCustomDate2: null, + deviceCustomDate2Label: null, + deviceDirection: null, + deviceDnsDomain: null, + deviceExternalId: null, + deviceFacility: null, + deviceInboundInterface: null, + deviceNtDomain: null, + deviceOutboundInterface: null, + devicePayloadId: null, + deviceProcessName: null, + deviceTranslatedAddress: null, + destinationHostName: null, + destinationMacAddress: null, + destinationNtDomain: null, + destinationProcessId: null, + destinationUserPrivileges: null, + destinationProcessName: null, + destinationPort: null, + destinationAddress: null, + deviceTimeZone: null, + destinationUserId: null, + destinationUserName: null, + deviceAddress: null, + deviceHostName: null, + deviceMacAddress: null, + deviceProcessId: null, + endTime: null, + externalId: null, + fileCreateTime: null, + fileHash: null, + fileId: null, + fileModificationTime: null, + filePath: null, + filePermission: null, + fileType: null, + flexDate1: null, + flexDate1Label: null, + flexString1: null, + flexString1Label: null, + flexString2: null, + flexString2Label: null, + filename: null, + fileSize: null, + bytesIn: null, + message: null, + oldFileCreateTime: null, + oldFileHash: null, + oldFileId: null, + oldFileModificationTime: null, + oldFileName: null, + oldFilePath: null, + oldFileSize: null, + oldFileType: null, + bytesOut: null, + eventOutcome: null, + transportProtocol: null, + Reason: null, + requestUrl: null, + requestClientApplication: null, + requestContext: null, + requestCookies: null, + requestMethod: null, + deviceReceiptTime: null, + sourceHostName: null, + sourceMacAddress: null, + sourceNtDomain: null, + sourceDnsDomain: null, + sourceServiceName: null, + sourceTranslatedAddress: null, + sourceTranslatedPort: null, + sourceProcessId: null, + sourceUserPrivileges: null, + sourceProcessName: null, + sourcePort: null, + sourceAddress: null, + startTime: null, + sourceUserId: null, + sourceUserName: null, + type: null, + agentDnsDomain: null, + agentNtDomain: null, + agentTranslatedAddress: null, 'agentTranslatedZone ExternalID': null, - 'agentTranslatedZoneURI': null, - 'agentZoneExternalID': null, - 'agentZoneURI': null, - 'agentAddress': null, - 'agentHostName': null, - 'agentId': null, - 'agentMacAddress': null, - 'agentReceiptTime': null, - 'agentType': null, - 'agentTimeZone': null, - 'agentVersion': null, - 'customerExternalID': null, - 'customerURI': null, + agentTranslatedZoneURI: null, + agentZoneExternalID: null, + agentZoneURI: null, + agentAddress: null, + agentHostName: null, + agentId: null, + agentMacAddress: null, + agentReceiptTime: null, + agentType: null, + agentTimeZone: null, + agentVersion: null, + customerExternalID: null, + customerURI: null, 'destinationTranslated ZoneExternalID': null, 'destinationTranslated ZoneURI': null, - 'destinationZoneExternalID': null, - 'destinationZoneURI': null, + destinationZoneExternalID: null, + destinationZoneURI: null, 'deviceTranslatedZone ExternalID': null, - 'deviceTranslatedZoneURI': null, - 'deviceZoneExternalID': null, - 'deviceZoneURI': null, - 'destinationGeoLatitude': null, - 'destinationGeoLongitude': null, - 'eventId': null, - 'rawEvent': null, - 'sourceGeoLatitude': null, - 'sourceGeoLongitude': null, + deviceTranslatedZoneURI: null, + deviceZoneExternalID: null, + deviceZoneURI: null, + destinationGeoLatitude: null, + destinationGeoLongitude: null, + eventId: null, + rawEvent: null, + sourceGeoLatitude: null, + sourceGeoLongitude: null, 'sourceTranslatedZone ExternalID': null, - 'sourceTranslatedZoneURI': null, - 'sourceZoneExternalID': null, - 'sourceZoneURI': null, + sourceTranslatedZoneURI: null, + sourceZoneExternalID: null, + sourceZoneURI: null, }; if (options.server) { if (options.server.constructor__) { @@ -2076,167 +2088,1168 @@ class CEF { * @public * @return {Promise} - True if validated * @throws {Error} - First element to fail validation - */ - validate () { - return new Promise ((resolve, reject) => { + */ + validate() { + return new Promise((resolve, reject) => { const Extensions = { - 'deviceAction': {key: 'act', type:'String', len:63, discription: 'Action taken by the device.'}, - 'applicationProtocol': {key: 'app', type:'String', len:31, discription: 'Application level protocol, example values are HTTP, HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.'}, - 'deviceCustomIPv6Address1': {key: 'c6a1', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6 Address1Label': {key: 'c6a1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomIPv6Address3': {key: 'c6a3', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6Address3 Label': {key: 'c6a3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomIPv6 Address4': {key: 'c6a4', type:'String', len:null, discription: 'One of four IPv6 address fields available to map fields that do not apply to any other in this dictionary. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomIPv6 Address4Label': {key: 'C6a4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceEventCategory': {key: 'cat', type:'String', len:1023, discription: 'Represents the category assigned by the originating device. Devices often use their own categorization schema to classify event. Example: “/Monitor/Disk/Read”'}, - 'deviceCustomFloatingPoint1': {key: 'cfp1', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint1Label': {key: 'cfp1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint2': {key: 'cfp2', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustomFloatingPoint2 Label': {key: 'cfp2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint3': {key: 'cfp3', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint3Label': {key: 'cfp3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomFloatingPoint4': {key: 'cfp4', type:'Number', len:null, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary.'}, - 'deviceCustom FloatingPoint4Label': {key: 'cfp4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomNumber1': {key: 'cn1', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber1Label': {key: 'cn1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'DeviceCustomNumber2': {key: 'cn2', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber2Label': {key: 'cn2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomNumber3': {key: 'cn3', type:'Number', len:null, discription: 'One of three number fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible.'}, - 'deviceCustomNumber3Label': {key: 'cn3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'baseEventCount': {key: 'cnt', type:'Number', len:null, discription: 'A count associated with this event. How many times was this same event observed? Count can be omitted if it is 1.'}, - 'deviceCustomString1': {key: 'cs1', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString1Label': {key: 'cs1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString2': {key: 'cs2', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString2Label': {key: 'cs2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString3': {key: 'cs3', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString3Label': {key: 'cs3Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString4': {key: 'cs4', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString4Label': {key: 'cs4Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString5': {key: 'cs5', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString5Label': {key: 'cs5Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomString6': {key: 'cs6', type:'String', len:4000, discription: 'One of six strings available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomString6Label': {key: 'cs6Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'destinationDnsDomain': {key: 'destination DnsDomain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'destinationServiceName': {key: 'destination ServiceName', type:'String', len:1023, discription: 'The service targeted by this event. Example: “sshd”'}, - 'destinationTranslated Address': {key: 'Destination Translated Address', type:'String', len:null, discription: 'Identifies the translated destination that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'destinationTranslatedPort': {key: 'Destination TranslatedPort', type:'Number', len:null, discription: 'Port after it was translated; for example, a firewall. Valid port numbers are 0 to 65535.'}, - 'deviceCustomDate1': {key: 'deviceCustom Date1', type:'String', len:null, discription: 'One of two timestamp fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomDate1Label': {key: 'deviceCustom Date1Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceCustomDate2': {key: 'deviceCustom Date2', type:'String', len:null, discription: 'One of two timestamp fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. TIP: See the guidelines under “User-Defined Extensions” for tips on using these fields.'}, - 'deviceCustomDate2Label': {key: 'deviceCustom Date2Label', type:'String', len:1023, discription: 'All custom fields have a corresponding label field. Each of these fields is a string and describes the purpose of the custom field.'}, - 'deviceDirection': {key: 'deviceDirection', type:'Number', len:null, discription: 'Any information about what direction the observed communication has taken. The following values are supported: “0” for inbound or “1” for outbound'}, - 'deviceDnsDomain': {key: 'deviceDns Domain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'deviceExternalId': {key: 'device ExternalId', type:'String', len:255, discription: 'A name that uniquely identifies the device generating this event.'}, - 'deviceFacility': {key: 'deviceFacility', type:'String', len:1023, discription: 'The facility generating this event. For example, Syslog has an explicit facility associated with every event.'}, - 'deviceInboundInterface': {key: 'deviceInbound Interface', type:'String', len:128, discription: 'Interface on which the packet or data entered the device.'}, - 'deviceNtDomain': {key: 'deviceNt Domain', type:'String', len:255, discription: 'The Windows domain name of the device address.'}, - 'deviceOutboundInterface': {key: 'Device Outbound Interface', type:'String', len:128, discription: 'Interface on which the packet or data left the device.'}, - 'devicePayloadId': {key: 'Device PayloadId', type:'String', len:128, discription: 'Unique identifier for the payload associated with the event.'}, - 'deviceProcessName': {key: 'deviceProcess Name', type:'String', len:1023, discription: 'Process name associated with the event. An example might be the process generating the syslog entry in UNIX.'}, - 'deviceTranslatedAddress': {key: 'device Translated Address', type:'String', len:null, discription: 'Identifies the translated device address that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'destinationHostName': {key: 'dhost', type:'String', len:1023, discription: 'Identifies the destination that an event refers to in an IP network. The format should be a fully qualified domain name (FQDN) associated with the destination node, when a node is available. Examples: “host.domain.com” or “host”.'}, - 'destinationMacAddress': {key: 'dmac', type:'String', len:null, discription: 'Six colon-seperated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'destinationNtDomain': {key: 'dntdom', type:'String', len:255, discription: 'The Windows domain name of the destination address.'}, - 'destinationProcessId': {key: 'dpid', type:'Number', len:null, discription: 'Provides the ID of the destination process associated with the event. For example, if an event contains process ID 105, “105” is the process ID.'}, - 'destinationUserPrivileges': {key: 'dpriv', type:'String', len:1023, discription: 'The typical values are “Administrator”, “User”, and “Guest”. This identifies the destination user’s privileges. In UNIX, for example, activity executed on the root user would be identified with destinationUser Privileges of “Administrator”.'}, - 'destinationProcessName': {key: 'dproc', type:'String', len:1023, discription: 'The name of the event’s destination process. Example: “telnetd” or “sshd”.'}, - 'destinationPort': {key: 'dpt', type:'Number', len:null, discription: 'The valid port numbers are between 0 and 65535.'}, - 'destinationAddress': {key: 'dst', type:'String', len:null, discription: 'Identifies the destination address that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”'}, - 'deviceTimeZone': {key: 'dtz', type:'String', len:255, discription: 'The timezone for the device generating the event.'}, - 'destinationUserId': {key: 'duid', type:'String', len:1023, discription: 'Identifies the destination user by ID. For example, in UNIX, the root user is generally associated with user ID 0.'}, - 'destinationUserName': {key: 'duser', type:'String', len:1023, discription: 'Identifies the destination user by name. This is the user associated with the event’s destination. Email addresses are often mapped into the UserName fields. The recipient is a candidate to put into this field.'}, - 'deviceAddress': {key: 'dvc', type:'String', len:null, discription: 'Identifies the device address that an event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'deviceHostName': {key: 'dvchost', type:'String', len:100, discription: 'The format should be a fully qualified domain name (FQDN) associated with the device node, when a node is available. Example: “host.domain.com” or “host”.'}, - 'deviceMacAddress': {key: 'dvcmac', type:'String', len:null, discription: 'Six colon-separated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'deviceProcessId': {key: 'dvcpid', type:'Number', len:null, discription: 'Provides the ID of the process on the device generating the event.'}, - 'endTime': {key: 'end', type:'String', len:null, discription: 'The time at which the activity related to the event ended. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st1970). An example would be reporting the end of a session.'}, - 'externalId': {key: 'externalId', type:'String', len:40, discription: 'The ID used by an originating device. They are usually increasing numbers, associated with events.'}, - 'fileCreateTime': {key: 'fileCreateTime', type:'String', len:null, discription: 'Time when the file was created.'}, - 'fileHash': {key: 'fileHash', type:'String', len:255, discription: 'Hash of a file.'}, - 'fileId': {key: 'fileId', type:'String', len:1023, discription: 'An ID associated with a file could be the inode.'}, - 'fileModificationTime': {key: 'fileModification Time', type:'String', len:null, discription: 'Time when the file was last modified.'}, - 'filePath': {key: 'filePath', type:'String', len:1023, discription: 'Full path to the file, including file name itself. Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe or /usr/bin/zip'}, - 'filePermission': {key: 'filePermission', type:'String', len:1023, discription: 'Permissions of the file.'}, - 'fileType': {key: 'fileType', type:'String', len:1023, discription: 'Type of file (pipe, socket, etc.)'}, - 'flexDate1': {key: 'flexDate1', type:'String', len:null, discription: 'A timestamp field available to map a timestamp that does not apply to any other defined timestamp field in this dictionary. Use all flex fields sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexDate1Label': {key: 'flexDate1Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'flexString1': {key: 'flexString1', type:'String', len:1023, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexString1Label': {key: 'flexString1 Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'flexString2': {key: 'flexString2', type:'String', len:1023, discription: 'One of four floating point fields available to map fields that do not apply to any other in this dictionary. Use sparingly and seek a more specific, dictionary supplied field when possible. These fields are typically reserved for customer use and should not be set by vendors unless necessary.'}, - 'flexString2Label': {key: 'flex String2Label', type:'String', len:128, discription: 'The label field is a string and describes the purpose of the flex field.'}, - 'filename': {key: 'fname', type:'String', len:1023, discription: 'Name of the file only (without its path).'}, - 'fileSize': {key: 'fsize', type:'Number', len:null, discription: 'Size of the file.'}, - 'bytesIn': {key: 'in', type:'Number', len:null, discription: 'Number of bytes transferred inbound, relative to the source to destination relationship, meaning that data was flowing from source to destination.'}, - 'message': {key: 'msg', type:'String', len:1023, discription: 'An arbitrary message giving more details about the event. Multi-line entries can be produced by using \n as the new line separator.'}, - 'oldFileCreateTime': {key: 'oldFileCreate Time', type:'String', len:null, discription: 'Time when old file was created.'}, - 'oldFileHash': {key: 'oldFileHash', type:'String', len:255, discription: 'Hash of the old file.'}, - 'oldFileId': {key: 'oldFileId', type:'String', len:1023, discription: 'An ID associated with the old file could be the inode.'}, - 'oldFileModificationTime': {key: 'oldFile Modification Time', type:'String', len:null, discription: 'Time when old file was last modified.'}, - 'oldFileName': {key: 'oldFileName', type:'String', len:1023, discription: 'Name of the old file.'}, - 'oldFilePath': {key: 'oldFilePath', type:'String', len:1023, discription: 'Full path to the old fiWindowsNT\Accessories le, including the file name itself. Examples: c:\Program Files\wordpad.exe or /usr/bin/zip'}, - 'oldFileSize': {key: 'oldFileSize', type:'Number', len:null, discription: 'Size of the old file.'}, - 'oldFileType': {key: 'oldFileType', type:'String', len:1023, discription: 'Type of the old file (pipe, socket, etc.)'}, - 'bytesOut': {key: 'out', type:'Number', len:null, discription: 'Number of bytes transferred outbound relative to the source to destination relationship. For example, the byte number of data flowing from the destination to the source.'}, - 'eventOutcome': {key: 'outcome', type:'String', len:63, discription: 'Displays the outcome, usually as ‘success’ or ‘failure’.'}, - 'transportProtocol': {key: 'proto', type:'String', len:31, discription: 'Identifies the Layer-4 protocol used. The possible values are protocols such as TCP or UDP.'}, - 'Reason': {key: 'reason', type:'String', len:1023, discription: 'The reason an audit event was generated. For example “badd password” or “unknown user”. This could also be an error or return code. Example: “0x1234”'}, - 'requestUrl': {key: 'request', type:'String', len:1023, discription: 'In the case of an HTTP request, this field contains the URL accessed. The URL should contain the protocol as well. Example: “http://www/secure.com”'}, - 'requestClientApplication': {key: 'requestClient Application', type:'String', len:1023, discription: 'The User-Agent associated with the request.'}, - 'requestContext': {key: 'requestContext', type:'String', len:2048, discription: 'Description of the content from which the request originated (for example, HTTP Referrer)'}, - 'requestCookies': {key: 'requestCookies', type:'String', len:1023, discription: 'Cookies associated with the request.'}, - 'requestMethod': {key: 'requestMethod', type:'String', len:1023, discription: 'The method used to access a URL. Possible values: “POST”, “GET”, etc.'}, - 'deviceReceiptTime': {key: 'rt', type:'String', len:null, discription: 'The time at which the event related to the activity was received. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st 1970)'}, - 'sourceHostName': {key: 'shost', type:'String', len:1023, discription: 'Identifies the source that an event refers to in an IP network. The format should be a fully qualified domain name (DQDN) associated with the source node, when a mode is available. Examples: “host” or “host.domain.com”.'}, - 'sourceMacAddress': {key: 'smac', type:'String', len:null, discription: 'Six colon-separated hexadecimal numbers. Example: “00:0D:60:AF:1B:61”'}, - 'sourceNtDomain': {key: 'sntdom', type:'String', len:255, discription: 'The Windows domain name for the source address.'}, - 'sourceDnsDomain': {key: 'sourceDns Domain', type:'String', len:255, discription: 'The DNS domain part of the complete fully qualified domain name (FQDN).'}, - 'sourceServiceName': {key: 'source ServiceName', type:'String', len:1023, discription: 'The service that is responsible for generating this event.'}, - 'sourceTranslatedAddress': {key: 'source Translated Address', type:'String', len:null, discription: 'Identifies the translated source that the event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'sourceTranslatedPort': {key: 'source TranslatedPort', type:'Number', len:null, discription: 'A port number after being translated by, for example, a firewall. Valid port numbers are 0 to 65535.'}, - 'sourceProcessId': {key: 'spid', type:'Number', len:null, discription: 'The ID of the source process associated with the event.'}, - 'sourceUserPrivileges': {key: 'spriv', type:'String', len:1023, discription: 'The typical values are “Administrator”, “User”, and “Guest”. It identifies the source user’s privileges. In UNIX, for example, activity executed by the root user would be identified with “Administrator”.'}, - 'sourceProcessName': {key: 'sproc', type:'String', len:1023, discription: 'The name of the event’s source process.'}, - 'sourcePort': {key: 'spt', type:'Number', len:null, discription: 'The valid port numbers are 0 to 65535.'}, - 'sourceAddress': {key: 'src', type:'String', len:null, discription: 'Identifies the source that an event refers to in an IP network. The format is an IPv4 address. Example: “192.168.10.1”.'}, - 'startTime': {key: 'start', type:'String', len:null, discription: 'The time when the activity the event referred to started. The format is MMM dd yyyy HH:mm:ss or milliseconds since epoch (Jan 1st 1970)'}, - 'sourceUserId': {key: 'suid', type:'String', len:1023, discription: 'Identifies the source user by ID. This is the user associated with the source of the event. For example, in UNIX, the root user is generally associated with user ID 0.'}, - 'sourceUserName': {key: 'suser', type:'String', len:1023, discription: 'Identifies the source user by name. Email addresses are also mapped into the UserName fields. The sender is a candidate to put into this field.'}, - 'type': {key: 'type', type:'Number', len:null, discription: '0 means base event, 1 means aggregated, 2 means correlation, and 3 means action. This field can be omitted for base events (type 0).'}, - 'agentDnsDomain': {key: 'agentDns Domain', type:'String', len:255, discription: 'The DNS domain name of the ArcSight connector that processed the event.'}, - 'agentNtDomain': {key: 'agentNtDomain', type:'String', len:255, discription: ''}, - 'agentTranslatedAddress': {key: 'agentTranslated Address', type:'String', len:null, discription: ''}, - 'agentTranslatedZone ExternalID': {key: 'agentTranslated ZoneExternalID', type:'String', len:200, discription: ''}, - 'agentTranslatedZoneURI': {key: 'agentTranslated Zone URI', type:'String', len:2048, discription: ''}, - 'agentZoneExternalID': {key: 'agentZone ExternalID', type:'String', len:200, discription: ''}, - 'agentZoneURI': {key: 'agentZoneURI', type:'String', len:2048, discription: ''}, - 'agentAddress': {key: 'agt', type:'String', len:null, discription: 'The IP address of the ArcSight connector that processed the event.'}, - 'agentHostName': {key: 'ahost', type:'String', len:1023, discription: 'The hostname of the ArcSight connector that processed the event.'}, - 'agentId': {key: 'aid', type:'String', len:40, discription: 'The agent ID of the ArcSight connector that processed the event.'}, - 'agentMacAddress': {key: 'amac', type:'String', len:null, discription: 'The MAC address of the ArcSight connector that processed the event.'}, - 'agentReceiptTime': {key: 'art', type:'String', len:null, discription: 'The time at which information about the event was received by the ArcSight connector.'}, - 'agentType': {key: 'at', type:'String', len:63, discription: 'The agent type of the ArcSight connector that processed the event'}, - 'agentTimeZone': {key: 'atz', type:'String', len:255, discription: 'The agent time zone of the ArcSight connector that processed the event.'}, - 'agentVersion': {key: 'av', type:'String', len:31, discription: 'The version of the ArcSight connector that processed the event.'}, - 'customerExternalID': {key: 'customer ExternalID', type:'String', len:200, discription: ''}, - 'customerURI': {key: 'customerURI', type:'String', len:2048, discription: ''}, - 'destinationTranslated ZoneExternalID': {key: 'destination TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'destinationTranslated ZoneURI': {key: 'destination Translated ZoneURI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the destination asset has been assigned to in ArcSight.'}, - 'destinationZoneExternalID': {key: 'destinationZone ExternalID', type:'String', len:200, discription: ''}, - 'destinationZoneURI': {key: 'destinationZone URI', type:'String', len:2048, discription: 'The URI for the Zone that the destination asset has been assigned to in ArcSight.'}, - 'deviceTranslatedZone ExternalID': {key: 'device TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'deviceTranslatedZoneURI': {key: 'device TranslatedZone URI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the device asset has been assigned to in ArcSight.'}, - 'deviceZoneExternalID': {key: 'deviceZone ExternalID', type:'String', len:200, discription: ''}, - 'deviceZoneURI': {key: 'deviceZoneURI', type:'String', len:2048, discription: 'Thee URI for the Zone that the device asset has been assigned to in ArcSight.'}, - 'destinationGeoLatitude': {key: 'dlat', type:'Number', len:null, discription: 'The latitudinal value from which the destination’s IP address belongs.'}, - 'destinationGeoLongitude': {key: 'dlong', type:'Number', len:null, discription: 'The longitudinal value from which the destination’s IP address belongs.'}, - 'eventId': {key: 'eventId', type:'Number', len:null, discription: 'This is a unique ID that ArcSight assigns to each event.'}, - 'rawEvent': {key: 'rawEvent', type:'String', len:4000, discription: ''}, - 'sourceGeoLatitude': {key: 'slat', type:'Number', len:null, discription: ''}, - 'sourceGeoLongitude': {key: 'slong', type:'Number', len:null, discription: ''}, - 'sourceTranslatedZone ExternalID': {key: 'source TranslatedZone ExternalID', type:'String', len:200, discription: ''}, - 'sourceTranslatedZoneURI': {key: 'source TranslatedZone URI', type:'String', len:2048, discription: 'The URI for the Translated Zone that the destination asset has been assigned to in ArcSight.'}, - 'sourceZoneExternalID': {key: 'sourceZone ExternalID', type:'String', len:200, discription: ''}, - 'sourceZoneURI': {key: 'sourceZoneURI', type:'String', len:2048, discription: 'The URI for the Zone that the source asset has been assigned to in ArcSight.'}, + deviceAction: { + key: 'act', + type: 'String', + len: 63, + discription: 'Action taken by the device.', + }, + applicationProtocol: { + key: 'app', + type: 'String', + len: 31, + discription: 'Application level protocol, example values are HTTP, ' + + 'HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.', + }, + deviceCustomIPv6Address1: { + key: 'c6a1', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6 Address1Label': { + key: 'c6a1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomIPv6Address3: { + key: 'c6a3', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6Address3 Label': { + key: 'c6a3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + 'deviceCustomIPv6 Address4': { + key: 'c6a4', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6 Address4Label': { + key: 'C6a4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceEventCategory: { + key: 'cat', + type: 'String', + len: 1023, + discription: 'Represents the category assigned by the originating ' + + 'device. Devices often use their own categorization schema to ' + + 'classify event. Example: “/Monitor/Disk/Read”', + }, + deviceCustomFloatingPoint1: { + key: 'cfp1', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint1Label': { + key: 'cfp1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint2: { + key: 'cfp2', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustomFloatingPoint2 Label': { + key: 'cfp2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint3: { + key: 'cfp3', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint3Label': { + key: 'cfp3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint4: { + key: 'cfp4', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint4Label': { + key: 'cfp4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomNumber1: { + key: 'cn1', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber1Label: { + key: 'cn1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + DeviceCustomNumber2: { + key: 'cn2', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber2Label: { + key: 'cn2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomNumber3: { + key: 'cn3', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber3Label: { + key: 'cn3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + baseEventCount: { + key: 'cnt', + type: 'Number', + len: null, + discription: 'A count associated with this event. How many times ' + + 'was this same event observed? Count can be omitted if it is 1.', + }, + deviceCustomString1: { + key: 'cs1', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString1Label: { + key: 'cs1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString2: { + key: 'cs2', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString2Label: { + key: 'cs2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString3: { + key: 'cs3', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString3Label: { + key: 'cs3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString4: { + key: 'cs4', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString4Label: { + key: 'cs4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString5: { + key: 'cs5', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString5Label: { + key: 'cs5Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString6: { + key: 'cs6', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString6Label: { + key: 'cs6Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + destinationDnsDomain: { + key: 'destination DnsDomain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + destinationServiceName: { + key: 'destination ServiceName', + type: 'String', + len: 1023, + discription: 'The service targeted by this event. Example: “sshd”', + }, + 'destinationTranslated Address': { + key: 'Destination Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated destination that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”', + }, + destinationTranslatedPort: { + key: 'Destination TranslatedPort', + type: 'Number', + len: null, + discription: 'Port after it was translated; for example, a ' + + 'firewall. Valid port numbers are 0 to 65535.', + }, + deviceCustomDate1: { + key: 'deviceCustom Date1', + type: 'String', + len: null, + discription: 'One of two timestamp fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomDate1Label: { + key: 'deviceCustom Date1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomDate2: { + key: 'deviceCustom Date2', + type: 'String', + len: null, + discription: 'One of two timestamp fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomDate2Label: { + key: 'deviceCustom Date2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceDirection: { + key: 'deviceDirection', + type: 'Number', + len: null, + discription: 'Any information about what direction the observed ' + + 'communication has taken. The following values are supported: ' + + '“0” for inbound or “1” for outbound', + }, + deviceDnsDomain: { + key: 'deviceDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + deviceExternalId: { + key: 'device ExternalId', + type: 'String', + len: 255, + discription: 'A name that uniquely identifies the device ' + + 'generating this event.', + }, + deviceFacility: { + key: 'deviceFacility', + type: 'String', + len: 1023, + discription: 'The facility generating this event. For example, ' + + 'Syslog has an explicit facility associated with every event.', + }, + deviceInboundInterface: { + key: 'deviceInbound Interface', + type: 'String', + len: 128, + discription: 'Interface on which the packet or data entered the ' + + 'device.', + }, + deviceNtDomain: { + key: 'deviceNt Domain', + type: 'String', + len: 255, + discription: 'The Windows domain name of the device address.', + }, + deviceOutboundInterface: { + key: 'Device Outbound Interface', + type: 'String', + len: 128, + discription: 'Interface on which the packet or data left the ' + + 'device.', + }, + devicePayloadId: { + key: 'Device PayloadId', + type: 'String', + len: 128, + discription: 'Unique identifier for the payload associated with ' + + 'the event.', + }, + deviceProcessName: { + key: 'deviceProcess Name', + type: 'String', + len: 1023, + discription: 'Process name associated with the event. An example ' + + 'might be the process generating the syslog entry in UNIX.', + }, + deviceTranslatedAddress: { + key: 'device Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated device address that the ' + + 'event refers to in an IP network. The format is an IPv4 ' + + 'address. Example: “192.168.10.1”', + }, + destinationHostName: { + key: 'dhost', + type: 'String', + len: 1023, + discription: 'Identifies the destination that an event refers to ' + + 'in an IP network. The format should be a fully qualified ' + + 'domain name (FQDN) associated with the destination node, when ' + + 'a node is available. Examples: “host.domain.com” or “host”.', + }, + destinationMacAddress: { + key: 'dmac', + type: 'String', + len: null, + discription: 'Six colon-seperated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + destinationNtDomain: { + key: 'dntdom', + type: 'String', + len: 255, + discription: 'The Windows domain name of the destination address.', + }, + destinationProcessId: { + key: 'dpid', + type: 'Number', + len: null, + discription: 'Provides the ID of the destination process ' + + 'associated with the event. For example, if an event contains ' + + 'process ID 105, 105” is the process ID.', + }, + destinationUserPrivileges: { + key: 'dpriv', + type: 'String', + len: 1023, + discription: 'The typical values are “Administrator”, “User”, and ' + + '“Guest”. This identifies the destination user’s privileges. ' + + 'In UNIX, for example, activity executed on the root user ' + + 'would be identified with destinationUser Privileges of ' + + '“Administrator”.', + }, + destinationProcessName: { + key: 'dproc', + type: 'String', + len: 1023, + discription: 'The name of the event’s destination process. ' + + 'Example: “telnetd” or “sshd”.', + }, + destinationPort: { + key: 'dpt', + type: 'Number', + len: null, + discription: 'The valid port numbers are between 0 and 65535.', + }, + destinationAddress: { + key: 'dst', + type: 'String', + len: null, + discription: 'Identifies the destination address that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”', + }, + deviceTimeZone: { + key: 'dtz', + type: 'String', + len: 255, + discription: 'The timezone for the device generating the event.', + }, + destinationUserId: { + key: 'duid', + type: 'String', + len: 1023, + discription: 'Identifies the destination user by ID. For example, ' + + 'in UNIX, the root user is generally associated with user ' + + 'ID 0.', + }, + destinationUserName: { + key: 'duser', + type: 'String', + len: 1023, + discription: 'Identifies the destination user by name. This is the ' + + 'user associated with the event’s destination. Email addresses ' + + 'are often mapped into the UserName fields. The recipient is a ' + + 'candidate to put into this field.', + }, + deviceAddress: { + key: 'dvc', + type: 'String', + len: null, + discription: 'Identifies the device address that an event refers ' + + 'to in an IP network. The format is an IPv4 address. Example: ' + + '“192.168.10.1”.', + }, + deviceHostName: { + key: 'dvchost', + type: 'String', + len: 100, + discription: 'The format should be a fully qualified domain name ' + + '(FQDN) associated with the device node, when a node is ' + + 'available. Example: “host.domain.com” or “host”.', + }, + deviceMacAddress: { + key: 'dvcmac', + type: 'String', + len: null, + discription: 'Six colon-separated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + deviceProcessId: { + key: 'dvcpid', + type: 'Number', + len: null, + discription: 'Provides the ID of the process on the device ' + + 'generating the event.', + }, + endTime: { + key: 'end', + type: 'String', + len: null, + discription: 'The time at which the activity related to the event ' + + 'ended. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + + 'since epoch (Jan 1st1970). An example would be reporting the ' + + 'end of a session.', + }, + externalId: { + key: 'externalId', + type: 'String', + len: 40, + discription: 'The ID used by an originating device. They are ' + + 'usually increasing numbers, associated with events.', + }, + fileCreateTime: { + key: 'fileCreateTime', + type: 'String', + len: null, + discription: 'Time when the file was created.', + }, + fileHash: { + key: 'fileHash', + type: 'String', + len: 255, + discription: 'Hash of a file.', + }, + fileId: { + key: 'fileId', + type: 'String', + len: 1023, + discription: 'An ID associated with a file could be the inode.', + }, + fileModificationTime: { + key: 'fileModification Time', + type: 'String', + len: null, + discription: 'Time when the file was last modified.', + }, + filePath: { + key: 'filePath', + type: 'String', + len: 1023, + discription: 'Full path to the file, including file name itself. ' + + 'Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe ' + + 'or /usr/bin/zip', + }, + filePermission: { + key: 'filePermission', + type: 'String', + len: 1023, + discription: 'Permissions of the file.', + }, + fileType: { + key: 'fileType', + type: 'String', + len: 1023, + discription: 'Type of file (pipe, socket, etc.)', + }, + flexDate1: { + key: 'flexDate1', + type: 'String', + len: null, + discription: 'A timestamp field available to map a timestamp that ' + + 'does not apply to any other defined timestamp field in this ' + + 'dictionary. Use all flex fields sparingly and seek a more ' + + 'specific, dictionary supplied field when possible. These ' + + 'fields are typically reserved for customer use and should not ' + + 'be set by vendors unless necessary.', + }, + flexDate1Label: { + key: 'flexDate1Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + flexString1: { + key: 'flexString1', + type: 'String', + len: 1023, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. These fields are typically reserved for ' + + 'customer use and should not be set by vendors unless ' + + 'necessary.', + }, + flexString1Label: { + key: 'flexString1 Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + flexString2: { + key: 'flexString2', + type: 'String', + len: 1023, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. These fields are typically reserved for ' + + 'customer use and should not be set by vendors unless ' + + 'necessary.', + }, + flexString2Label: { + key: 'flex String2Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + filename: { + key: 'fname', + type: 'String', + len: 1023, + discription: 'Name of the file only (without its path).', + }, + fileSize: { + key: 'fsize', + type: 'Number', + len: null, + discription: 'Size of the file.', + }, + bytesIn: { + key: 'in', + type: 'Number', + len: null, + discription: 'Number of bytes transferred inbound, relative to the ' + + 'source to destination relationship, meaning that data was ' + + 'flowing from source to destination.', + }, + message: { + key: 'msg', + type: 'String', + len: 1023, + discription: 'An arbitrary message giving more details about the ' + + 'event. Multi-line entries can be produced by using \n as the ' + + 'new line separator.', + }, + oldFileCreateTime: { + key: 'oldFileCreate Time', + type: 'String', + len: null, + discription: 'Time when old file was created.', + }, + oldFileHash: { + key: 'oldFileHash', + type: 'String', + len: 255, + discription: 'Hash of the old file.', + }, + oldFileId: { + key: 'oldFileId', + type: 'String', + len: 1023, + discription: 'An ID associated with the old file could be the ' + + 'inode.', + }, + oldFileModificationTime: { + key: 'oldFile Modification Time', + type: 'String', + len: null, + discription: 'Time when old file was last modified.', + }, + oldFileName: { + key: 'oldFileName', + type: 'String', + len: 1023, + discription: 'Name of the old file.', + }, + oldFilePath: { + key: 'oldFilePath', + type: 'String', + len: 1023, + discription: 'Full path to the old fiWindowsNT\\Accessories le, ' + + 'including the file name itself. Examples: c:\\Program ' + + 'Files\\wordpad.exe or /usr/bin/zip', + }, + oldFileSize: { + key: 'oldFileSize', + type: 'Number', + len: null, + discription: 'Size of the old file.', + }, + oldFileType: { + key: 'oldFileType', + type: 'String', + len: 1023, + discription: 'Type of the old file (pipe, socket, etc.)', + }, + bytesOut: { + key: 'out', + type: 'Number', + len: null, + discription: 'Number of bytes transferred outbound relative to the ' + + 'source to destination relationship. For example, the byte ' + + 'number of data flowing from the destination to the source.', + }, + eventOutcome: { + key: 'outcome', + type: 'String', + len: 63, + discription: 'Displays the outcome, usually as ‘success’ or ' + + '‘failure’.', + }, + transportProtocol: { + key: 'proto', + type: 'String', + len: 31, + discription: 'Identifies the Layer-4 protocol used. The possible ' + + 'values are protocols such as TCP or UDP.', + }, + Reason: { + key: 'reason', + type: 'String', + len: 1023, + discription: 'The reason an audit event was generated. For ' + + 'example “badd password” or “unknown user”. This could also be ' + + 'an error or return code. Example: “0x1234”', + }, + requestUrl: { + key: 'request', + type: 'String', + len: 1023, + discription: 'In the case of an HTTP request, this field contains ' + + 'the URL accessed. The URL should contain the protocol as ' + + 'well. Example: “http://www/secure.com”', + }, + requestClientApplication: { + key: 'requestClient Application', + type: 'String', + len: 1023, + discription: 'The User-Agent associated with the request.', + }, + requestContext: { + key: 'requestContext', + type: 'String', + len: 2048, + discription: 'Description of the content from which the request ' + + 'originated (for example, HTTP Referrer)', + }, + requestCookies: { + key: 'requestCookies', + type: 'String', + len: 1023, + discription: 'Cookies associated with the request.', + }, + requestMethod: { + key: 'requestMethod', + type: 'String', + len: 1023, + discription: 'The method used to access a URL. Possible values: ' + + '“POST”, “GET”, etc.', + }, + deviceReceiptTime: { + key: 'rt', + type: 'String', + len: null, + discription: 'The time at which the event related to the activity ' + + 'was received. The format is MMM dd yyyy HH:mm:ss or ' + + 'milliseconds since epoch (Jan 1st 1970)', + }, + sourceHostName: { + key: 'shost', + type: 'String', + len: 1023, + discription: 'Identifies the source that an event refers to in an ' + + 'IP network. The format should be a fully qualified domain ' + + 'name (DQDN) associated with the source node, when a mode is ' + + 'available. Examples: “host” or “host.domain.com”.', + }, + sourceMacAddress: { + key: 'smac', + type: 'String', + len: null, + discription: 'Six colon-separated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + sourceNtDomain: { + key: 'sntdom', + type: 'String', + len: 255, + discription: 'The Windows domain name for the source address.', + }, + sourceDnsDomain: { + key: 'sourceDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + sourceServiceName: { + key: 'source ServiceName', + type: 'String', + len: 1023, + discription: 'The service that is responsible for generating this ' + + 'event.', + }, + sourceTranslatedAddress: { + key: 'source Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated source that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”.', + }, + sourceTranslatedPort: { + key: 'source TranslatedPort', + type: 'Number', + len: null, + discription: 'A port number after being translated by, for ' + + 'example, a firewall. Valid port numbers are 0 to 65535.', + }, + sourceProcessId: { + key: 'spid', + type: 'Number', + len: null, + discription: 'The ID of the source process associated with the ' + + 'event.', + }, + sourceUserPrivileges: { + key: 'spriv', + type: 'String', + len: 1023, + discription: 'The typical values are “Administrator”, “User”, and ' + + '“Guest”. It identifies the source user’s privileges. In UNIX, ' + + 'for example, activity executed by the root user would be ' + + 'identified with “Administrator”.', + }, + sourceProcessName: { + key: 'sproc', + type: 'String', + len: 1023, + discription: 'The name of the event’s source process.', + }, + sourcePort: { + key: 'spt', + type: 'Number', + len: null, + discription: 'The valid port numbers are 0 to 65535.', + }, + sourceAddress: { + key: 'src', + type: 'String', + len: null, + discription: 'Identifies the source that an event refers to in an ' + + 'IP network. The format is an IPv4 address. Example: ' + + '“192.168.10.1”.', + }, + startTime: { + key: 'start', + type: 'String', + len: null, + discription: 'The time when the activity the event referred to ' + + 'started. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + + 'since epoch (Jan 1st 1970)', + }, + sourceUserId: { + key: 'suid', + type: 'String', + len: 1023, + discription: 'Identifies the source user by ID. This is the user ' + + 'associated with the source of the event. For example, in ' + + 'UNIX, the root user is generally associated with user ID 0.', + }, + sourceUserName: { + key: 'suser', + type: 'String', + len: 1023, + discription: 'Identifies the source user by name. Email addresses ' + + 'are also mapped into the UserName fields. The sender is a ' + + 'candidate to put into this field.', + }, + type: { + key: 'type', + type: 'Number', + len: null, + discription: '0 means base event, 1 means aggregated, 2 means ' + + 'correlation, and 3 means action. This field can be omitted ' + + 'for base events (type 0).', + }, + agentDnsDomain: { + key: 'agentDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain name of the ArcSight connector that ' + + 'processed the event.', + }, + agentNtDomain: { + key: 'agentNtDomain', + type: 'String', + len: 255, + discription: '', + }, + agentTranslatedAddress: { + key: 'agentTranslated Address', + type: 'String', + len: null, + discription: '', + }, + 'agentTranslatedZone ExternalID': { + key: 'agentTranslated ZoneExternalID', + type: 'String', + len: 200, + discription: '', + }, + agentTranslatedZoneURI: { + key: 'agentTranslated Zone URI', + type: 'String', + len: 2048, + discription: '', + }, + agentZoneExternalID: { + key: 'agentZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + agentZoneURI: { + key: 'agentZoneURI', + type: 'String', + len: 2048, + discription: '', + }, + agentAddress: { + key: 'agt', + type: 'String', + len: null, + discription: 'The IP address of the ArcSight connector that ' + + 'processed the event.', + }, + agentHostName: { + key: 'ahost', + type: 'String', + len: 1023, + discription: 'The hostname of the ArcSight connector that ' + + 'processed the event.', + }, + agentId: { + key: 'aid', + type: 'String', + len: 40, + discription: 'The agent ID of the ArcSight connector that ' + + 'processed the event.', + }, + agentMacAddress: { + key: 'amac', + type: 'String', + len: null, + discription: 'The MAC address of the ArcSight connector that ' + + 'processed the event.', + }, + agentReceiptTime: { + key: 'art', + type: 'String', + len: null, + discription: 'The time at which information about the event was ' + + 'received by the ArcSight connector.', + }, + agentType: { + key: 'at', + type: 'String', + len: 63, + discription: 'The agent type of the ArcSight connector that ' + + 'processed the event', + }, + agentTimeZone: { + key: 'atz', + type: 'String', + len: 255, + discription: 'The agent time zone of the ArcSight connector that ' + + 'processed the event.', + }, + agentVersion: { + key: 'av', + type: 'String', + len: 31, + discription: 'The version of the ArcSight connector that processed ' + + 'the event.', + }, + customerExternalID: { + key: 'customer ExternalID', + type: 'String', + len: 200, + discription: '', + }, + customerURI: { + key: 'customerURI', + type: 'String', + len: 2048, + discription: '', + }, + 'destinationTranslated ZoneExternalID': { + key: 'destination TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + 'destinationTranslated ZoneURI': { + key: 'destination Translated ZoneURI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the destination ' + + 'asset has been assigned to in ArcSight.', + }, + destinationZoneExternalID: { + key: 'destinationZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + destinationZoneURI: { + key: 'destinationZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Zone that the destination asset has ' + + 'been assigned to in ArcSight.', + }, + 'deviceTranslatedZone ExternalID': { + key: 'device TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + deviceTranslatedZoneURI: { + key: 'device TranslatedZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the device ' + + 'asset has been assigned to in ArcSight.', + }, + deviceZoneExternalID: { + key: 'deviceZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + deviceZoneURI: { + key: 'deviceZoneURI', + type: 'String', + len: 2048, + discription: 'Thee URI for the Zone that the device asset has been ' + + 'assigned to in ArcSight.', + }, + destinationGeoLatitude: { + key: 'dlat', + type: 'Number', + len: null, + discription: 'The latitudinal value from which the ' + + 'destination’s IP address belongs.', + }, + destinationGeoLongitude: { + key: 'dlong', + type: 'Number', + len: null, + discription: 'The longitudinal value from which the destination’s ' + + 'IP address belongs.', + }, + eventId: { + key: 'eventId', + type: 'Number', + len: null, + discription: 'This is a unique ID that ArcSight assigns to each ' + + 'event.', + }, + rawEvent: { + key: 'rawEvent', + type: 'String', + len: 4000, + discription: '', + }, + sourceGeoLatitude: { + key: 'slat', + type: 'Number', + len: null, + discription: '', + }, + sourceGeoLongitude: { + key: 'slong', + type: 'Number', + len: null, + discription: '', + }, + 'sourceTranslatedZone ExternalID': { + key: 'source TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + sourceTranslatedZoneURI: { + key: 'source TranslatedZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the destination ' + + 'asset has been assigned to in ArcSight.', + }, + sourceZoneExternalID: { + key: 'sourceZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + sourceZoneURI: { + key: 'sourceZoneURI', + type: 'String', + len: 2048, + discription: 'The URI for the Zone that the source asset has been ' + + 'assigned to in ArcSight.' }, }; if (typeof this.deviceVendor !== 'string' || typeof this.deviceProduct !== 'string' @@ -2271,10 +3284,10 @@ class CEF { const cefExtsLen = cefExts.length; for (let ext = 0; ext < cefExtsLen; ext++) { if (cefExts[ext][1] !== null) { - if(Extensions[cefExts[ext][0]]) { + if (Extensions[cefExts[ext][0]]) { if (typeof cefExts[ext][1] === Extensions[cefExts[ext][0]] - .type - .toLowerCase()) { + .type + .toLowerCase()) { if (Extensions[cefExts[ext][0]].len > 0 && typeof cefExts[ext][1] === 'string' && cefExts[ext][1].length > Extensions[cefExts[ext][0]].len){ @@ -2304,9 +3317,10 @@ class CEF { * Build a CEF formated string * @public * @return {Promise} - String with formated message - */ - buildMessage () { - return new Promise((resolve, reject) => { + */ + buildMessage() { + return new Promise((resolve, + reject) => { let fmtMsg = 'CEF:0'; fmtMsg += '|' + this.deviceVendor; fmtMsg += '|' + this.deviceProduct; @@ -2315,7 +3329,7 @@ class CEF { fmtMsg += '|' + this.name; fmtMsg += '|' + this.severity; fmtMsg += '|'; - + const cefExts = Object.entries(this.extensions); const cefExtsLen = cefExts.length; for (let ext = 0; ext < cefExtsLen; ext++) { @@ -2329,11 +3343,12 @@ class CEF { /** * @public * @param {Syslog} [options=false] - A {@link module:SyslogPro~Syslog| - * Syslog server connection} that should be used to send messages directly + * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - send (options) { - return new Promise((resolve, reject) => { + send(options) { + return new Promise((resolve, + reject) => { this.buildMessage() .then((result) => { if (!this.server) { @@ -2354,9 +3369,9 @@ class CEF { module.exports = { RgbToAnsi: rgbToAnsi, RFC3164: RFC3164, - RFC5424:RFC5424, + RFC5424: RFC5424, LEEF: LEEF, CEF: CEF, - Syslog: Syslog + Syslog: Syslog, }; diff --git a/package-lock.json b/package-lock.json index 95206b8..02f2be2 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,6 +1,6 @@ { "name": "syslog-pro", - "version": "0.1.2", + "version": "0.1.1", "lockfileVersion": 1, "requires": true, "dependencies": { @@ -62,6 +62,15 @@ } } }, + "acorn-jsx": { + "version": "4.1.1", + "resolved": "https://registry.npmjs.org/acorn-jsx/-/acorn-jsx-4.1.1.tgz", + "integrity": "sha512-JY+iV6r+cO21KtntVvFkD+iqjtdpRUpGqKWgfkCdZq1R+kbreEl8EcdcJR4SmiIgsIQT33s6QzheQ9a275Q8xw==", + "dev": true, + "requires": { + "acorn": "^5.0.3" + } + }, "acorn-walk": { "version": "6.0.1", "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-6.0.1.tgz", @@ -69,17 +78,23 @@ "dev": true }, "ajv": { - "version": "5.5.2", - "resolved": "https://registry.npmjs.org/ajv/-/ajv-5.5.2.tgz", - "integrity": "sha1-c7Xuyj+rZT49P5Qis0GtQiBdyWU=", + "version": "6.5.4", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.5.4.tgz", + "integrity": "sha512-4Wyjt8+t6YszqaXnLDfMmG/8AlO5Zbcsy3ATHncCzjW/NoPzAId8AK6749Ybjmdt+kUY1gP60fCu46oDxPv/mg==", "dev": true, "requires": { - "co": "^4.6.0", - "fast-deep-equal": "^1.0.0", + "fast-deep-equal": "^2.0.1", "fast-json-stable-stringify": "^2.0.0", - "json-schema-traverse": "^0.3.0" + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" } }, + "ajv-keywords": { + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/ajv-keywords/-/ajv-keywords-3.2.0.tgz", + "integrity": "sha1-6GuBnGAs+IIa1jdBNpjx3sAhhHo=", + "dev": true + }, "ansi-escape-sequences": { "version": "4.0.0", "resolved": "https://registry.npmjs.org/ansi-escape-sequences/-/ansi-escape-sequences-4.0.0.tgz", @@ -460,6 +475,21 @@ "integrity": "sha1-jCpe8kcv2ep0KwTHenUJO6J1fJM=", "dev": true }, + "array-union": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/array-union/-/array-union-1.0.2.tgz", + "integrity": "sha1-mjRBDk9OPaI96jdb5b5w8kd47Dk=", + "dev": true, + "requires": { + "array-uniq": "^1.0.1" + } + }, + "array-uniq": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/array-uniq/-/array-uniq-1.0.3.tgz", + "integrity": "sha1-r2rId6Jcx/dOBYiUdThY39sk/bY=", + "dev": true + }, "array-unique": { "version": "0.2.1", "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.2.1.tgz", @@ -946,6 +976,23 @@ "mkdirp2": "^1.0.3" } }, + "caller-path": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/caller-path/-/caller-path-0.1.0.tgz", + "integrity": "sha1-lAhe9jWB7NPaqSREqP6U6CV3dR8=", + "dev": true, + "requires": { + "callsites": "^0.2.0" + }, + "dependencies": { + "callsites": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/callsites/-/callsites-0.2.0.tgz", + "integrity": "sha1-r6uWJikQp/M8GaV3WCXGnzTjUMo=", + "dev": true + } + } + }, "callsites": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/callsites/-/callsites-2.0.0.tgz", @@ -993,12 +1040,24 @@ "supports-color": "^5.3.0" } }, + "chardet": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/chardet/-/chardet-0.7.0.tgz", + "integrity": "sha512-mT8iDcrh03qDGRRmoA2hmBJnxpllMR+0/0qlzjqZES6NdiWDcZkCNAk4rPFZ9Q85r27unkiNNg8ZOiwZXBHwcA==", + "dev": true + }, "ci-info": { "version": "1.6.0", "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-1.6.0.tgz", "integrity": "sha512-vsGdkwSCDpWmP80ncATX7iea5DWQemg1UgCW5J8tqjU3lYw4FBYuj89J0CTVomA7BEfvSZd84GmHko+MxFQU2A==", "dev": true }, + "circular-json": { + "version": "0.3.3", + "resolved": "https://registry.npmjs.org/circular-json/-/circular-json-0.3.3.tgz", + "integrity": "sha512-UZK3NBx2Mca+b5LsG7bY183pHWt5Y1xts4P3Pz7ENTwGVnJOUWbRb3ocjvX7hx9tq/yTAdclXm9sZ38gNuem4A==", + "dev": true + }, "class-utils": { "version": "0.3.6", "resolved": "https://registry.npmjs.org/class-utils/-/class-utils-0.3.6.tgz", @@ -1028,6 +1087,21 @@ } } }, + "cli-cursor": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-2.1.0.tgz", + "integrity": "sha1-s12sN2R5+sw+lHR9QdDQ9SOP/LU=", + "dev": true, + "requires": { + "restore-cursor": "^2.0.0" + } + }, + "cli-width": { + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/cli-width/-/cli-width-2.2.0.tgz", + "integrity": "sha1-/xnt6Kml5XkyQUewwR8PvLq+1jk=", + "dev": true + }, "cliui": { "version": "4.1.0", "resolved": "https://registry.npmjs.org/cliui/-/cliui-4.1.0.tgz", @@ -1386,6 +1460,21 @@ } } }, + "del": { + "version": "2.2.2", + "resolved": "https://registry.npmjs.org/del/-/del-2.2.2.tgz", + "integrity": "sha1-wSyYHQZ4RshLyvhiz/kw2Qf/0ag=", + "dev": true, + "requires": { + "globby": "^5.0.0", + "is-path-cwd": "^1.0.0", + "is-path-in-cwd": "^1.0.0", + "object-assign": "^4.0.1", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0", + "rimraf": "^2.2.8" + } + }, "delayed-stream": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", @@ -1460,6 +1549,15 @@ "integrity": "sha512-HhK72PT4z55og8FDqskO/tTYXxU+LovRz+9pCDHLnUoPchkxjdIJidS+96LqW3CLrRdBmnkDRrcVrDFGLIluTw==", "dev": true }, + "doctrine": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/doctrine/-/doctrine-2.1.0.tgz", + "integrity": "sha512-35mSku4ZXK0vfCuHEDAwt55dg2jNajHZ1odvF+8SSr82EsZY4QmXfuWso8oEd8zRhVObSN18aM0CjSdoBX7zIw==", + "dev": true, + "requires": { + "esutils": "^2.0.2" + } + }, "domexception": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/domexception/-/domexception-1.0.1.tgz", @@ -1547,12 +1645,174 @@ } } }, + "eslint": { + "version": "5.6.1", + "resolved": "https://registry.npmjs.org/eslint/-/eslint-5.6.1.tgz", + "integrity": "sha512-hgrDtGWz368b7Wqf+v1Z69O3ZebNR0+GA7PtDdbmuz4rInFVUV9uw7whjZEiWyLzCjVb5Rs5WRN1TAS6eo7AYA==", + "dev": true, + "requires": { + "@babel/code-frame": "^7.0.0", + "ajv": "^6.5.3", + "chalk": "^2.1.0", + "cross-spawn": "^6.0.5", + "debug": "^4.0.1", + "doctrine": "^2.1.0", + "eslint-scope": "^4.0.0", + "eslint-utils": "^1.3.1", + "eslint-visitor-keys": "^1.0.0", + "espree": "^4.0.0", + "esquery": "^1.0.1", + "esutils": "^2.0.2", + "file-entry-cache": "^2.0.0", + "functional-red-black-tree": "^1.0.1", + "glob": "^7.1.2", + "globals": "^11.7.0", + "ignore": "^4.0.6", + "imurmurhash": "^0.1.4", + "inquirer": "^6.1.0", + "is-resolvable": "^1.1.0", + "js-yaml": "^3.12.0", + "json-stable-stringify-without-jsonify": "^1.0.1", + "levn": "^0.3.0", + "lodash": "^4.17.5", + "minimatch": "^3.0.4", + "mkdirp": "^0.5.1", + "natural-compare": "^1.4.0", + "optionator": "^0.8.2", + "path-is-inside": "^1.0.2", + "pluralize": "^7.0.0", + "progress": "^2.0.0", + "regexpp": "^2.0.0", + "require-uncached": "^1.0.3", + "semver": "^5.5.1", + "strip-ansi": "^4.0.0", + "strip-json-comments": "^2.0.1", + "table": "^4.0.3", + "text-table": "^0.2.0" + }, + "dependencies": { + "ajv": { + "version": "6.5.4", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.5.4.tgz", + "integrity": "sha512-4Wyjt8+t6YszqaXnLDfMmG/8AlO5Zbcsy3ATHncCzjW/NoPzAId8AK6749Ybjmdt+kUY1gP60fCu46oDxPv/mg==", + "dev": true, + "requires": { + "fast-deep-equal": "^2.0.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, + "cross-spawn": { + "version": "6.0.5", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", + "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==", + "dev": true, + "requires": { + "nice-try": "^1.0.4", + "path-key": "^2.0.1", + "semver": "^5.5.0", + "shebang-command": "^1.2.0", + "which": "^1.2.9" + } + }, + "debug": { + "version": "4.1.0", + "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.0.tgz", + "integrity": "sha512-heNPJUJIqC+xB6ayLAMHaIrmN9HKa7aQO8MGqKpvCA+uJYVcvR6l5kgdrhRuwPFHU7P5/A1w0BjByPHwpfTDKg==", + "dev": true, + "requires": { + "ms": "^2.1.1" + } + }, + "fast-deep-equal": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz", + "integrity": "sha1-ewUhjd+WZ79/Nwv3/bLLFf3Qqkk=", + "dev": true + }, + "globals": { + "version": "11.8.0", + "resolved": "https://registry.npmjs.org/globals/-/globals-11.8.0.tgz", + "integrity": "sha512-io6LkyPVuzCHBSQV9fmOwxZkUk6nIaGmxheLDgmuFv89j0fm2aqDbIXKAGfzCMHqz3HLF2Zf8WSG6VqMh2qFmA==", + "dev": true + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, + "ms": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz", + "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==", + "dev": true + } + } + }, + "eslint-config-strongloop": { + "version": "2.1.0", + "resolved": "http://registry.npmjs.org/eslint-config-strongloop/-/eslint-config-strongloop-2.1.0.tgz", + "integrity": "sha1-dj3Rmt/OiNewBR5uJV8a43eDtMY=", + "dev": true + }, + "eslint-scope": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/eslint-scope/-/eslint-scope-4.0.0.tgz", + "integrity": "sha512-1G6UTDi7Jc1ELFwnR58HV4fK9OQK4S6N985f166xqXxpjU6plxFISJa2Ba9KCQuFa8RCnj/lSFJbHo7UFDBnUA==", + "dev": true, + "requires": { + "esrecurse": "^4.1.0", + "estraverse": "^4.1.1" + } + }, + "eslint-utils": { + "version": "1.3.1", + "resolved": "https://registry.npmjs.org/eslint-utils/-/eslint-utils-1.3.1.tgz", + "integrity": "sha512-Z7YjnIldX+2XMcjr7ZkgEsOj/bREONV60qYeB/bjMAqqqZ4zxKyWX+BOUkdmRmA9riiIPVvo5x86m5elviOk0Q==", + "dev": true + }, + "eslint-visitor-keys": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/eslint-visitor-keys/-/eslint-visitor-keys-1.0.0.tgz", + "integrity": "sha512-qzm/XxIbxm/FHyH341ZrbnMUpe+5Bocte9xkmFMzPMjRaZMcXww+MpBptFvtU+79L362nqiLhekCxCxDPaUMBQ==", + "dev": true + }, + "espree": { + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/espree/-/espree-4.0.0.tgz", + "integrity": "sha512-kapdTCt1bjmspxStVKX6huolXVV5ZfyZguY1lcfhVVZstce3bqxH9mcLzNn3/mlgW6wQ732+0fuG9v7h0ZQoKg==", + "dev": true, + "requires": { + "acorn": "^5.6.0", + "acorn-jsx": "^4.1.1" + } + }, "esprima": { "version": "4.0.1", "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz", "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A==", "dev": true }, + "esquery": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/esquery/-/esquery-1.0.1.tgz", + "integrity": "sha512-SmiyZ5zIWH9VM+SRUReLS5Q8a7GxtRdxEBVZpm98rJM7Sb+A9DVCndXfkeFUd3byderg+EbDkfnevfCwynWaNA==", + "dev": true, + "requires": { + "estraverse": "^4.0.0" + } + }, + "esrecurse": { + "version": "4.2.1", + "resolved": "https://registry.npmjs.org/esrecurse/-/esrecurse-4.2.1.tgz", + "integrity": "sha512-64RBB++fIOAXPw3P9cy89qfMlvZEXZkqqJkjqqXIvzP5ezRZjW+lPWjw35UX/3EhUPFYbg5ER4JYgDw4007/DQ==", + "dev": true, + "requires": { + "estraverse": "^4.1.0" + } + }, "estraverse": { "version": "4.2.0", "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-4.2.0.tgz", @@ -1654,6 +1914,28 @@ } } }, + "external-editor": { + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/external-editor/-/external-editor-3.0.3.tgz", + "integrity": "sha512-bn71H9+qWoOQKyZDo25mOMVpSmXROAsTJVVVYzrrtol3d4y+AsKjf4Iwl2Q+IuT0kFSQ1qo166UuIwqYq7mGnA==", + "dev": true, + "requires": { + "chardet": "^0.7.0", + "iconv-lite": "^0.4.24", + "tmp": "^0.0.33" + }, + "dependencies": { + "iconv-lite": { + "version": "0.4.24", + "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", + "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==", + "dev": true, + "requires": { + "safer-buffer": ">= 2.1.2 < 3" + } + } + } + }, "extglob": { "version": "0.3.2", "resolved": "https://registry.npmjs.org/extglob/-/extglob-0.3.2.tgz", @@ -1670,9 +1952,9 @@ "dev": true }, "fast-deep-equal": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-1.1.0.tgz", - "integrity": "sha1-wFNHeBfIa1HaqFPIHgWbcz0CNhQ=", + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz", + "integrity": "sha1-ewUhjd+WZ79/Nwv3/bLLFf3Qqkk=", "dev": true }, "fast-json-stable-stringify": { @@ -1696,6 +1978,25 @@ "bser": "^2.0.0" } }, + "figures": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/figures/-/figures-2.0.0.tgz", + "integrity": "sha1-OrGi0qYsi/tDGgyUy3l6L84nyWI=", + "dev": true, + "requires": { + "escape-string-regexp": "^1.0.5" + } + }, + "file-entry-cache": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/file-entry-cache/-/file-entry-cache-2.0.0.tgz", + "integrity": "sha1-w5KZDD5oR4PYOLjISkXYoEhFg2E=", + "dev": true, + "requires": { + "flat-cache": "^1.2.1", + "object-assign": "^4.0.1" + } + }, "file-set": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/file-set/-/file-set-2.0.1.tgz", @@ -1754,6 +2055,18 @@ "locate-path": "^2.0.0" } }, + "flat-cache": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-1.3.0.tgz", + "integrity": "sha1-0wMLMrOBVPTjt+nHCfSQ9++XxIE=", + "dev": true, + "requires": { + "circular-json": "^0.3.1", + "del": "^2.0.2", + "graceful-fs": "^4.1.2", + "write": "^0.2.1" + } + }, "for-in": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz", @@ -1890,8 +2203,7 @@ "code-point-at": { "version": "1.1.0", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "concat-map": { "version": "0.0.1", @@ -1901,8 +2213,7 @@ "console-control-strings": { "version": "1.1.0", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "core-util-is": { "version": "1.0.2", @@ -2019,8 +2330,7 @@ "inherits": { "version": "2.0.3", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "ini": { "version": "1.3.5", @@ -2032,7 +2342,6 @@ "version": "1.0.0", "bundled": true, "dev": true, - "optional": true, "requires": { "number-is-nan": "^1.0.0" } @@ -2158,8 +2467,7 @@ "number-is-nan": { "version": "1.0.1", "bundled": true, - "dev": true, - "optional": true + "dev": true }, "object-assign": { "version": "4.1.1", @@ -2171,7 +2479,6 @@ "version": "1.4.0", "bundled": true, "dev": true, - "optional": true, "requires": { "wrappy": "1" } @@ -2293,7 +2600,6 @@ "version": "1.0.2", "bundled": true, "dev": true, - "optional": true, "requires": { "code-point-at": "^1.0.0", "is-fullwidth-code-point": "^1.0.0", @@ -2371,6 +2677,12 @@ "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A==", "dev": true }, + "functional-red-black-tree": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/functional-red-black-tree/-/functional-red-black-tree-1.0.1.tgz", + "integrity": "sha1-GwqzvVU7Kg1jmdKcDj6gslIHgyc=", + "dev": true + }, "get-caller-file": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-1.0.3.tgz", @@ -2437,6 +2749,20 @@ "integrity": "sha512-S0nG3CLEQiY/ILxqtztTWH/3iRRdyBLw6KMDxnKMchrtbj2OFmehVh0WUCfW3DUrIgx/qFrJPICrq4Z4sTR9UQ==", "dev": true }, + "globby": { + "version": "5.0.0", + "resolved": "https://registry.npmjs.org/globby/-/globby-5.0.0.tgz", + "integrity": "sha1-69hGZ8oNuzMLmbz8aOrCvFQ3Dg0=", + "dev": true, + "requires": { + "array-union": "^1.0.1", + "arrify": "^1.0.0", + "glob": "^7.0.3", + "object-assign": "^4.0.1", + "pify": "^2.0.0", + "pinkie-promise": "^2.0.0" + } + }, "graceful-fs": { "version": "4.1.11", "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.1.11.tgz", @@ -2489,6 +2815,32 @@ "requires": { "ajv": "^5.3.0", "har-schema": "^2.0.0" + }, + "dependencies": { + "ajv": { + "version": "5.5.2", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-5.5.2.tgz", + "integrity": "sha1-c7Xuyj+rZT49P5Qis0GtQiBdyWU=", + "dev": true, + "requires": { + "co": "^4.6.0", + "fast-deep-equal": "^1.0.0", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.3.0" + } + }, + "fast-deep-equal": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-1.1.0.tgz", + "integrity": "sha1-wFNHeBfIa1HaqFPIHgWbcz0CNhQ=", + "dev": true + }, + "json-schema-traverse": { + "version": "0.3.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz", + "integrity": "sha1-NJptRMU6Ud6JtAgFxdXlm0F9M0A=", + "dev": true + } } }, "has": { @@ -2632,6 +2984,12 @@ "safer-buffer": ">= 2.1.2 < 3" } }, + "ignore": { + "version": "4.0.6", + "resolved": "https://registry.npmjs.org/ignore/-/ignore-4.0.6.tgz", + "integrity": "sha512-cyFDKrqc/YdcWFniJhzI42+AzS+gNwmUzOSFcRCQYwySuBBBy/KjuxWLZ/FHEH6Moq1NizMOBWyTcv8O4OZIMg==", + "dev": true + }, "import-local": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/import-local/-/import-local-1.0.0.tgz", @@ -2664,6 +3022,27 @@ "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4=", "dev": true }, + "inquirer": { + "version": "6.2.0", + "resolved": "https://registry.npmjs.org/inquirer/-/inquirer-6.2.0.tgz", + "integrity": "sha512-QIEQG4YyQ2UYZGDC4srMZ7BjHOmNk1lR2JQj5UknBapklm6WHA+VVH7N+sUdX3A7NeCfGF8o4X1S3Ao7nAcIeg==", + "dev": true, + "requires": { + "ansi-escapes": "^3.0.0", + "chalk": "^2.0.0", + "cli-cursor": "^2.1.0", + "cli-width": "^2.0.0", + "external-editor": "^3.0.0", + "figures": "^2.0.0", + "lodash": "^4.17.10", + "mute-stream": "0.0.7", + "run-async": "^2.2.0", + "rxjs": "^6.1.0", + "string-width": "^2.1.0", + "strip-ansi": "^4.0.0", + "through": "^2.3.6" + } + }, "invariant": { "version": "2.2.4", "resolved": "https://registry.npmjs.org/invariant/-/invariant-2.2.4.tgz", @@ -2824,6 +3203,30 @@ "kind-of": "^3.0.2" } }, + "is-path-cwd": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-path-cwd/-/is-path-cwd-1.0.0.tgz", + "integrity": "sha1-0iXsIxMuie3Tj9p2dHLmLmXxEG0=", + "dev": true + }, + "is-path-in-cwd": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-path-in-cwd/-/is-path-in-cwd-1.0.1.tgz", + "integrity": "sha512-FjV1RTW48E7CWM7eE/J2NJvAEEVektecDBVBE5Hh3nM1Jd0kvhHtX68Pr3xsDf857xt3Y4AkwVULK1Vku62aaQ==", + "dev": true, + "requires": { + "is-path-inside": "^1.0.0" + } + }, + "is-path-inside": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-1.0.1.tgz", + "integrity": "sha1-jvW33lBDej/cprToZe96pVy0gDY=", + "dev": true, + "requires": { + "path-is-inside": "^1.0.1" + } + }, "is-plain-object": { "version": "2.0.4", "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-2.0.4.tgz", @@ -2853,6 +3256,12 @@ "integrity": "sha1-IHurkWOEmcB7Kt8kCkGochADRXU=", "dev": true }, + "is-promise": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/is-promise/-/is-promise-2.1.0.tgz", + "integrity": "sha1-eaKp7OfwlugPNtKy87wWwf9L8/o=", + "dev": true + }, "is-regex": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/is-regex/-/is-regex-1.0.4.tgz", @@ -2862,6 +3271,12 @@ "has": "^1.0.1" } }, + "is-resolvable": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/is-resolvable/-/is-resolvable-1.1.0.tgz", + "integrity": "sha512-qgDYXFSR5WvEfuS5dMj6oTMEbrrSaM0CrFk2Yiq/gXnBvD9pMa2jGXxyhGLfvhZpuMZe18CJpFxAt3CRs42NMg==", + "dev": true + }, "is-stream": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", @@ -3607,9 +4022,15 @@ "dev": true }, "json-schema-traverse": { - "version": "0.3.1", - "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.3.1.tgz", - "integrity": "sha1-NJptRMU6Ud6JtAgFxdXlm0F9M0A=", + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, + "json-stable-stringify-without-jsonify": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz", + "integrity": "sha1-nbe1lJatPzz+8wp1FC0tkwrXJlE=", "dev": true }, "json-stringify-safe": { @@ -3954,6 +4375,12 @@ "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g=", "dev": true }, + "mute-stream": { + "version": "0.0.7", + "resolved": "https://registry.npmjs.org/mute-stream/-/mute-stream-0.0.7.tgz", + "integrity": "sha1-MHXOk7whuPq0PhvE2n6BFe0ee6s=", + "dev": true + }, "nan": { "version": "2.11.0", "resolved": "https://registry.npmjs.org/nan/-/nan-2.11.0.tgz", @@ -4006,6 +4433,12 @@ "integrity": "sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc=", "dev": true }, + "nice-try": { + "version": "1.0.5", + "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", + "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==", + "dev": true + }, "node-int64": { "version": "0.4.0", "resolved": "https://registry.npmjs.org/node-int64/-/node-int64-0.4.0.tgz", @@ -4181,6 +4614,15 @@ "wrappy": "1" } }, + "onetime": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/onetime/-/onetime-2.0.1.tgz", + "integrity": "sha1-BnQoIw/WdEOyeUsiu6UotoZ5YtQ=", + "dev": true, + "requires": { + "mimic-fn": "^1.0.0" + } + }, "optimist": { "version": "0.6.1", "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz", @@ -4311,6 +4753,12 @@ "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=", "dev": true }, + "path-is-inside": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/path-is-inside/-/path-is-inside-1.0.2.tgz", + "integrity": "sha1-NlQX3t5EQw0cEa9hAn+s8HS9/FM=", + "dev": true + }, "path-key": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz", @@ -4370,6 +4818,12 @@ "find-up": "^2.1.0" } }, + "pluralize": { + "version": "7.0.0", + "resolved": "https://registry.npmjs.org/pluralize/-/pluralize-7.0.0.tgz", + "integrity": "sha512-ARhBOdzS3e41FbkW/XWrTEtukqqLoK5+Z/4UeDaLuSW+39JPeFgs4gCGqsrJHVZX0fUrx//4OF0K1CUGwlIFow==", + "dev": true + }, "pn": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/pn/-/pn-1.1.0.tgz", @@ -4424,6 +4878,12 @@ "integrity": "sha512-MtEC1TqN0EU5nephaJ4rAtThHtC86dNN9qCuEhtshvpVBkAW5ZO7BASN9REnF9eoXGcRub+pFuKEpOHE+HbEMw==", "dev": true }, + "progress": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.0.tgz", + "integrity": "sha1-ihvjZr+Pwj2yvSPxDG/pILQ4nR8=", + "dev": true + }, "prompts": { "version": "0.1.14", "resolved": "https://registry.npmjs.org/prompts/-/prompts-0.1.14.tgz", @@ -4646,6 +5106,12 @@ "safe-regex": "^1.1.0" } }, + "regexpp": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/regexpp/-/regexpp-2.0.1.tgz", + "integrity": "sha512-lv0M6+TkDVniA3aD1Eg0DVpfU/booSu7Eev3TDO/mZKHBfVjgCGTV4t4buppESEYDtkArYFOxTJWv6S5C+iaNw==", + "dev": true + }, "remove-trailing-separator": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz", @@ -4733,6 +5199,24 @@ "integrity": "sha1-l/cXtp1IeE9fUmpsWqj/3aBVpNE=", "dev": true }, + "require-uncached": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/require-uncached/-/require-uncached-1.0.3.tgz", + "integrity": "sha1-Tg1W1slmL9MeQwEcS5WqSZVUIdM=", + "dev": true, + "requires": { + "caller-path": "^0.1.0", + "resolve-from": "^1.0.0" + }, + "dependencies": { + "resolve-from": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/resolve-from/-/resolve-from-1.0.1.tgz", + "integrity": "sha1-Jsv+k10a7uq7Kbw/5a6wHpPUQiY=", + "dev": true + } + } + }, "requizzle": { "version": "0.2.1", "resolved": "https://registry.npmjs.org/requizzle/-/requizzle-0.2.1.tgz", @@ -4777,6 +5261,16 @@ "integrity": "sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=", "dev": true }, + "restore-cursor": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-2.0.0.tgz", + "integrity": "sha1-n37ih/gv0ybU/RYpI9YhKe7g368=", + "dev": true, + "requires": { + "onetime": "^2.0.0", + "signal-exit": "^3.0.2" + } + }, "ret": { "version": "0.1.15", "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz", @@ -4798,6 +5292,24 @@ "integrity": "sha512-OfWGQTb9vnwRjwtA2QwpG2ICclHC3pgXZO5xt8H2EfgDquO0qVdSb5T88L4qJVAEugbS56pAuV4XZM58UX8ulw==", "dev": true }, + "run-async": { + "version": "2.3.0", + "resolved": "https://registry.npmjs.org/run-async/-/run-async-2.3.0.tgz", + "integrity": "sha1-A3GrSuC91yDUFm19/aZP96RFpsA=", + "dev": true, + "requires": { + "is-promise": "^2.1.0" + } + }, + "rxjs": { + "version": "6.3.3", + "resolved": "https://registry.npmjs.org/rxjs/-/rxjs-6.3.3.tgz", + "integrity": "sha512-JTWmoY9tWCs7zvIk/CvRjhjGaOd+OVBM987mxFo+OW66cGpdKjZcpmc74ES1sB//7Kl/PAe8+wEakuhG4pcgOw==", + "dev": true, + "requires": { + "tslib": "^1.9.0" + } + }, "safe-buffer": { "version": "5.1.2", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", @@ -5198,6 +5710,15 @@ "integrity": "sha1-xB8vbDn8FtHNF61LXYlhFK5HDVU=", "dev": true }, + "slice-ansi": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-1.0.0.tgz", + "integrity": "sha512-POqxBK6Lb3q6s047D/XsDVNPnF9Dl8JSaqe9h9lURl0OdNqy/ujDrOiIHtsqXMGbWWTIomRzAMaTyawAU//Reg==", + "dev": true, + "requires": { + "is-fullwidth-code-point": "^2.0.0" + } + }, "snapdragon": { "version": "0.8.2", "resolved": "https://registry.npmjs.org/snapdragon/-/snapdragon-0.8.2.tgz", @@ -5567,6 +6088,46 @@ "integrity": "sha1-rifbOPZgp64uHDt9G8KQgZuFGeY=", "dev": true }, + "table": { + "version": "4.0.3", + "resolved": "http://registry.npmjs.org/table/-/table-4.0.3.tgz", + "integrity": "sha512-S7rnFITmBH1EnyKcvxBh1LjYeQMmnZtCXSEbHcH6S0NoKit24ZuFO/T1vDcLdYsLQkM188PVVhQmzKIuThNkKg==", + "dev": true, + "requires": { + "ajv": "^6.0.1", + "ajv-keywords": "^3.0.0", + "chalk": "^2.1.0", + "lodash": "^4.17.4", + "slice-ansi": "1.0.0", + "string-width": "^2.1.1" + }, + "dependencies": { + "ajv": { + "version": "6.5.4", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.5.4.tgz", + "integrity": "sha512-4Wyjt8+t6YszqaXnLDfMmG/8AlO5Zbcsy3ATHncCzjW/NoPzAId8AK6749Ybjmdt+kUY1gP60fCu46oDxPv/mg==", + "dev": true, + "requires": { + "fast-deep-equal": "^2.0.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, + "fast-deep-equal": { + "version": "2.0.1", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz", + "integrity": "sha1-ewUhjd+WZ79/Nwv3/bLLFf3Qqkk=", + "dev": true + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + } + } + }, "table-layout": { "version": "0.4.4", "resolved": "https://registry.npmjs.org/table-layout/-/table-layout-0.4.4.tgz", @@ -5615,12 +6176,33 @@ "typical": "^2.6.1" } }, + "text-table": { + "version": "0.2.0", + "resolved": "https://registry.npmjs.org/text-table/-/text-table-0.2.0.tgz", + "integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=", + "dev": true + }, "throat": { "version": "4.1.0", "resolved": "https://registry.npmjs.org/throat/-/throat-4.1.0.tgz", "integrity": "sha1-iQN8vJLFarGJJua6TLsgDhVnKmo=", "dev": true }, + "through": { + "version": "2.3.8", + "resolved": "http://registry.npmjs.org/through/-/through-2.3.8.tgz", + "integrity": "sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU=", + "dev": true + }, + "tmp": { + "version": "0.0.33", + "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz", + "integrity": "sha512-jRCJlojKnZ3addtTOjdIqoRuPEKBvNXcGYqzO6zWZX8KfKEpnGY5jfggJQ3EjKuu8D4bJRr0y+cYJFmYbImXGw==", + "dev": true, + "requires": { + "os-tmpdir": "~1.0.2" + } + }, "tmpl": { "version": "1.0.4", "resolved": "https://registry.npmjs.org/tmpl/-/tmpl-1.0.4.tgz", @@ -5708,6 +6290,12 @@ "integrity": "sha1-yy4SAwZ+DI3h9hQJS5/kVwTqYAM=", "dev": true }, + "tslib": { + "version": "1.9.3", + "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.9.3.tgz", + "integrity": "sha512-4krF8scpejhaOgqzBEcGM7yDIEfi0/8+8zDRZhNZZ2kjmHJ4hv3zCbQWxoJGz1iw5U0Jl0nma13xzHXcncMavQ==", + "dev": true + }, "tunnel-agent": { "version": "0.6.0", "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", @@ -5876,6 +6464,15 @@ } } }, + "uri-js": { + "version": "4.2.2", + "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.2.2.tgz", + "integrity": "sha512-KY9Frmirql91X2Qgjry0Wd4Y+YTdrdZheS8TFwvkbLWf/G5KNJDCh6pKL5OZctEW4+0Baa5idK2ZQuELRwPznQ==", + "dev": true, + "requires": { + "punycode": "^2.1.0" + } + }, "urix": { "version": "0.1.0", "resolved": "https://registry.npmjs.org/urix/-/urix-0.1.0.tgz", @@ -6083,6 +6680,15 @@ "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=", "dev": true }, + "write": { + "version": "0.2.1", + "resolved": "https://registry.npmjs.org/write/-/write-0.2.1.tgz", + "integrity": "sha1-X8A4KOJkzqP+kUVUdvejxWbLB1c=", + "dev": true, + "requires": { + "mkdirp": "^0.5.1" + } + }, "write-file-atomic": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/write-file-atomic/-/write-file-atomic-2.3.0.tgz", diff --git a/package.json b/package.json index cbf4efe..3cef597 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "syslog-pro", - "version": "0.1.2", + "version": "0.1.1", "description": "A Syslog client which options for UDP, TCP, and TLS transport and suport for both RFC-3164 and RFC-5424 including Structured Data.", "keywords": [ "Syslog", @@ -57,14 +57,18 @@ "moment": "^2.22.2" }, "devDependencies": { + "ajv": "^6.5.4", "coveralls": "^3.0.2", "docco": "^0.8.0", "docdash": "^1.0.0", + "eslint": "^5.6.1", + "eslint-config-strongloop": "^2.1.0", "jest": "^23.5.0", "jsdoc": "^3.5.5", "jsdoc-to-markdown": "^4.0.1" }, "scripts": { + "pretest": "eslint .", "test": "jest --colors --expand --logHeapUsage --runInBand && cat ./coverage/lcov.info | ./node_modules/coveralls/bin/coveralls.js", "docs": "jsdoc *.js -c ./jsdoc.json; jsdoc2md --template ./jsdoc2md/api.hbs --files *.js > ./docs/api.md; docco --output ./docs/docco --layout plain-markdown *.js && mv ./docs/docco/index.html ./docs/docco/README.md; docco --output ./docs/docco *.js", "jsdoc": "jsdoc *.js -c ./jsdoc.json", diff --git a/tests/jest_test_client_pubkey.pem b/tests/jest_test_client_pubkey.pem new file mode 100644 index 0000000..884d151 --- /dev/null +++ b/tests/jest_test_client_pubkey.pem @@ -0,0 +1,14 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAltzRZxhTAUix+gkehXJ7 +sAQ4eIYnN6uwkCgq2z4Kt9gH0Kh+ViN6YUP4/UvRCTWXlClz9U8TtEECvcKTkP3d +OLKt4rYueARxg2xu5yRHpJyRfFNb+Rp+cf3B8UzjUPFMA6o1bMP1aXgl1ztTEWlb +/EryeAQXkObniV3n22dLUXj63Rbyd2h1Rn5VqCBXn3Azl1Dgl143wRKRBSdhHx0F +jhZwcK9XA53LYfA/Du8PlXMMOkuZ0lCKy7sS0YTih8YVgg0bVQL4UBvQkCcwW6sc +xiMIm8eoDcBGo5qqIegKhMNN65JacVjGYIbzX25qH7o0v6dTF/kMBNjZ+qXZBXbV +LRny10dXu7QNwh6Q3AQPdhvbI4d5xLqcClkReDe15xz5RofeMs+VH6kJDS1U7G3U +Vp1dra9TD0aYJBOudtzJvQJHc7+me18rvAeWXWENchTceaV28IR1nsqWecTEIluT +2b7+65TgNljG3YPH2/CgUxrshMZe6he7+NtLC56fh+FKm+bQtTmerBqZiJHHBkUR +fOJlDFWUIybIiDZ8Vx+0v0DdsDSywjxuS/NUiG2+59O62gwkoFzpXmvXlB5guoHp +YzOYX/aoqdHm+vHBUp3PMf+Krk7K4wgnj9a2/5ue73suUAhWdWLmJtD4rzlPw3Ag +3/OYBIJ4gcsOP0ZCW6/9mOECAwEAAQ== +-----END PUBLIC KEY----- diff --git a/tests/jest_test_server_pubkey.pem b/tests/jest_test_server_pubkey.pem new file mode 100644 index 0000000..5d43e00 --- /dev/null +++ b/tests/jest_test_server_pubkey.pem @@ -0,0 +1,14 @@ +-----BEGIN PUBLIC KEY----- +MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAt2Z0LkXhPpMu9lkDUxRg +QXEqCU0StVFxRrjVq5vvr4R21wSwyZHcDGRA1t9YjyQdlGW1kRoy1PzQsCSi2EGF +n08keUXK43kkHmSnF/3DtEb+3T2sUYkkKyb+PKEFM5nXkVgiYZoypSClDV7k9ofQ +UypnSZcxThsyx1sBHBNsfHLqkfVH8wpHMkmWvKRxEcI/3w6odh4S0QUqx2T7VI8f +Fv0Ek7gi4qAA8o3aNt5mmw21HcfZidI8sEicpGBlTVxmE1H/tNbxVreTdr88qC7m +qyGsPRckmOrVp1XwpjhbHBvjSEpw/JvrFjrNoUIIm0p7PRyoGHKAewboS9LYn5SR +Kd2d42wkOpCjTkNGrsvwvJFf+RaK/D7at5CbCRYjjFf9GXPeDLxYkp3LAbCAygQ6 +kZXAy6U/H7atuXw7OQMfBAstS/pIzjvUlECZTc6zfgCV+Nvgwyin9PVIO2JP1rX+ +b9C1gGa2ax0EgI2BH3F+nZ/CDFLtO9wC6cvcLgskZw9SR92aUlUboIqizWrmihFP +LDZel9bTxtLs3ifsYOY4nJeJFTE+TtkWDioikVHm6dyhnhXX4tehpjLOjdqkkxqF +Zf+vDlw+vOraEsiQVbSdk+27UFUChziCIUfzD4SaBaDFr9aDcdOc/CvfKkHOu03x +90HgtSFphfqIBlOQMFpFeA8CAwEAAQ== +-----END PUBLIC KEY-----