diff --git a/.eslintrc.json b/.eslintrc.json index 79bfcdd..ef901a8 100644 --- a/.eslintrc.json +++ b/.eslintrc.json @@ -3,5 +3,8 @@ "env": { "node": true, "es6": true + }, + "parserOptions": { + "ecmaVersion": "2018" } -} \ No newline at end of file +} diff --git a/index.js b/index.js index 8368146..0e923fb 100644 --- a/index.js +++ b/index.js @@ -3,8 +3,6 @@ /** * @fileoverview The SyslogPro module for sending syslog messages - * Most APIs will return a promise. These APIs can be used using - * `then(...)/catch(...)` * * Syslog formatting classes can be used as input into a Syslog class to be used * simultaneously to the same Syslog server. The Syslog Class with a configured @@ -35,63 +33,59 @@ const fs = require('fs'); */ function rgbToAnsi(hex, extendedColor) { - return new Promise((resolve, reject) => { - let colorCode = 0; // Var to hold color code - // Break HEX Code up into RGB - const hexParts = /^#?([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i.exec(hex); - if (hexParts || typeof hex === 'number') { - if (typeof hex === 'number') { - if (extendedColor && hex < 256) { - resolve(hex); - } else if ((hex > 29 && hex < 38) || (hex > 89 && hex < 98)) { - resolve(hex); + let colorCode = 0; // Var to hold color code + // Break HEX Code up into RGB + const hexParts = /^#?([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i.exec(hex); + if (hexParts || typeof hex === 'number') { + if (typeof hex === 'number') { + if (extendedColor && hex < 256) { + return hex; + } else if ((hex > 29 && hex < 38) || (hex > 89 && hex < 98)) { + return hex; + } else { + throw new Error('FORMAT ERROR: Color code not in range'); + } + } else { + const r = parseInt(hexParts[1], 16); + const g = parseInt(hexParts[2], 16); + const b = parseInt(hexParts[3], 16); + if (extendedColor) { + if (r === g && g === b) { + // Gray Scale Color + if (r < 8) { + colorCode = 16; + } else if (r > 248) { + colorCode = 231; + } else { + colorCode = Math.round(((r - 8) / 247) * 24) + 232; + } } else { - reject(new Error('FORMAT ERROR: Color code not in range')); + colorCode = 16 + + (36 * Math.round(r / 255 * 5)) + + (6 * Math.round(g / 255 * 5)) + + Math.round(b / 255 * 5); } } else { - const r = parseInt(hexParts[1], 16); - const g = parseInt(hexParts[2], 16); - const b = parseInt(hexParts[3], 16); - if (extendedColor) { - if (r === g && g === b) { - // Gray Scale Color - if (r < 8) { - colorCode = 16; - } else if (r > 248) { - colorCode = 231; - } else { - colorCode = Math.round(((r - 8) / 247) * 24) + 232; - } - } else { - colorCode = 16 - + (36 * Math.round(r / 255 * 5)) - + (6 * Math.round(g / 255 * 5)) - + Math.round(b / 255 * 5); - } - } else { - colorCode = 30; - const red = r / 255; - const green = g / 255; - const blue = b / 255; - let v = Math.max(red, green, blue) * 100; - v = Math.round(v / 50); - if (v === 1) { - colorCode += ((Math.round(b / 255) << 2) - | (Math.round(g / 255) << 1) - | Math.round(r / 255)); - } - if (v === 2) { - colorCode += 60; - } + colorCode = 30; + const red = r / 255; + const green = g / 255; + const blue = b / 255; + let v = Math.max(red, green, blue) * 100; + v = Math.round(v / 50); + if (v === 1) { + colorCode += ((Math.round(b / 255) << 2) + | (Math.round(g / 255) << 1) + | Math.round(r / 255)); + } + if (v === 2) { + colorCode += 60; } } - resolve(colorCode); - return; - } else { - reject(new Error('TYPE ERROR: Not in RGB color hex or color code')); - return; } - }); + return colorCode; + } else { + throw new Error('TYPE ERROR: Not in RGB color hex or color code'); + } } /** @@ -238,24 +232,22 @@ class Syslog { * @version 0.0.0 * @since 0.0.0 * @param {string|string[]} certs - File location of the certificate(s) - * @returns {Promise} - True + * @returns {boolean} - True * @throws {Error} - A Type Error */ addTlsServerCerts(certs) { - return new Promise((resolve, reject) => { - if (typeof certs === 'object' && Array.isArray(certs)) { - /** @private @type {string[]} */ - this.tlsServerCerts = certs; - } else if (typeof certs === 'string') { - this.tlsServerCerts = [certs]; - } else { - let errMsg = - 'TYPE ERROR: Server Cert file locations should be a string'; - errMsg += ' or array of strings'; - reject(new Error(errMsg)); - } - resolve(true); - }); + if (typeof certs === 'object' && Array.isArray(certs)) { + /** @private @type {string[]} */ + this.tlsServerCerts = certs; + } else if (typeof certs === 'string') { + this.tlsServerCerts = [certs]; + } else { + let errMsg = + 'TYPE ERROR: Server Cert file locations should be a string'; + errMsg += ' or array of strings'; + throw new Error(errMsg); + } + return true; } /** * Send the Syslog message over UDP @@ -264,27 +256,22 @@ class Syslog { * @returns {Promise} - The Syslog formatted string sent * @throws {Error} - Network Error */ - udpMessage(msg) { - return new Promise((resolve, reject) => { - // Test for target DNS and Address Family (IPv4/6) by looking up the DNS - const dgram = require('dgram'); - const dnsOptions = { - verbatim: true, - }; - dnsPromises.lookup(this.target, dnsOptions) - .then((result) => { - const udpType = result.family === 4 ? 'udp4' : 'udp6'; - let client = dgram.createSocket(udpType); - // Turn msg in to a UTF8 buffer - let msgBuffer = Buffer.from(msg, 'utf8'); - client.send(msgBuffer, this.port, this.target, () => { - client.close(); - resolve(msg); - }); - }) - .catch((error) => { - reject(error); // Reject out of the sendMessage function promise - }); + async udpMessage(msg) { + // Test for target DNS and Address Family (IPv4/6) by looking up the DNS + const dgram = require('dgram'); + const dnsOptions = { + verbatim: true, + }; + const result = await dnsPromises.lookup(this.target, dnsOptions); + const udpType = result.family === 4 ? 'udp4' : 'udp6'; + let client = dgram.createSocket(udpType); + // Turn msg in to a UTF8 buffer + let msgBuffer = Buffer.from(msg, 'utf8'); + return new Promise((resolve) => { + client.send(msgBuffer, this.port, this.target, () => { + client.close(); + resolve(msg); + }); }); } /** @@ -295,42 +282,37 @@ class Syslog { * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - tcpMessage(msg) { + async tcpMessage(msg) { + const net = require('net'); + const dnsOptions = { + verbatim: true, + }; + const result = await dnsPromises.lookup(this.target, dnsOptions); + const tcpOptions = { + host: this.target, + port: this.port, + family: result.family, + }; + const client = net.createConnection(tcpOptions, () => { + // Turn msg in to a UTF8 buffer + let msgBuffer = Buffer.from(msg, 'utf8'); + client.write(msgBuffer, () => { + client.end(); + }); + }); + client.setTimeout(this.tcpTimeout); return new Promise((resolve, reject) => { - const net = require('net'); - const dnsOptions = { - verbatim: true, - }; - dnsPromises.lookup(this.target, dnsOptions) - .then((result) => { - const tcpOptions = { - host: this.target, - port: this.port, - family: result.family, - }; - const client = net.createConnection(tcpOptions, () => { - // Turn msg in to a UTF8 buffer - let msgBuffer = Buffer.from(msg, 'utf8'); - client.write(msgBuffer, () => { - client.end(); - }); - }); - client.setTimeout(this.tcpTimeout); - client.on('end', () => { - resolve(msg); - }); - client.on('timeout', () => { - client.end(); - reject(new Error('TIMEOUT ERROR: Syslog server TCP timeout')); - }); - client.on('error', (error) => { - client.destroy(); - reject(error); - }); - }) - .catch((error) => { - reject(error); - }); + client.on('end', () => { + resolve(msg); + }); + client.on('timeout', () => { + client.end(); + reject(new Error('TIMEOUT ERROR: Syslog server TCP timeout')); + }); + client.on('error', (error) => { + client.destroy(); + reject(error); + }); }); } /** @@ -341,55 +323,53 @@ class Syslog { * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - tlsMessage(msg) { - return new Promise((resolve, reject) => { - const tls = require('tls'); - const tlsOptions = { - host: this.target, - port: this.port, - }; - // Load client cert and key if requested - if (typeof this.tlsClientKey === 'string' - && typeof this.tlsClientCert === 'string') { - tlsOptions.key = fs.readFileSync(this.tlsClientKey); - tlsOptions.cert = fs.readFileSync(this.tlsClientCert); - } else if (typeof this.tlsClientKey !== 'string' - && typeof this.tlsClientKey !== 'undefined') { - let errMsg = 'TYPE ERROR: TLS Client Key is not a file'; - errMsg += 'location string'; - reject(new Error(errMsg)); - return; - } else if (typeof this.tlsClientCert !== 'string' - && typeof this.tlsClientCert !== 'undefined') { - let errMsg = 'TYPE ERROR: TLS Client Cert is not a file'; - errMsg += 'location string'; - reject(new Error(errMsg)); - return; - } - // Load any server certs if provided - let tlsCerts = this.tlsServerCerts.length; - if (tlsCerts > 0) { - let tlsOptionsCerts = []; - for (let certIndex = 0; certIndex < tlsCerts; certIndex++) { - if (typeof this.tlsServerCerts[certIndex] !== 'string') { - let errMsg = 'TYPE ERROR: TLS Server Cert is not a file'; - errMsg += 'location string'; - reject(new Error(errMsg)); - } - let cert = fs.readFileSync(this.tlsServerCerts[certIndex]); - tlsOptionsCerts.push(cert); + async tlsMessage(msg) { + const tls = require('tls'); + const tlsOptions = { + host: this.target, + port: this.port, + }; + // Load client cert and key if requested + if (typeof this.tlsClientKey === 'string' + && typeof this.tlsClientCert === 'string') { + tlsOptions.key = fs.readFileSync(this.tlsClientKey); + tlsOptions.cert = fs.readFileSync(this.tlsClientCert); + } else if (typeof this.tlsClientKey !== 'string' + && typeof this.tlsClientKey !== 'undefined') { + let errMsg = 'TYPE ERROR: TLS Client Key is not a file'; + errMsg += 'location string'; + throw new Error(errMsg); + } else if (typeof this.tlsClientCert !== 'string' + && typeof this.tlsClientCert !== 'undefined') { + let errMsg = 'TYPE ERROR: TLS Client Cert is not a file'; + errMsg += 'location string'; + throw new Error(errMsg); + } + // Load any server certs if provided + let tlsCerts = this.tlsServerCerts.length; + if (tlsCerts > 0) { + let tlsOptionsCerts = []; + for (let certIndex = 0; certIndex < tlsCerts; certIndex++) { + if (typeof this.tlsServerCerts[certIndex] !== 'string') { + let errMsg = 'TYPE ERROR: TLS Server Cert is not a file'; + errMsg += 'location string'; + throw new Error(errMsg); } - tlsOptions.ca = tlsOptionsCerts; - tlsOptions.rejectUnauthorized = true; + let cert = fs.readFileSync(this.tlsServerCerts[certIndex]); + tlsOptionsCerts.push(cert); } - const client = tls.connect(tlsOptions, () => { - // Turn msg in to a UTF8 buffer - let msgBuffer = Buffer.from(msg, 'utf8'); - client.write(msgBuffer, () => { - client.end(); - }); + tlsOptions.ca = tlsOptionsCerts; + tlsOptions.rejectUnauthorized = true; + } + const client = tls.connect(tlsOptions, () => { + // Turn msg in to a UTF8 buffer + let msgBuffer = Buffer.from(msg, 'utf8'); + client.write(msgBuffer, () => { + client.end(); }); - client.setTimeout(this.tcpTimeout); + }); + client.setTimeout(this.tcpTimeout); + return new Promise((resolve, reject) => { client.on('end', () => { resolve(msg); }); @@ -412,51 +392,156 @@ class Syslog { * @throws {Error} - Timeout error for TCP and TLS connections * @throws {Error} - Network Error */ - send(msg) { - return new Promise((resolve, reject) => { - if (typeof msg !== 'string') { - reject(new Error('TYPE ERROR: Syslog message must be a string')); - return; + async send(msg) { + if (typeof msg !== 'string') { + throw new Error('TYPE ERROR: Syslog message must be a string'); + } + this.protocol = this.protocol.toLowerCase(); + if (this.protocol === 'udp') { + return this.udpMessage(msg); + } else if (this.protocol === 'tcp') { + return this.tcpMessage(msg); + } else if (this.protocol === 'tls') { + return this.tlsMessage(msg); + } else { + let errorMsg = 'FORMAT ERROR: Protocol not recognized, should be '; + errorMsg += 'udp|tcp|tls'; + throw new Error(errorMsg); + } + } +} + +/** + * The base class of RFC formartted syslog messages. + */ +class RFC { + /** + * Sets the color to be used for messages at a set priority + * @public + * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * Extended) + * @param {string} [colors.alertColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * Extended) + * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * Extended) + * @param {string} [colors.errorColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * Extended) + * @param {string} [colors.warningColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * Extended) + * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * Extended) + * @param {string} [colors.informationalColor] - A RGB Hex coded color in the + * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & + * 0-255 Extended) + * @param {string} [colors.debugColor] - A RGB Hex coded color in the form + * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 + * Extended) + * @throws {Error} A standard error object + */ + setColor(colors, extendedColor) { + if (colors.emergencyColor) { + try { + this.emergencyColor = rgbToAnsi( + colors.emergencyColor, + this.extendedColor + ); + } catch (reason) { + reason.message = 'TYPE ERROR: '; + reason.message += 'emergencyColor'; + reason.message += ' Not in RGB color hex or color code'; + throw reason; } - this.protocol = this.protocol.toLowerCase(); - if (this.protocol === 'udp') { - this.udpMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); - } else if (this.protocol === 'tcp') { - this.tcpMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); - } else if (this.protocol === 'tls') { - this.tlsMessage(msg) - .then((result) => { - resolve(result); - }) - .catch((reson) => { - reject(reson); - }); - } else { - let errorMsg = 'FORMAT ERROR: Protocol not recognized, should be '; - errorMsg += 'udp|tcp|tls'; - reject(new Error(errorMsg)); + } + if (colors.alertColor) { + try { + this.alertColor = rgbToAnsi(colors.alertColor, this.extendedColor); + } catch (reason) { + reason.message = 'TYPE ERROR: '; + reason.message += 'alertColor'; + reason.message += ' Not in RGB color hex or color code'; + throw reason; } - }); + } + if (colors.criticalColor) { + try { + this.criticalColor = rgbToAnsi( + colors.criticalColor, + this.extendedColor + ); + } catch (reason) { + reason.message = 'TYPE ERROR: '; + reason.message += 'criticalColor'; + reason.message += ' Not in RGB color hex or color code'; + throw reason; + } + } + if (colors.errorColor) { + try { + this.errorColor = rgbToAnsi(colors.errorColor, this.extendedColor); + } catch (reason) { + reason.message = 'TYPE ERROR: '; + reason.message += 'errorColor'; + reason.message += ' Not in RGB color hex or color code'; + throw reason; + } + } + if (colors.warningColor) { + try { + this.warningColor = rgbToAnsi(colors.warningColor, this.extendedColor); + } catch (reason) { + reason.message = 'TYPE ERROR: '; + reason.message += 'warningColor'; + reason.message += ' Not in RGB color hex or color code'; + throw reason; + } + } + if (colors.noticeColor) { + try { + this.noticeColor = rgbToAnsi(colors.noticeColor, this.extendedColor); + } catch (reason) { + reason.message = 'TYPE ERROR: '; + reason.message += 'noticeColor'; + reason.message += ' Not in RGB color hex or color code'; + throw reason; + } + } + if (colors.informationalColor) { + try { + this.informationalColor = rgbToAnsi( + colors.informationalColor, + this.extendedColor + ); + } catch (reason) { + reason.message = 'TYPE ERROR: '; + reason.message += 'informationalColor'; + reason.message += ' Not in RGB color hex or color code'; + throw reason; + } + } + if (colors.debugColor) { + try { + this.debugColor = rgbToAnsi(colors.debugColor, this.extendedColor); + } catch (reason) { + reason.message = 'TYPE ERROR: '; + reason.message += 'debugColor'; + reason.message += ' Not in RGB color hex or color code'; + throw reason; + } + } + return true; } } /** * A class to work with RFC3164 formatted syslog messages. The messaging is * fully configurable and ANSI foreground colors can be added. Both ANSI 8 and - * ANSI 256 color are fully supported. Most APIs will return a promise. These - * APIs can be used using `then(...)/catch(...)` + * ANSI 256 color are fully supported. * * A Syslog class with a configured * Syslog server target can also be used as the input into the formatting @@ -469,7 +554,7 @@ class Syslog { * @version 0.0.0 * @since 0.0.0 */ -class RFC3164 { +class RFC3164 extends RFC { /** * Construct a new RFC3164 formatted Syslog object with user options * @public @@ -514,6 +599,7 @@ class RFC3164 { * from this class. @see SyslogPro~Syslog */ constructor(options) { + super(); /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -575,175 +661,6 @@ class RFC3164 { this.setColor(options.colors, this.extendedColor); } } - /** - * Sets the color to be used for messages at a set priority - * @public - * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.informationalColor] - A RGB Hex coded color in the - * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & - * 0-255 Extended) - * @param {string} [colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @throws {Error} A standard error object - */ - setColor(colors, extendedColor) { - return new Promise((resolve, reject) => { - let colorPromises = []; - if (colors.emergencyColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.emergencyColor, this.extendedColor) - .then((result) => { - this.emergencyColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'emergencyColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.alertColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.alertColor, this.extendedColor) - .then((result) => { - this.alertColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'alertColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.criticalColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.criticalColor, this.extendedColor) - .then((result) => { - this.criticalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'criticalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.errorColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.errorColor, this.extendedColor) - .then((result) => { - this.errorColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'errorColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.warningColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.warningColor, this.extendedColor) - .then((result) => { - this.warningColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'warningColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.noticeColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.noticeColor, this.extendedColor) - .then((result) => { - this.noticeColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'noticeColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.informationalColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.informationalColor, this.extendedColor) - .then((result) => { - this.informationalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'informationalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.debugColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.debugColor, this.extendedColor) - .then((result) => { - this.debugColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'debugColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - Promise.all(colorPromises) - .then((results) => { - resolve(true); - }) - .catch((reson) => { - reject(reson); - }); - }); - } /** * Building a formatted message. Returns a promise with a formatted message * @public @@ -756,56 +673,53 @@ class RFC3164 { * @throws {Error} A standard error object */ buildMessage(msg, options) { - return new Promise((resolve, reject) => { - options = options || {}; - let severity = typeof options.severity === 'number' ? - options.severity : 6; - if (typeof msg !== 'string' || options.msgSeverity > 7) { - let errMsg = 'FORMAT ERROR: Syslog message must be a string'; - errMsg += ' msgSeverity must be a number between 0 and 7'; - reject(new Error(errMsg)); - return; + options = options || {}; + let severity = typeof options.severity === 'number' ? + options.severity : 6; + if (typeof msg !== 'string' || options.msgSeverity > 7) { + let errMsg = 'FORMAT ERROR: Syslog message must be a string'; + errMsg += ' msgSeverity must be a number between 0 and 7'; + throw new Error(errMsg); + } + let fmtMsg = ''; // Formatted Syslog message string var + const newLine = '\n'; + const newLineRegEx = /(\r|\n|(\r\n))/; + const escapeCode = '\u001B'; + const resetColor = '\u001B[0m'; + // The PRI is common to both RFC formats + const pri = (this.facility * 8) + severity; + // Remove any newline character + msg = msg.replace(newLineRegEx, ''); + // Add requested color + if (this.color) { + options.msgColor = options.msgColor || 36; + let colorCode = '['; + if (this.extendedColor) { + colorCode += '38;5;'; // Extended 256 Colors ANSI Code } - let fmtMsg = ''; // Formatted Syslog message string var - const newLine = '\n'; - const newLineRegEx = /(\r|\n|(\r\n))/; - const escapeCode = '\u001B'; - const resetColor = '\u001B[0m'; - // The PRI is common to both RFC formats - const pri = (this.facility * 8) + severity; - // Remove any newline character - msg = msg.replace(newLineRegEx, ''); - // Add requested color - if (this.color) { - options.msgColor = options.msgColor || 36; - let colorCode = '['; - if (this.extendedColor) { - colorCode += '38;5;'; // Extended 256 Colors ANSI Code - } - if (typeof options.msgColor === 'number') { - colorCode += options.msgColor; - colorCode += 'm'; // ANSI Color Closer - } else { - colorCode = '[39m'; // Use terminal's default color - } - msg = escapeCode + colorCode + msg + resetColor; + if (typeof options.msgColor === 'number') { + colorCode += options.msgColor; + colorCode += 'm'; // ANSI Color Closer + } else { + colorCode = '[39m'; // Use terminal's default color } - // RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164 - // uses BSD timeformat - const rfc3164DateRegEx = + msg = escapeCode + colorCode + msg + resetColor; + } + // RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164 + // uses BSD timeformat + const rfc3164DateRegEx = /((A|D|F|J|M|N|O|S)(a|c|e|p|o|u)(b|c|g|l|n|p|r|t|v|y)\s)0(\d\s\d\d:\d\d:\d\d)/; - const timestamp = moment() - .format('MMM DD hh:mm:ss') - .replace(rfc3164DateRegEx, '$1 $5'); - // Build message - fmtMsg = '<' + pri + '>'; - fmtMsg += timestamp; - fmtMsg += ' ' + this.hostname; - fmtMsg += ' ' + this.applicationName; - fmtMsg += ' ' + msg; - fmtMsg += newLine; - resolve(fmtMsg); - }); + const timestamp = moment() + .format('MMM DD hh:mm:ss') + .replace(rfc3164DateRegEx, '$1 $5'); + // Build message + fmtMsg = '<' + pri + '>'; + fmtMsg += timestamp; + fmtMsg += ' ' + this.hostname; + fmtMsg += ' ' + this.applicationName; + fmtMsg += ' ' + msg; + fmtMsg += newLine; + return fmtMsg; } /** * send a RFC5424 formatted message. Returns a promise with the formatted @@ -820,25 +734,12 @@ class RFC3164 { * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - send(msg, options) { - return new Promise((resolve, reject) => { - if (!this.server) { - this.server = new Syslog(); - } - this.buildMessage(msg, options) - .then((result) => { - this.server.send(result) - .then((sendResult) => { - resolve(sendResult); - }) - .catch((error) => { - reject(error); - }); - }) - .catch((error) => { - reject(error); - }); - }); + async send(msg, options) { + if (!this.server) { + this.server = new Syslog(); + } + const result = this.buildMessage(msg, options); + return this.server.send(result); } /** * Send a syslog message with a security level of 0 (Emergency) @@ -1023,8 +924,6 @@ class RFC3164 { * A class to work with RFC5424 formatted syslog messages. The messaging is * fully configurable and ANSI foreground * colors can be added. Both ANSI 8 * and ANSI 256 color are fully supported. - *Most APIs will return a promise. These APIs can be used using - * `then(...)/catch(...)` * * A Syslog class with a configured * Syslog server target can also be used as the input into the formatting @@ -1037,7 +936,7 @@ class RFC3164 { * @version 0.0.0 * @since 0.0.0 */ -class RFC5424 { +class RFC5424 extends RFC { /** * Construct a new RFC5424 formatted Syslog object with user options * @public @@ -1089,6 +988,7 @@ class RFC5424 { * from this class. @see SyslogPro~Syslog */ constructor(options) { + super(); /** @private @type {boolean} */ this.constructor__ = true; options = options || {}; @@ -1185,175 +1085,6 @@ class RFC5424 { this.setColor(options.colors, this.extendedColor); } } - /** - * Sets the color to be used for messages at a set priority - * @public - * @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.alertColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.criticalColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.errorColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.warningColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.noticeColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @param {string} [colors.informationalColor] - A RGB Hex coded color in the - * form of #FFFFFF or as or the ANSI color code number (30-37 Standard & - * 0-255 Extended) - * @param {string} [colors.debugColor] - A RGB Hex coded color in the form - * of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255 - * Extended) - * @throws {Error} A standard error object - */ - setColor(colors, extendedColor) { - return new Promise((resolve, reject) => { - let colorPromises = []; - if (colors.emergencyColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.emergencyColor, this.extendedColor) - .then((result) => { - this.emergencyColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'emergencyColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.alertColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.alertColor, this.extendedColor) - .then((result) => { - this.alertColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'alertColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.criticalColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.criticalColor, this.extendedColor) - .then((result) => { - this.criticalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'criticalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.errorColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.errorColor, this.extendedColor) - .then((result) => { - this.errorColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'errorColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.warningColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.warningColor, this.extendedColor) - .then((result) => { - this.warningColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'warningColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.noticeColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.noticeColor, this.extendedColor) - .then((result) => { - this.noticeColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'noticeColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.informationalColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.informationalColor, this.extendedColor) - .then((result) => { - this.informationalColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'informationalColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - if (colors.debugColor) { - colorPromises.push( - new Promise((resolve, reject) => { - rgbToAnsi(colors.debugColor, this.extendedColor) - .then((result) => { - this.debugColor = result; - resolve(true); - }) - .catch((reson) => { - reson.message = 'TYPE ERROR: '; - reson.message += 'debugColor'; - reson.message += ' Not in RGB color hex or color code'; - reject(reson); - }); - })); - } - Promise.all(colorPromises) - .then((results) => { - resolve(true); - }) - .catch((reson) => { - reject(reson); - }); - }); - } /** * Building a formatted message. Returns a promise with a formatted message * @public @@ -1371,129 +1102,126 @@ class RFC5424 { * [name@ parameter=value] * @param {number} [options.colorCode=36] - The ANSI color code to use if * message coloration is selected - * @returns {Promise} A Syslog formatted string according to the selected RFC + * @returns {string} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ buildMessage(msg, options) { - return new Promise((resolve, reject) => { - options = options || {}; - let severity = typeof options.severity === 'number' ? - options.severity : 6; - if (typeof msg !== 'string' || options.severity > 7) { - let errMsg = 'FORMAT ERROR: Syslog message must be a string'; - errMsg += ' msgSeverity must be a number between 0 and 7'; - reject(new Error(errMsg)); - return; + options = options || {}; + let severity = typeof options.severity === 'number' ? + options.severity : 6; + if (typeof msg !== 'string' || options.severity > 7) { + let errMsg = 'FORMAT ERROR: Syslog message must be a string'; + errMsg += ' msgSeverity must be a number between 0 and 7'; + throw new Error(errMsg); + } + let facility = options.facility || 23; + let pid = options.pid || '-'; + let id = options.id || '-'; + let msgStructuredData = options.msgStructuredData || []; + let fmtMsg = ''; // Formated Syslog message string var + const newLine = '\n'; + const newLineRegEx = /(\r|\n|(\r\n))/; + const escapeCode = '\u001B'; + const resetColor = '\u001B[0m'; + // The PRI is common to both RFC formats + const pri = (facility * 8) + severity; + // Remove any newline character + msg = msg.replace(newLineRegEx, ''); + // Add requested color + if (this.color) { + options.msgColor = options.msgColor || 36; + let colorCode = '['; + if (this.extendedColor) { + colorCode += '38;5;'; // Extended 256 Colors ANSI Code } - let facility = options.facility || 23; - let pid = options.pid || '-'; - let id = options.id || '-'; - let msgStructuredData = options.msgStructuredData || []; - let fmtMsg = ''; // Formated Syslog message string var - const newLine = '\n'; - const newLineRegEx = /(\r|\n|(\r\n))/; - const escapeCode = '\u001B'; - const resetColor = '\u001B[0m'; - // The PRI is common to both RFC formats - const pri = (facility * 8) + severity; - // Remove any newline character - msg = msg.replace(newLineRegEx, ''); - // Add requested color - if (this.color) { - options.msgColor = options.msgColor || 36; - let colorCode = '['; - if (this.extendedColor) { - colorCode += '38;5;'; // Extended 256 Colors ANSI Code - } - if (typeof options.msgColor === 'number') { - colorCode += options.msgColor; - colorCode += 'm'; // ANSI Color Closer - } else { - colorCode = '[39m'; // Use terminal's default color - } - msg = escapeCode + colorCode + msg + resetColor; + if (typeof options.msgColor === 'number') { + colorCode += options.msgColor; + colorCode += 'm'; // ANSI Color Closer + } else { + colorCode = '[39m'; // Use terminal's default color } - // RFC5424 timestamp formating - let timestamp = '-'; - if (this.timestamp) { - let timeQuality = '[timeQuality'; - if (this.timestampUTC) { - timeQuality += ' tzKnown=1'; - if (this.timestampMS) { - if (this.timestampTZ) { - timestamp = moment().utc().format('YYYY-MM-DDThh:mm:ss.SSSSSSZ'); - } else { - timestamp = moment().utc().format('YYYY-MM-DDThh:mm:ss.SSSSSS'); - } + msg = escapeCode + colorCode + msg + resetColor; + } + // RFC5424 timestamp formating + let timestamp = '-'; + if (this.timestamp) { + let timeQuality = '[timeQuality'; + if (this.timestampUTC) { + timeQuality += ' tzKnown=1'; + if (this.timestampMS) { + if (this.timestampTZ) { + timestamp = moment().utc().format('YYYY-MM-DDThh:mm:ss.SSSSSSZ'); } else { - if (this.timestampTZ) { - timestamp = moment().utc().format('YYYY-MM-DDThh:mm:ssZ'); - } else { - timestamp = moment().utc().format('YYYY-MM-DDThh:mm:ss'); - } + timestamp = moment().utc().format('YYYY-MM-DDThh:mm:ss.SSSSSS'); } } else { if (this.timestampTZ) { - timeQuality += ' tzKnown=1'; - if (this.timestampMS) { - timeQuality += ' isSynced=1'; - timeQuality += ' syncAccuracy=0'; - timestamp = moment().format('YYYY-MM-DDThh:mm:ss.SSSSSSZ'); - } else { - timestamp = moment().format('YYYY-MM-DDThh:mm:ssZ'); - } + timestamp = moment().utc().format('YYYY-MM-DDThh:mm:ssZ'); } else { - timeQuality += ' tzKnown=0'; - if (this.timestampMS) { - timeQuality += ' isSynced=1'; - timeQuality += ' syncAccuracy=0'; - timestamp = moment().format('YYYY-MM-DDThh:mm:ss.SSSSSS'); - } else { - timestamp = moment().format('YYYY-MM-DDThh:mm:ss'); - } + timestamp = moment().utc().format('YYYY-MM-DDThh:mm:ss'); } } - timeQuality += ']'; - msgStructuredData.push(timeQuality); - } - // Build Structured Data string - let structuredData = '-'; - const sdElementCount = msgStructuredData.length; - if (this.includeStructuredData && sdElementCount > 0) { - let sdElementNames = []; - let sdElements = []; - const sdElementNameRegEx = /(\[)(\S*)(\s|\])/; - // Loop to drop duplicates of the same SD Element name - for (let elementIndex = 0; - elementIndex < sdElementCount; - elementIndex++) { - let elementName = - msgStructuredData[elementIndex] - .match(sdElementNameRegEx)[2]; - if (!sdElementNames.includes(elementName)) { - sdElementNames.push(elementName); - sdElements.push(msgStructuredData[elementIndex]); - } - } - structuredData = sdElements.join(''); - } - // Build the message - fmtMsg = '<' + pri + '>'; - fmtMsg += '1'; // Version number - fmtMsg += ' ' + timestamp; - fmtMsg += ' ' + this.hostname; - fmtMsg += ' ' + this.applicationName; - fmtMsg += ' ' + pid; - fmtMsg += ' ' + id; - fmtMsg += ' ' + structuredData; - if (this.utf8BOM) { - fmtMsg += ' BOM' + msg; } else { - fmtMsg += ' ' + msg; + if (this.timestampTZ) { + timeQuality += ' tzKnown=1'; + if (this.timestampMS) { + timeQuality += ' isSynced=1'; + timeQuality += ' syncAccuracy=0'; + timestamp = moment().format('YYYY-MM-DDThh:mm:ss.SSSSSSZ'); + } else { + timestamp = moment().format('YYYY-MM-DDThh:mm:ssZ'); + } + } else { + timeQuality += ' tzKnown=0'; + if (this.timestampMS) { + timeQuality += ' isSynced=1'; + timeQuality += ' syncAccuracy=0'; + timestamp = moment().format('YYYY-MM-DDThh:mm:ss.SSSSSS'); + } else { + timestamp = moment().format('YYYY-MM-DDThh:mm:ss'); + } + } } - fmtMsg += newLine; - resolve(fmtMsg); - }); + timeQuality += ']'; + msgStructuredData.push(timeQuality); + } + // Build Structured Data string + let structuredData = '-'; + const sdElementCount = msgStructuredData.length; + if (this.includeStructuredData && sdElementCount > 0) { + let sdElementNames = []; + let sdElements = []; + const sdElementNameRegEx = /(\[)(\S*)(\s|\])/; + // Loop to drop duplicates of the same SD Element name + for (let elementIndex = 0; + elementIndex < sdElementCount; + elementIndex++) { + let elementName = + msgStructuredData[elementIndex] + .match(sdElementNameRegEx)[2]; + if (!sdElementNames.includes(elementName)) { + sdElementNames.push(elementName); + sdElements.push(msgStructuredData[elementIndex]); + } + } + structuredData = sdElements.join(''); + } + // Build the message + fmtMsg = '<' + pri + '>'; + fmtMsg += '1'; // Version number + fmtMsg += ' ' + timestamp; + fmtMsg += ' ' + this.hostname; + fmtMsg += ' ' + this.applicationName; + fmtMsg += ' ' + pid; + fmtMsg += ' ' + id; + fmtMsg += ' ' + structuredData; + if (this.utf8BOM) { + fmtMsg += ' BOM' + msg; + } else { + fmtMsg += ' ' + msg; + } + fmtMsg += newLine; + return fmtMsg; } /** * send a RFC5424 formatted message. Returns a promise with the formatted @@ -1505,25 +1233,12 @@ class RFC5424 { * @returns {Promise} A Syslog formatted string according to the selected RFC * @throws {Error} A standard error object */ - send(msg, options) { - return new Promise((resolve, reject) => { - if (!this.server) { - this.server = new Syslog(); - } - this.buildMessage(msg, options) - .then((result) => { - this.server.send(result) - .then((sendResult) => { - resolve(sendResult); - }) - .catch((error) => { - reject(error); - }); - }) - .catch((error) => { - reject(error); - }); - }); + async send(msg, options) { + if (!this.server) { + this.server = new Syslog(); + } + const result = this.buildMessage(msg, options); + return this.server.send(result); } /** * Send a syslog message with a severity level of 0 (Emergency) @@ -1710,8 +1425,6 @@ class RFC5424 { * be saved to file (Saving to file if not part of this module but a LEEF * formatted message produced by this module can be saved externally to it) or * sent via Syslog. - * Most APIs will return a promise. These APIs can be used using - * `then(...)/catch(...)` * * A Syslog class with a configured Syslog server target can also be used as * the input into the formatting classes so that it may run independently. The @@ -1819,28 +1532,26 @@ class LEEF { /** *Build a formatted message * @public - * @return {Promise} - string with formatted message + * @return {string} - string with formatted message */ buildMessage() { - return new Promise((resolve, reject) => { - let fmtMsg = 'LEEF:2.0'; - fmtMsg += '|' + this.vendor; - fmtMsg += '|' + this.product; - fmtMsg += '|' + this.version; - fmtMsg += '|' + this.eventId; - fmtMsg += '|'; + let fmtMsg = 'LEEF:2.0'; + fmtMsg += '|' + this.vendor; + fmtMsg += '|' + this.product; + fmtMsg += '|' + this.version; + fmtMsg += '|' + this.eventId; + fmtMsg += '|'; - // Build LEEF Attributes - const Tab = '\x09'; - const leefAttribs = Object.entries(this.attributes); - const leefAttribsLen = leefAttribs.length; - for (let attrib = 0; attrib < leefAttribsLen; attrib++) { - if (leefAttribs[attrib][1] !== null) { - fmtMsg += leefAttribs[attrib][0] + '=' + leefAttribs[attrib][1] + Tab; - } + // Build LEEF Attributes + const Tab = '\x09'; + const leefAttribs = Object.entries(this.attributes); + const leefAttribsLen = leefAttribs.length; + for (let attrib = 0; attrib < leefAttribsLen; attrib++) { + if (leefAttribs[attrib][1] !== null) { + fmtMsg += leefAttribs[attrib][0] + '=' + leefAttribs[attrib][1] + Tab; } - resolve(fmtMsg); - }); + } + return fmtMsg; } /** @@ -1849,22 +1560,12 @@ class LEEF { * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - send(options) { - return new Promise((resolve, reject) => { - this.buildMessage() - .then((result) => { - if (!this.server) { - this.server = new Syslog(options); - } - this.server.send(result) - .then((sendResult) => { - resolve(sendResult); - }) - .catch((reson) => { - reject(reson); - }); - }); - }); + async send(options) { + const result = this.buildMessage(); + if (!this.server) { + this.server = new Syslog(options); + } + return this.server.send(result); } } @@ -1874,8 +1575,6 @@ class LEEF { * be saved to file (Saving to file if not part of this module but a CEF * formatted message produced by this module can be saved externally to it) or * sent via Syslog. - * Most APIs will return a promise. These APIs can be used using - * `then(...)/catch(...)` * * A Syslog class with a configured Syslog server target can also be used as * the input into the formatting classes so that it may run independently. The @@ -2098,1255 +1797,1250 @@ class CEF { * @throws {Error} - First element to fail validation */ validate() { - return new Promise((resolve, reject) => { - const Extensions = { - deviceAction: { - key: 'act', - type: 'String', - len: 63, - discription: 'Action taken by the device.', - }, - applicationProtocol: { - key: 'app', - type: 'String', - len: 31, - discription: 'Application level protocol, example values are HTTP, ' + - 'HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.', - }, - deviceCustomIPv6Address1: { - key: 'c6a1', - type: 'String', - len: null, - discription: 'One of four IPv6 address fields available to map ' + - 'fields that do not apply to any other in this dictionary. ' + - 'TIP: See the guidelines under “User-Defined Extensions” for ' + - 'tips on using these fields.', - }, - 'deviceCustomIPv6 Address1Label': { - key: 'c6a1Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomIPv6Address3: { - key: 'c6a3', - type: 'String', - len: null, - discription: 'One of four IPv6 address fields available to map ' + - 'fields that do not apply to any other in this dictionary. ' + - 'TIP: See the guidelines under “User-Defined Extensions” for ' + - 'tips on using these fields.', - }, - 'deviceCustomIPv6Address3 Label': { - key: 'c6a3Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - 'deviceCustomIPv6 Address4': { - key: 'c6a4', - type: 'String', - len: null, - discription: 'One of four IPv6 address fields available to map ' + - 'fields that do not apply to any other in this dictionary. ' + - 'TIP: See the guidelines under “User-Defined Extensions” for ' + - 'tips on using these fields.', - }, - 'deviceCustomIPv6 Address4Label': { - key: 'C6a4Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceEventCategory: { - key: 'cat', - type: 'String', - len: 1023, - discription: 'Represents the category assigned by the originating ' + - 'device. Devices often use their own categorization schema to ' + - 'classify event. Example: “/Monitor/Disk/Read”', - }, - deviceCustomFloatingPoint1: { - key: 'cfp1', - type: 'Number', - len: null, - discription: 'One of four floating point fields available to map ' + - 'fields that do not apply to any other in this dictionary.', - }, - 'deviceCustom FloatingPoint1Label': { - key: 'cfp1Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomFloatingPoint2: { - key: 'cfp2', - type: 'Number', - len: null, - discription: 'One of four floating point fields available to map ' + - 'fields that do not apply to any other in this dictionary.', - }, - 'deviceCustomFloatingPoint2 Label': { - key: 'cfp2Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomFloatingPoint3: { - key: 'cfp3', - type: 'Number', - len: null, - discription: 'One of four floating point fields available to map ' + - 'fields that do not apply to any other in this dictionary.', - }, - 'deviceCustom FloatingPoint3Label': { - key: 'cfp3Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomFloatingPoint4: { - key: 'cfp4', - type: 'Number', - len: null, - discription: 'One of four floating point fields available to map ' + - 'fields that do not apply to any other in this dictionary.', - }, - 'deviceCustom FloatingPoint4Label': { - key: 'cfp4Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomNumber1: { - key: 'cn1', - type: 'Number', - len: null, - discription: 'One of three number fields available to map fields ' + - 'that do not apply to any other in this dictionary. Use ' + - 'sparingly and seek a more specific dictionary supplied field ' + - 'when possible.', - }, - deviceCustomNumber1Label: { - key: 'cn1Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - DeviceCustomNumber2: { - key: 'cn2', - type: 'Number', - len: null, - discription: 'One of three number fields available to map fields ' + - 'that do not apply to any other in this dictionary. Use ' + - 'sparingly and seek a more specific, dictionary supplied field ' + - 'when possible.', - }, - deviceCustomNumber2Label: { - key: 'cn2Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomNumber3: { - key: 'cn3', - type: 'Number', - len: null, - discription: 'One of three number fields available to map fields ' + - 'that do not apply to any other in this dictionary. Use ' + - 'sparingly and seek a more specific, dictionary supplied field ' + - 'when possible.', - }, - deviceCustomNumber3Label: { - key: 'cn3Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - baseEventCount: { - key: 'cnt', - type: 'Number', - len: null, - discription: 'A count associated with this event. How many times ' + - 'was this same event observed? Count can be omitted if it is 1.', - }, - deviceCustomString1: { - key: 'cs1', - type: 'String', - len: 4000, - discription: 'One of six strings available to map fields that do ' + - 'not apply to any other in this dictionary. Use sparingly and ' + - 'seek a more specific, dictionary supplied field when ' + - 'possible. TIP: See the guidelines under “User-Defined ' + - 'Extensions” for tips on using these fields.', - }, - deviceCustomString1Label: { - key: 'cs1Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomString2: { - key: 'cs2', - type: 'String', - len: 4000, - discription: 'One of six strings available to map fields that do ' + - 'not apply to any other in this dictionary. Use sparingly and ' + - 'seek a more specific, dictionary supplied field when ' + - 'possible. TIP: See the guidelines under “User-Defined ' + - 'Extensions” for tips on using these fields.', - }, - deviceCustomString2Label: { - key: 'cs2Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomString3: { - key: 'cs3', - type: 'String', - len: 4000, - discription: 'One of six strings available to map fields that do ' + - 'not apply to any other in this dictionary. Use sparingly and ' + - 'seek a more specific, dictionary supplied field when ' + - 'possible. TIP: See the guidelines under “User-Defined ' + - 'Extensions” for tips on using these fields.', - }, - deviceCustomString3Label: { - key: 'cs3Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomString4: { - key: 'cs4', - type: 'String', - len: 4000, - discription: 'One of six strings available to map fields that do ' + - 'not apply to any other in this dictionary. Use sparingly and ' + - 'seek a more specific, dictionary supplied field when ' + - 'possible. TIP: See the guidelines under “User-Defined ' + - 'Extensions” for tips on using these fields.', - }, - deviceCustomString4Label: { - key: 'cs4Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomString5: { - key: 'cs5', - type: 'String', - len: 4000, - discription: 'One of six strings available to map fields that do ' + - 'not apply to any other in this dictionary. Use sparingly and ' + - 'seek a more specific, dictionary supplied field when ' + - 'possible. TIP: See the guidelines under “User-Defined ' + - 'Extensions” for tips on using these fields.', - }, - deviceCustomString5Label: { - key: 'cs5Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomString6: { - key: 'cs6', - type: 'String', - len: 4000, - discription: 'One of six strings available to map fields that do ' + - 'not apply to any other in this dictionary. Use sparingly and ' + - 'seek a more specific, dictionary supplied field when ' + - 'possible. TIP: See the guidelines under “User-Defined ' + - 'Extensions” for tips on using these fields.', - }, - deviceCustomString6Label: { - key: 'cs6Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - destinationDnsDomain: { - key: 'destination DnsDomain', - type: 'String', - len: 255, - discription: 'The DNS domain part of the complete fully qualified ' + - 'domain name (FQDN).', - }, - destinationServiceName: { - key: 'destination ServiceName', - type: 'String', - len: 1023, - discription: 'The service targeted by this event. Example: “sshd”', - }, - 'destinationTranslated Address': { - key: 'Destination Translated Address', - type: 'String', - len: null, - discription: 'Identifies the translated destination that the event ' + - 'refers to in an IP network. The format is an IPv4 address. ' + - 'Example: “192.168.10.1”', - }, - destinationTranslatedPort: { - key: 'Destination TranslatedPort', - type: 'Number', - len: null, - discription: 'Port after it was translated; for example, a ' + - 'firewall. Valid port numbers are 0 to 65535.', - }, - deviceCustomDate1: { - key: 'deviceCustom Date1', - type: 'String', - len: null, - discription: 'One of two timestamp fields available to map fields ' + - 'that do not apply to any other in this dictionary. Use ' + - 'sparingly and seek a more specific, dictionary supplied field ' + - 'when possible. TIP: See the guidelines under “User-Defined ' + - 'Extensions” for tips on using these fields.', - }, - deviceCustomDate1Label: { - key: 'deviceCustom Date1Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceCustomDate2: { - key: 'deviceCustom Date2', - type: 'String', - len: null, - discription: 'One of two timestamp fields available to map fields ' + - 'that do not apply to any other in this dictionary. Use ' + - 'sparingly and seek a more specific, dictionary supplied field ' + - 'when possible. TIP: See the guidelines under “User-Defined ' + - 'Extensions” for tips on using these fields.', - }, - deviceCustomDate2Label: { - key: 'deviceCustom Date2Label', - type: 'String', - len: 1023, - discription: 'All custom fields have a corresponding label field. ' + - 'Each of these fields is a string and describes the purpose of ' + - 'the custom field.', - }, - deviceDirection: { - key: 'deviceDirection', - type: 'Number', - len: null, - discription: 'Any information about what direction the observed ' + - 'communication has taken. The following values are supported: ' + - '“0” for inbound or “1” for outbound', - }, - deviceDnsDomain: { - key: 'deviceDns Domain', - type: 'String', - len: 255, - discription: 'The DNS domain part of the complete fully qualified ' + - 'domain name (FQDN).', - }, - deviceExternalId: { - key: 'device ExternalId', - type: 'String', - len: 255, - discription: 'A name that uniquely identifies the device ' + - 'generating this event.', - }, - deviceFacility: { - key: 'deviceFacility', - type: 'String', - len: 1023, - discription: 'The facility generating this event. For example, ' + - 'Syslog has an explicit facility associated with every event.', - }, - deviceInboundInterface: { - key: 'deviceInbound Interface', - type: 'String', - len: 128, - discription: 'Interface on which the packet or data entered the ' + - 'device.', - }, - deviceNtDomain: { - key: 'deviceNt Domain', - type: 'String', - len: 255, - discription: 'The Windows domain name of the device address.', - }, - deviceOutboundInterface: { - key: 'Device Outbound Interface', - type: 'String', - len: 128, - discription: 'Interface on which the packet or data left the ' + - 'device.', - }, - devicePayloadId: { - key: 'Device PayloadId', - type: 'String', - len: 128, - discription: 'Unique identifier for the payload associated with ' + - 'the event.', - }, - deviceProcessName: { - key: 'deviceProcess Name', - type: 'String', - len: 1023, - discription: 'Process name associated with the event. An example ' + - 'might be the process generating the syslog entry in UNIX.', - }, - deviceTranslatedAddress: { - key: 'device Translated Address', - type: 'String', - len: null, - discription: 'Identifies the translated device address that the ' + - 'event refers to in an IP network. The format is an IPv4 ' + - 'address. Example: “192.168.10.1”', - }, - destinationHostName: { - key: 'dhost', - type: 'String', - len: 1023, - discription: 'Identifies the destination that an event refers to ' + - 'in an IP network. The format should be a fully qualified ' + - 'domain name (FQDN) associated with the destination node, when ' + - 'a node is available. Examples: “host.domain.com” or “host”.', - }, - destinationMacAddress: { - key: 'dmac', - type: 'String', - len: null, - discription: 'Six colon-seperated hexadecimal numbers. Example: ' + - '“00:0D:60:AF:1B:61”', - }, - destinationNtDomain: { - key: 'dntdom', - type: 'String', - len: 255, - discription: 'The Windows domain name of the destination address.', - }, - destinationProcessId: { - key: 'dpid', - type: 'Number', - len: null, - discription: 'Provides the ID of the destination process ' + - 'associated with the event. For example, if an event contains ' + - 'process ID 105, 105” is the process ID.', - }, - destinationUserPrivileges: { - key: 'dpriv', - type: 'String', - len: 1023, - discription: 'The typical values are “Administrator”, “User”, and ' + - '“Guest”. This identifies the destination user’s privileges. ' + - 'In UNIX, for example, activity executed on the root user ' + - 'would be identified with destinationUser Privileges of ' + - '“Administrator”.', - }, - destinationProcessName: { - key: 'dproc', - type: 'String', - len: 1023, - discription: 'The name of the event’s destination process. ' + - 'Example: “telnetd” or “sshd”.', - }, - destinationPort: { - key: 'dpt', - type: 'Number', - len: null, - discription: 'The valid port numbers are between 0 and 65535.', - }, - destinationAddress: { - key: 'dst', - type: 'String', - len: null, - discription: 'Identifies the destination address that the event ' + - 'refers to in an IP network. The format is an IPv4 address. ' + - 'Example: “192.168.10.1”', - }, - deviceTimeZone: { - key: 'dtz', - type: 'String', - len: 255, - discription: 'The timezone for the device generating the event.', - }, - destinationUserId: { - key: 'duid', - type: 'String', - len: 1023, - discription: 'Identifies the destination user by ID. For example, ' + - 'in UNIX, the root user is generally associated with user ' + - 'ID 0.', - }, - destinationUserName: { - key: 'duser', - type: 'String', - len: 1023, - discription: 'Identifies the destination user by name. This is the ' + - 'user associated with the event’s destination. Email addresses ' + - 'are often mapped into the UserName fields. The recipient is a ' + - 'candidate to put into this field.', - }, - deviceAddress: { - key: 'dvc', - type: 'String', - len: null, - discription: 'Identifies the device address that an event refers ' + - 'to in an IP network. The format is an IPv4 address. Example: ' + - '“192.168.10.1”.', - }, - deviceHostName: { - key: 'dvchost', - type: 'String', - len: 100, - discription: 'The format should be a fully qualified domain name ' + - '(FQDN) associated with the device node, when a node is ' + - 'available. Example: “host.domain.com” or “host”.', - }, - deviceMacAddress: { - key: 'dvcmac', - type: 'String', - len: null, - discription: 'Six colon-separated hexadecimal numbers. Example: ' + - '“00:0D:60:AF:1B:61”', - }, - deviceProcessId: { - key: 'dvcpid', - type: 'Number', - len: null, - discription: 'Provides the ID of the process on the device ' + - 'generating the event.', - }, - endTime: { - key: 'end', - type: 'String', - len: null, - discription: 'The time at which the activity related to the event ' + - 'ended. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + - 'since epoch (Jan 1st1970). An example would be reporting the ' + - 'end of a session.', - }, - externalId: { - key: 'externalId', - type: 'String', - len: 40, - discription: 'The ID used by an originating device. They are ' + - 'usually increasing numbers, associated with events.', - }, - fileCreateTime: { - key: 'fileCreateTime', - type: 'String', - len: null, - discription: 'Time when the file was created.', - }, - fileHash: { - key: 'fileHash', - type: 'String', - len: 255, - discription: 'Hash of a file.', - }, - fileId: { - key: 'fileId', - type: 'String', - len: 1023, - discription: 'An ID associated with a file could be the inode.', - }, - fileModificationTime: { - key: 'fileModification Time', - type: 'String', - len: null, - discription: 'Time when the file was last modified.', - }, - filePath: { - key: 'filePath', - type: 'String', - len: 1023, - discription: 'Full path to the file, including file name itself. ' + - 'Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe ' + - 'or /usr/bin/zip', - }, - filePermission: { - key: 'filePermission', - type: 'String', - len: 1023, - discription: 'Permissions of the file.', - }, - fileType: { - key: 'fileType', - type: 'String', - len: 1023, - discription: 'Type of file (pipe, socket, etc.)', - }, - flexDate1: { - key: 'flexDate1', - type: 'String', - len: null, - discription: 'A timestamp field available to map a timestamp that ' + - 'does not apply to any other defined timestamp field in this ' + - 'dictionary. Use all flex fields sparingly and seek a more ' + - 'specific, dictionary supplied field when possible. These ' + - 'fields are typically reserved for customer use and should not ' + - 'be set by vendors unless necessary.', - }, - flexDate1Label: { - key: 'flexDate1Label', - type: 'String', - len: 128, - discription: 'The label field is a string and describes the ' + - 'purpose of the flex field.', - }, - flexString1: { - key: 'flexString1', - type: 'String', - len: 1023, - discription: 'One of four floating point fields available to map ' + - 'fields that do not apply to any other in this dictionary. Use ' + - 'sparingly and seek a more specific, dictionary supplied field ' + - 'when possible. These fields are typically reserved for ' + - 'customer use and should not be set by vendors unless ' + - 'necessary.', - }, - flexString1Label: { - key: 'flexString1 Label', - type: 'String', - len: 128, - discription: 'The label field is a string and describes the ' + - 'purpose of the flex field.', - }, - flexString2: { - key: 'flexString2', - type: 'String', - len: 1023, - discription: 'One of four floating point fields available to map ' + - 'fields that do not apply to any other in this dictionary. Use ' + - 'sparingly and seek a more specific, dictionary supplied field ' + - 'when possible. These fields are typically reserved for ' + - 'customer use and should not be set by vendors unless ' + - 'necessary.', - }, - flexString2Label: { - key: 'flex String2Label', - type: 'String', - len: 128, - discription: 'The label field is a string and describes the ' + - 'purpose of the flex field.', - }, - filename: { - key: 'fname', - type: 'String', - len: 1023, - discription: 'Name of the file only (without its path).', - }, - fileSize: { - key: 'fsize', - type: 'Number', - len: null, - discription: 'Size of the file.', - }, - bytesIn: { - key: 'in', - type: 'Number', - len: null, - discription: 'Number of bytes transferred inbound, relative to the ' + - 'source to destination relationship, meaning that data was ' + - 'flowing from source to destination.', - }, - message: { - key: 'msg', - type: 'String', - len: 1023, - discription: 'An arbitrary message giving more details about the ' + - 'event. Multi-line entries can be produced by using \n as the ' + - 'new line separator.', - }, - oldFileCreateTime: { - key: 'oldFileCreate Time', - type: 'String', - len: null, - discription: 'Time when old file was created.', - }, - oldFileHash: { - key: 'oldFileHash', - type: 'String', - len: 255, - discription: 'Hash of the old file.', - }, - oldFileId: { - key: 'oldFileId', - type: 'String', - len: 1023, - discription: 'An ID associated with the old file could be the ' + - 'inode.', - }, - oldFileModificationTime: { - key: 'oldFile Modification Time', - type: 'String', - len: null, - discription: 'Time when old file was last modified.', - }, - oldFileName: { - key: 'oldFileName', - type: 'String', - len: 1023, - discription: 'Name of the old file.', - }, - oldFilePath: { - key: 'oldFilePath', - type: 'String', - len: 1023, - discription: 'Full path to the old fiWindowsNT\\Accessories le, ' + - 'including the file name itself. Examples: c:\\Program ' + - 'Files\\wordpad.exe or /usr/bin/zip', - }, - oldFileSize: { - key: 'oldFileSize', - type: 'Number', - len: null, - discription: 'Size of the old file.', - }, - oldFileType: { - key: 'oldFileType', - type: 'String', - len: 1023, - discription: 'Type of the old file (pipe, socket, etc.)', - }, - bytesOut: { - key: 'out', - type: 'Number', - len: null, - discription: 'Number of bytes transferred outbound relative to the ' + - 'source to destination relationship. For example, the byte ' + - 'number of data flowing from the destination to the source.', - }, - eventOutcome: { - key: 'outcome', - type: 'String', - len: 63, - discription: 'Displays the outcome, usually as ‘success’ or ' + - '‘failure’.', - }, - transportProtocol: { - key: 'proto', - type: 'String', - len: 31, - discription: 'Identifies the Layer-4 protocol used. The possible ' + - 'values are protocols such as TCP or UDP.', - }, - Reason: { - key: 'reason', - type: 'String', - len: 1023, - discription: 'The reason an audit event was generated. For ' + - 'example “badd password” or “unknown user”. This could also be ' + - 'an error or return code. Example: “0x1234”', - }, - requestUrl: { - key: 'request', - type: 'String', - len: 1023, - discription: 'In the case of an HTTP request, this field contains ' + - 'the URL accessed. The URL should contain the protocol as ' + - 'well. Example: “http://www/secure.com”', - }, - requestClientApplication: { - key: 'requestClient Application', - type: 'String', - len: 1023, - discription: 'The User-Agent associated with the request.', - }, - requestContext: { - key: 'requestContext', - type: 'String', - len: 2048, - discription: 'Description of the content from which the request ' + - 'originated (for example, HTTP Referrer)', - }, - requestCookies: { - key: 'requestCookies', - type: 'String', - len: 1023, - discription: 'Cookies associated with the request.', - }, - requestMethod: { - key: 'requestMethod', - type: 'String', - len: 1023, - discription: 'The method used to access a URL. Possible values: ' + - '“POST”, “GET”, etc.', - }, - deviceReceiptTime: { - key: 'rt', - type: 'String', - len: null, - discription: 'The time at which the event related to the activity ' + - 'was received. The format is MMM dd yyyy HH:mm:ss or ' + - 'milliseconds since epoch (Jan 1st 1970)', - }, - sourceHostName: { - key: 'shost', - type: 'String', - len: 1023, - discription: 'Identifies the source that an event refers to in an ' + - 'IP network. The format should be a fully qualified domain ' + - 'name (DQDN) associated with the source node, when a mode is ' + - 'available. Examples: “host” or “host.domain.com”.', - }, - sourceMacAddress: { - key: 'smac', - type: 'String', - len: null, - discription: 'Six colon-separated hexadecimal numbers. Example: ' + - '“00:0D:60:AF:1B:61”', - }, - sourceNtDomain: { - key: 'sntdom', - type: 'String', - len: 255, - discription: 'The Windows domain name for the source address.', - }, - sourceDnsDomain: { - key: 'sourceDns Domain', - type: 'String', - len: 255, - discription: 'The DNS domain part of the complete fully qualified ' + - 'domain name (FQDN).', - }, - sourceServiceName: { - key: 'source ServiceName', - type: 'String', - len: 1023, - discription: 'The service that is responsible for generating this ' + - 'event.', - }, - sourceTranslatedAddress: { - key: 'source Translated Address', - type: 'String', - len: null, - discription: 'Identifies the translated source that the event ' + - 'refers to in an IP network. The format is an IPv4 address. ' + - 'Example: “192.168.10.1”.', - }, - sourceTranslatedPort: { - key: 'source TranslatedPort', - type: 'Number', - len: null, - discription: 'A port number after being translated by, for ' + - 'example, a firewall. Valid port numbers are 0 to 65535.', - }, - sourceProcessId: { - key: 'spid', - type: 'Number', - len: null, - discription: 'The ID of the source process associated with the ' + - 'event.', - }, - sourceUserPrivileges: { - key: 'spriv', - type: 'String', - len: 1023, - discription: 'The typical values are “Administrator”, “User”, and ' + - '“Guest”. It identifies the source user’s privileges. In UNIX, ' + - 'for example, activity executed by the root user would be ' + - 'identified with “Administrator”.', - }, - sourceProcessName: { - key: 'sproc', - type: 'String', - len: 1023, - discription: 'The name of the event’s source process.', - }, - sourcePort: { - key: 'spt', - type: 'Number', - len: null, - discription: 'The valid port numbers are 0 to 65535.', - }, - sourceAddress: { - key: 'src', - type: 'String', - len: null, - discription: 'Identifies the source that an event refers to in an ' + - 'IP network. The format is an IPv4 address. Example: ' + - '“192.168.10.1”.', - }, - startTime: { - key: 'start', - type: 'String', - len: null, - discription: 'The time when the activity the event referred to ' + - 'started. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + - 'since epoch (Jan 1st 1970)', - }, - sourceUserId: { - key: 'suid', - type: 'String', - len: 1023, - discription: 'Identifies the source user by ID. This is the user ' + - 'associated with the source of the event. For example, in ' + - 'UNIX, the root user is generally associated with user ID 0.', - }, - sourceUserName: { - key: 'suser', - type: 'String', - len: 1023, - discription: 'Identifies the source user by name. Email addresses ' + - 'are also mapped into the UserName fields. The sender is a ' + - 'candidate to put into this field.', - }, - type: { - key: 'type', - type: 'Number', - len: null, - discription: '0 means base event, 1 means aggregated, 2 means ' + - 'correlation, and 3 means action. This field can be omitted ' + - 'for base events (type 0).', - }, - agentDnsDomain: { - key: 'agentDns Domain', - type: 'String', - len: 255, - discription: 'The DNS domain name of the ArcSight connector that ' + - 'processed the event.', - }, - agentNtDomain: { - key: 'agentNtDomain', - type: 'String', - len: 255, - discription: '', - }, - agentTranslatedAddress: { - key: 'agentTranslated Address', - type: 'String', - len: null, - discription: '', - }, - 'agentTranslatedZone ExternalID': { - key: 'agentTranslated ZoneExternalID', - type: 'String', - len: 200, - discription: '', - }, - agentTranslatedZoneURI: { - key: 'agentTranslated Zone URI', - type: 'String', - len: 2048, - discription: '', - }, - agentZoneExternalID: { - key: 'agentZone ExternalID', - type: 'String', - len: 200, - discription: '', - }, - agentZoneURI: { - key: 'agentZoneURI', - type: 'String', - len: 2048, - discription: '', - }, - agentAddress: { - key: 'agt', - type: 'String', - len: null, - discription: 'The IP address of the ArcSight connector that ' + - 'processed the event.', - }, - agentHostName: { - key: 'ahost', - type: 'String', - len: 1023, - discription: 'The hostname of the ArcSight connector that ' + - 'processed the event.', - }, - agentId: { - key: 'aid', - type: 'String', - len: 40, - discription: 'The agent ID of the ArcSight connector that ' + - 'processed the event.', - }, - agentMacAddress: { - key: 'amac', - type: 'String', - len: null, - discription: 'The MAC address of the ArcSight connector that ' + - 'processed the event.', - }, - agentReceiptTime: { - key: 'art', - type: 'String', - len: null, - discription: 'The time at which information about the event was ' + - 'received by the ArcSight connector.', - }, - agentType: { - key: 'at', - type: 'String', - len: 63, - discription: 'The agent type of the ArcSight connector that ' + - 'processed the event', - }, - agentTimeZone: { - key: 'atz', - type: 'String', - len: 255, - discription: 'The agent time zone of the ArcSight connector that ' + - 'processed the event.', - }, - agentVersion: { - key: 'av', - type: 'String', - len: 31, - discription: 'The version of the ArcSight connector that processed ' + - 'the event.', - }, - customerExternalID: { - key: 'customer ExternalID', - type: 'String', - len: 200, - discription: '', - }, - customerURI: { - key: 'customerURI', - type: 'String', - len: 2048, - discription: '', - }, - 'destinationTranslated ZoneExternalID': { - key: 'destination TranslatedZone ExternalID', - type: 'String', - len: 200, - discription: '', - }, - 'destinationTranslated ZoneURI': { - key: 'destination Translated ZoneURI', - type: 'String', - len: 2048, - discription: 'The URI for the Translated Zone that the destination ' + - 'asset has been assigned to in ArcSight.', - }, - destinationZoneExternalID: { - key: 'destinationZone ExternalID', - type: 'String', - len: 200, - discription: '', - }, - destinationZoneURI: { - key: 'destinationZone URI', - type: 'String', - len: 2048, - discription: 'The URI for the Zone that the destination asset has ' + - 'been assigned to in ArcSight.', - }, - 'deviceTranslatedZone ExternalID': { - key: 'device TranslatedZone ExternalID', - type: 'String', - len: 200, - discription: '', - }, - deviceTranslatedZoneURI: { - key: 'device TranslatedZone URI', - type: 'String', - len: 2048, - discription: 'The URI for the Translated Zone that the device ' + - 'asset has been assigned to in ArcSight.', - }, - deviceZoneExternalID: { - key: 'deviceZone ExternalID', - type: 'String', - len: 200, - discription: '', - }, - deviceZoneURI: { - key: 'deviceZoneURI', - type: 'String', - len: 2048, - discription: 'Thee URI for the Zone that the device asset has been ' + - 'assigned to in ArcSight.', - }, - destinationGeoLatitude: { - key: 'dlat', - type: 'Number', - len: null, - discription: 'The latitudinal value from which the ' + - 'destination’s IP address belongs.', - }, - destinationGeoLongitude: { - key: 'dlong', - type: 'Number', - len: null, - discription: 'The longitudinal value from which the destination’s ' + - 'IP address belongs.', - }, - eventId: { - key: 'eventId', - type: 'Number', - len: null, - discription: 'This is a unique ID that ArcSight assigns to each ' + - 'event.', - }, - rawEvent: { - key: 'rawEvent', - type: 'String', - len: 4000, - discription: '', - }, - sourceGeoLatitude: { - key: 'slat', - type: 'Number', - len: null, - discription: '', - }, - sourceGeoLongitude: { - key: 'slong', - type: 'Number', - len: null, - discription: '', - }, - 'sourceTranslatedZone ExternalID': { - key: 'source TranslatedZone ExternalID', - type: 'String', - len: 200, - discription: '', - }, - sourceTranslatedZoneURI: { - key: 'source TranslatedZone URI', - type: 'String', - len: 2048, - discription: 'The URI for the Translated Zone that the destination ' + - 'asset has been assigned to in ArcSight.', - }, - sourceZoneExternalID: { - key: 'sourceZone ExternalID', - type: 'String', - len: 200, - discription: '', - }, - sourceZoneURI: { - key: 'sourceZoneURI', - type: 'String', - len: 2048, - discription: 'The URI for the Zone that the source asset has been ' + - 'assigned to in ArcSight.' }, - }; - if (typeof this.deviceVendor !== 'string' - || typeof this.deviceProduct !== 'string' - || typeof this.deviceVersion !== 'string' - ) { - reject(new Error('TYPE ERROR: CEF Device Info must be a string')); - } - if (this.severity - && ( - ( - typeof this.severity === 'string' - && ( - this.severity !== 'Unknown' - && this.severity !== 'Low' - && this.severity !== 'Medium' - && this.severity !== 'High' - && this.severity !== 'Very-High' - ) - ) - || ( - typeof this.severity === 'number' - && ( - this.severity < 0 - || this.severity > 10 - ) + const Extensions = { + deviceAction: { + key: 'act', + type: 'String', + len: 63, + discription: 'Action taken by the device.', + }, + applicationProtocol: { + key: 'app', + type: 'String', + len: 31, + discription: 'Application level protocol, example values are HTTP, ' + + 'HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.', + }, + deviceCustomIPv6Address1: { + key: 'c6a1', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6 Address1Label': { + key: 'c6a1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomIPv6Address3: { + key: 'c6a3', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6Address3 Label': { + key: 'c6a3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + 'deviceCustomIPv6 Address4': { + key: 'c6a4', + type: 'String', + len: null, + discription: 'One of four IPv6 address fields available to map ' + + 'fields that do not apply to any other in this dictionary. ' + + 'TIP: See the guidelines under “User-Defined Extensions” for ' + + 'tips on using these fields.', + }, + 'deviceCustomIPv6 Address4Label': { + key: 'C6a4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceEventCategory: { + key: 'cat', + type: 'String', + len: 1023, + discription: 'Represents the category assigned by the originating ' + + 'device. Devices often use their own categorization schema to ' + + 'classify event. Example: “/Monitor/Disk/Read”', + }, + deviceCustomFloatingPoint1: { + key: 'cfp1', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint1Label': { + key: 'cfp1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint2: { + key: 'cfp2', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustomFloatingPoint2 Label': { + key: 'cfp2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint3: { + key: 'cfp3', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint3Label': { + key: 'cfp3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomFloatingPoint4: { + key: 'cfp4', + type: 'Number', + len: null, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary.', + }, + 'deviceCustom FloatingPoint4Label': { + key: 'cfp4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomNumber1: { + key: 'cn1', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber1Label: { + key: 'cn1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + DeviceCustomNumber2: { + key: 'cn2', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber2Label: { + key: 'cn2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomNumber3: { + key: 'cn3', + type: 'Number', + len: null, + discription: 'One of three number fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible.', + }, + deviceCustomNumber3Label: { + key: 'cn3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + baseEventCount: { + key: 'cnt', + type: 'Number', + len: null, + discription: 'A count associated with this event. How many times ' + + 'was this same event observed? Count can be omitted if it is 1.', + }, + deviceCustomString1: { + key: 'cs1', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString1Label: { + key: 'cs1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString2: { + key: 'cs2', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString2Label: { + key: 'cs2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString3: { + key: 'cs3', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString3Label: { + key: 'cs3Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString4: { + key: 'cs4', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString4Label: { + key: 'cs4Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString5: { + key: 'cs5', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString5Label: { + key: 'cs5Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomString6: { + key: 'cs6', + type: 'String', + len: 4000, + discription: 'One of six strings available to map fields that do ' + + 'not apply to any other in this dictionary. Use sparingly and ' + + 'seek a more specific, dictionary supplied field when ' + + 'possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomString6Label: { + key: 'cs6Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + destinationDnsDomain: { + key: 'destination DnsDomain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + destinationServiceName: { + key: 'destination ServiceName', + type: 'String', + len: 1023, + discription: 'The service targeted by this event. Example: “sshd”', + }, + 'destinationTranslated Address': { + key: 'Destination Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated destination that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”', + }, + destinationTranslatedPort: { + key: 'Destination TranslatedPort', + type: 'Number', + len: null, + discription: 'Port after it was translated; for example, a ' + + 'firewall. Valid port numbers are 0 to 65535.', + }, + deviceCustomDate1: { + key: 'deviceCustom Date1', + type: 'String', + len: null, + discription: 'One of two timestamp fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomDate1Label: { + key: 'deviceCustom Date1Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceCustomDate2: { + key: 'deviceCustom Date2', + type: 'String', + len: null, + discription: 'One of two timestamp fields available to map fields ' + + 'that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. TIP: See the guidelines under “User-Defined ' + + 'Extensions” for tips on using these fields.', + }, + deviceCustomDate2Label: { + key: 'deviceCustom Date2Label', + type: 'String', + len: 1023, + discription: 'All custom fields have a corresponding label field. ' + + 'Each of these fields is a string and describes the purpose of ' + + 'the custom field.', + }, + deviceDirection: { + key: 'deviceDirection', + type: 'Number', + len: null, + discription: 'Any information about what direction the observed ' + + 'communication has taken. The following values are supported: ' + + '“0” for inbound or “1” for outbound', + }, + deviceDnsDomain: { + key: 'deviceDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + deviceExternalId: { + key: 'device ExternalId', + type: 'String', + len: 255, + discription: 'A name that uniquely identifies the device ' + + 'generating this event.', + }, + deviceFacility: { + key: 'deviceFacility', + type: 'String', + len: 1023, + discription: 'The facility generating this event. For example, ' + + 'Syslog has an explicit facility associated with every event.', + }, + deviceInboundInterface: { + key: 'deviceInbound Interface', + type: 'String', + len: 128, + discription: 'Interface on which the packet or data entered the ' + + 'device.', + }, + deviceNtDomain: { + key: 'deviceNt Domain', + type: 'String', + len: 255, + discription: 'The Windows domain name of the device address.', + }, + deviceOutboundInterface: { + key: 'Device Outbound Interface', + type: 'String', + len: 128, + discription: 'Interface on which the packet or data left the ' + + 'device.', + }, + devicePayloadId: { + key: 'Device PayloadId', + type: 'String', + len: 128, + discription: 'Unique identifier for the payload associated with ' + + 'the event.', + }, + deviceProcessName: { + key: 'deviceProcess Name', + type: 'String', + len: 1023, + discription: 'Process name associated with the event. An example ' + + 'might be the process generating the syslog entry in UNIX.', + }, + deviceTranslatedAddress: { + key: 'device Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated device address that the ' + + 'event refers to in an IP network. The format is an IPv4 ' + + 'address. Example: “192.168.10.1”', + }, + destinationHostName: { + key: 'dhost', + type: 'String', + len: 1023, + discription: 'Identifies the destination that an event refers to ' + + 'in an IP network. The format should be a fully qualified ' + + 'domain name (FQDN) associated with the destination node, when ' + + 'a node is available. Examples: “host.domain.com” or “host”.', + }, + destinationMacAddress: { + key: 'dmac', + type: 'String', + len: null, + discription: 'Six colon-seperated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + destinationNtDomain: { + key: 'dntdom', + type: 'String', + len: 255, + discription: 'The Windows domain name of the destination address.', + }, + destinationProcessId: { + key: 'dpid', + type: 'Number', + len: null, + discription: 'Provides the ID of the destination process ' + + 'associated with the event. For example, if an event contains ' + + 'process ID 105, 105” is the process ID.', + }, + destinationUserPrivileges: { + key: 'dpriv', + type: 'String', + len: 1023, + discription: 'The typical values are “Administrator”, “User”, and ' + + '“Guest”. This identifies the destination user’s privileges. ' + + 'In UNIX, for example, activity executed on the root user ' + + 'would be identified with destinationUser Privileges of ' + + '“Administrator”.', + }, + destinationProcessName: { + key: 'dproc', + type: 'String', + len: 1023, + discription: 'The name of the event’s destination process. ' + + 'Example: “telnetd” or “sshd”.', + }, + destinationPort: { + key: 'dpt', + type: 'Number', + len: null, + discription: 'The valid port numbers are between 0 and 65535.', + }, + destinationAddress: { + key: 'dst', + type: 'String', + len: null, + discription: 'Identifies the destination address that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”', + }, + deviceTimeZone: { + key: 'dtz', + type: 'String', + len: 255, + discription: 'The timezone for the device generating the event.', + }, + destinationUserId: { + key: 'duid', + type: 'String', + len: 1023, + discription: 'Identifies the destination user by ID. For example, ' + + 'in UNIX, the root user is generally associated with user ' + + 'ID 0.', + }, + destinationUserName: { + key: 'duser', + type: 'String', + len: 1023, + discription: 'Identifies the destination user by name. This is the ' + + 'user associated with the event’s destination. Email addresses ' + + 'are often mapped into the UserName fields. The recipient is a ' + + 'candidate to put into this field.', + }, + deviceAddress: { + key: 'dvc', + type: 'String', + len: null, + discription: 'Identifies the device address that an event refers ' + + 'to in an IP network. The format is an IPv4 address. Example: ' + + '“192.168.10.1”.', + }, + deviceHostName: { + key: 'dvchost', + type: 'String', + len: 100, + discription: 'The format should be a fully qualified domain name ' + + '(FQDN) associated with the device node, when a node is ' + + 'available. Example: “host.domain.com” or “host”.', + }, + deviceMacAddress: { + key: 'dvcmac', + type: 'String', + len: null, + discription: 'Six colon-separated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + deviceProcessId: { + key: 'dvcpid', + type: 'Number', + len: null, + discription: 'Provides the ID of the process on the device ' + + 'generating the event.', + }, + endTime: { + key: 'end', + type: 'String', + len: null, + discription: 'The time at which the activity related to the event ' + + 'ended. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + + 'since epoch (Jan 1st1970). An example would be reporting the ' + + 'end of a session.', + }, + externalId: { + key: 'externalId', + type: 'String', + len: 40, + discription: 'The ID used by an originating device. They are ' + + 'usually increasing numbers, associated with events.', + }, + fileCreateTime: { + key: 'fileCreateTime', + type: 'String', + len: null, + discription: 'Time when the file was created.', + }, + fileHash: { + key: 'fileHash', + type: 'String', + len: 255, + discription: 'Hash of a file.', + }, + fileId: { + key: 'fileId', + type: 'String', + len: 1023, + discription: 'An ID associated with a file could be the inode.', + }, + fileModificationTime: { + key: 'fileModification Time', + type: 'String', + len: null, + discription: 'Time when the file was last modified.', + }, + filePath: { + key: 'filePath', + type: 'String', + len: 1023, + discription: 'Full path to the file, including file name itself. ' + + 'Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe ' + + 'or /usr/bin/zip', + }, + filePermission: { + key: 'filePermission', + type: 'String', + len: 1023, + discription: 'Permissions of the file.', + }, + fileType: { + key: 'fileType', + type: 'String', + len: 1023, + discription: 'Type of file (pipe, socket, etc.)', + }, + flexDate1: { + key: 'flexDate1', + type: 'String', + len: null, + discription: 'A timestamp field available to map a timestamp that ' + + 'does not apply to any other defined timestamp field in this ' + + 'dictionary. Use all flex fields sparingly and seek a more ' + + 'specific, dictionary supplied field when possible. These ' + + 'fields are typically reserved for customer use and should not ' + + 'be set by vendors unless necessary.', + }, + flexDate1Label: { + key: 'flexDate1Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + flexString1: { + key: 'flexString1', + type: 'String', + len: 1023, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. These fields are typically reserved for ' + + 'customer use and should not be set by vendors unless ' + + 'necessary.', + }, + flexString1Label: { + key: 'flexString1 Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + flexString2: { + key: 'flexString2', + type: 'String', + len: 1023, + discription: 'One of four floating point fields available to map ' + + 'fields that do not apply to any other in this dictionary. Use ' + + 'sparingly and seek a more specific, dictionary supplied field ' + + 'when possible. These fields are typically reserved for ' + + 'customer use and should not be set by vendors unless ' + + 'necessary.', + }, + flexString2Label: { + key: 'flex String2Label', + type: 'String', + len: 128, + discription: 'The label field is a string and describes the ' + + 'purpose of the flex field.', + }, + filename: { + key: 'fname', + type: 'String', + len: 1023, + discription: 'Name of the file only (without its path).', + }, + fileSize: { + key: 'fsize', + type: 'Number', + len: null, + discription: 'Size of the file.', + }, + bytesIn: { + key: 'in', + type: 'Number', + len: null, + discription: 'Number of bytes transferred inbound, relative to the ' + + 'source to destination relationship, meaning that data was ' + + 'flowing from source to destination.', + }, + message: { + key: 'msg', + type: 'String', + len: 1023, + discription: 'An arbitrary message giving more details about the ' + + 'event. Multi-line entries can be produced by using \n as the ' + + 'new line separator.', + }, + oldFileCreateTime: { + key: 'oldFileCreate Time', + type: 'String', + len: null, + discription: 'Time when old file was created.', + }, + oldFileHash: { + key: 'oldFileHash', + type: 'String', + len: 255, + discription: 'Hash of the old file.', + }, + oldFileId: { + key: 'oldFileId', + type: 'String', + len: 1023, + discription: 'An ID associated with the old file could be the ' + + 'inode.', + }, + oldFileModificationTime: { + key: 'oldFile Modification Time', + type: 'String', + len: null, + discription: 'Time when old file was last modified.', + }, + oldFileName: { + key: 'oldFileName', + type: 'String', + len: 1023, + discription: 'Name of the old file.', + }, + oldFilePath: { + key: 'oldFilePath', + type: 'String', + len: 1023, + discription: 'Full path to the old fiWindowsNT\\Accessories le, ' + + 'including the file name itself. Examples: c:\\Program ' + + 'Files\\wordpad.exe or /usr/bin/zip', + }, + oldFileSize: { + key: 'oldFileSize', + type: 'Number', + len: null, + discription: 'Size of the old file.', + }, + oldFileType: { + key: 'oldFileType', + type: 'String', + len: 1023, + discription: 'Type of the old file (pipe, socket, etc.)', + }, + bytesOut: { + key: 'out', + type: 'Number', + len: null, + discription: 'Number of bytes transferred outbound relative to the ' + + 'source to destination relationship. For example, the byte ' + + 'number of data flowing from the destination to the source.', + }, + eventOutcome: { + key: 'outcome', + type: 'String', + len: 63, + discription: 'Displays the outcome, usually as ‘success’ or ' + + '‘failure’.', + }, + transportProtocol: { + key: 'proto', + type: 'String', + len: 31, + discription: 'Identifies the Layer-4 protocol used. The possible ' + + 'values are protocols such as TCP or UDP.', + }, + Reason: { + key: 'reason', + type: 'String', + len: 1023, + discription: 'The reason an audit event was generated. For ' + + 'example “badd password” or “unknown user”. This could also be ' + + 'an error or return code. Example: “0x1234”', + }, + requestUrl: { + key: 'request', + type: 'String', + len: 1023, + discription: 'In the case of an HTTP request, this field contains ' + + 'the URL accessed. The URL should contain the protocol as ' + + 'well. Example: “http://www/secure.com”', + }, + requestClientApplication: { + key: 'requestClient Application', + type: 'String', + len: 1023, + discription: 'The User-Agent associated with the request.', + }, + requestContext: { + key: 'requestContext', + type: 'String', + len: 2048, + discription: 'Description of the content from which the request ' + + 'originated (for example, HTTP Referrer)', + }, + requestCookies: { + key: 'requestCookies', + type: 'String', + len: 1023, + discription: 'Cookies associated with the request.', + }, + requestMethod: { + key: 'requestMethod', + type: 'String', + len: 1023, + discription: 'The method used to access a URL. Possible values: ' + + '“POST”, “GET”, etc.', + }, + deviceReceiptTime: { + key: 'rt', + type: 'String', + len: null, + discription: 'The time at which the event related to the activity ' + + 'was received. The format is MMM dd yyyy HH:mm:ss or ' + + 'milliseconds since epoch (Jan 1st 1970)', + }, + sourceHostName: { + key: 'shost', + type: 'String', + len: 1023, + discription: 'Identifies the source that an event refers to in an ' + + 'IP network. The format should be a fully qualified domain ' + + 'name (DQDN) associated with the source node, when a mode is ' + + 'available. Examples: “host” or “host.domain.com”.', + }, + sourceMacAddress: { + key: 'smac', + type: 'String', + len: null, + discription: 'Six colon-separated hexadecimal numbers. Example: ' + + '“00:0D:60:AF:1B:61”', + }, + sourceNtDomain: { + key: 'sntdom', + type: 'String', + len: 255, + discription: 'The Windows domain name for the source address.', + }, + sourceDnsDomain: { + key: 'sourceDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain part of the complete fully qualified ' + + 'domain name (FQDN).', + }, + sourceServiceName: { + key: 'source ServiceName', + type: 'String', + len: 1023, + discription: 'The service that is responsible for generating this ' + + 'event.', + }, + sourceTranslatedAddress: { + key: 'source Translated Address', + type: 'String', + len: null, + discription: 'Identifies the translated source that the event ' + + 'refers to in an IP network. The format is an IPv4 address. ' + + 'Example: “192.168.10.1”.', + }, + sourceTranslatedPort: { + key: 'source TranslatedPort', + type: 'Number', + len: null, + discription: 'A port number after being translated by, for ' + + 'example, a firewall. Valid port numbers are 0 to 65535.', + }, + sourceProcessId: { + key: 'spid', + type: 'Number', + len: null, + discription: 'The ID of the source process associated with the ' + + 'event.', + }, + sourceUserPrivileges: { + key: 'spriv', + type: 'String', + len: 1023, + discription: 'The typical values are “Administrator”, “User”, and ' + + '“Guest”. It identifies the source user’s privileges. In UNIX, ' + + 'for example, activity executed by the root user would be ' + + 'identified with “Administrator”.', + }, + sourceProcessName: { + key: 'sproc', + type: 'String', + len: 1023, + discription: 'The name of the event’s source process.', + }, + sourcePort: { + key: 'spt', + type: 'Number', + len: null, + discription: 'The valid port numbers are 0 to 65535.', + }, + sourceAddress: { + key: 'src', + type: 'String', + len: null, + discription: 'Identifies the source that an event refers to in an ' + + 'IP network. The format is an IPv4 address. Example: ' + + '“192.168.10.1”.', + }, + startTime: { + key: 'start', + type: 'String', + len: null, + discription: 'The time when the activity the event referred to ' + + 'started. The format is MMM dd yyyy HH:mm:ss or milliseconds ' + + 'since epoch (Jan 1st 1970)', + }, + sourceUserId: { + key: 'suid', + type: 'String', + len: 1023, + discription: 'Identifies the source user by ID. This is the user ' + + 'associated with the source of the event. For example, in ' + + 'UNIX, the root user is generally associated with user ID 0.', + }, + sourceUserName: { + key: 'suser', + type: 'String', + len: 1023, + discription: 'Identifies the source user by name. Email addresses ' + + 'are also mapped into the UserName fields. The sender is a ' + + 'candidate to put into this field.', + }, + type: { + key: 'type', + type: 'Number', + len: null, + discription: '0 means base event, 1 means aggregated, 2 means ' + + 'correlation, and 3 means action. This field can be omitted ' + + 'for base events (type 0).', + }, + agentDnsDomain: { + key: 'agentDns Domain', + type: 'String', + len: 255, + discription: 'The DNS domain name of the ArcSight connector that ' + + 'processed the event.', + }, + agentNtDomain: { + key: 'agentNtDomain', + type: 'String', + len: 255, + discription: '', + }, + agentTranslatedAddress: { + key: 'agentTranslated Address', + type: 'String', + len: null, + discription: '', + }, + 'agentTranslatedZone ExternalID': { + key: 'agentTranslated ZoneExternalID', + type: 'String', + len: 200, + discription: '', + }, + agentTranslatedZoneURI: { + key: 'agentTranslated Zone URI', + type: 'String', + len: 2048, + discription: '', + }, + agentZoneExternalID: { + key: 'agentZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + agentZoneURI: { + key: 'agentZoneURI', + type: 'String', + len: 2048, + discription: '', + }, + agentAddress: { + key: 'agt', + type: 'String', + len: null, + discription: 'The IP address of the ArcSight connector that ' + + 'processed the event.', + }, + agentHostName: { + key: 'ahost', + type: 'String', + len: 1023, + discription: 'The hostname of the ArcSight connector that ' + + 'processed the event.', + }, + agentId: { + key: 'aid', + type: 'String', + len: 40, + discription: 'The agent ID of the ArcSight connector that ' + + 'processed the event.', + }, + agentMacAddress: { + key: 'amac', + type: 'String', + len: null, + discription: 'The MAC address of the ArcSight connector that ' + + 'processed the event.', + }, + agentReceiptTime: { + key: 'art', + type: 'String', + len: null, + discription: 'The time at which information about the event was ' + + 'received by the ArcSight connector.', + }, + agentType: { + key: 'at', + type: 'String', + len: 63, + discription: 'The agent type of the ArcSight connector that ' + + 'processed the event', + }, + agentTimeZone: { + key: 'atz', + type: 'String', + len: 255, + discription: 'The agent time zone of the ArcSight connector that ' + + 'processed the event.', + }, + agentVersion: { + key: 'av', + type: 'String', + len: 31, + discription: 'The version of the ArcSight connector that processed ' + + 'the event.', + }, + customerExternalID: { + key: 'customer ExternalID', + type: 'String', + len: 200, + discription: '', + }, + customerURI: { + key: 'customerURI', + type: 'String', + len: 2048, + discription: '', + }, + 'destinationTranslated ZoneExternalID': { + key: 'destination TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + 'destinationTranslated ZoneURI': { + key: 'destination Translated ZoneURI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the destination ' + + 'asset has been assigned to in ArcSight.', + }, + destinationZoneExternalID: { + key: 'destinationZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + destinationZoneURI: { + key: 'destinationZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Zone that the destination asset has ' + + 'been assigned to in ArcSight.', + }, + 'deviceTranslatedZone ExternalID': { + key: 'device TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + deviceTranslatedZoneURI: { + key: 'device TranslatedZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the device ' + + 'asset has been assigned to in ArcSight.', + }, + deviceZoneExternalID: { + key: 'deviceZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + deviceZoneURI: { + key: 'deviceZoneURI', + type: 'String', + len: 2048, + discription: 'Thee URI for the Zone that the device asset has been ' + + 'assigned to in ArcSight.', + }, + destinationGeoLatitude: { + key: 'dlat', + type: 'Number', + len: null, + discription: 'The latitudinal value from which the ' + + 'destination’s IP address belongs.', + }, + destinationGeoLongitude: { + key: 'dlong', + type: 'Number', + len: null, + discription: 'The longitudinal value from which the destination’s ' + + 'IP address belongs.', + }, + eventId: { + key: 'eventId', + type: 'Number', + len: null, + discription: 'This is a unique ID that ArcSight assigns to each ' + + 'event.', + }, + rawEvent: { + key: 'rawEvent', + type: 'String', + len: 4000, + discription: '', + }, + sourceGeoLatitude: { + key: 'slat', + type: 'Number', + len: null, + discription: '', + }, + sourceGeoLongitude: { + key: 'slong', + type: 'Number', + len: null, + discription: '', + }, + 'sourceTranslatedZone ExternalID': { + key: 'source TranslatedZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + sourceTranslatedZoneURI: { + key: 'source TranslatedZone URI', + type: 'String', + len: 2048, + discription: 'The URI for the Translated Zone that the destination ' + + 'asset has been assigned to in ArcSight.', + }, + sourceZoneExternalID: { + key: 'sourceZone ExternalID', + type: 'String', + len: 200, + discription: '', + }, + sourceZoneURI: { + key: 'sourceZoneURI', + type: 'String', + len: 2048, + discription: 'The URI for the Zone that the source asset has been ' + + 'assigned to in ArcSight.' }, + }; + if (typeof this.deviceVendor !== 'string' + || typeof this.deviceProduct !== 'string' + || typeof this.deviceVersion !== 'string' + ) { + throw new Error('TYPE ERROR: CEF Device Info must be a string'); + } + if (this.severity + && ( + ( + typeof this.severity === 'string' + && ( + this.severity !== 'Unknown' + && this.severity !== 'Low' + && this.severity !== 'Medium' + && this.severity !== 'High' + && this.severity !== 'Very-High' ) ) - ) { - reject(new Error('TYPE ERROR: CEF Severity not set correctly')); - } - const cefExts = Object.entries(this.extensions); - const cefExtsLen = cefExts.length; - for (let ext = 0; ext < cefExtsLen; ext++) { - if (cefExts[ext][1] !== null) { - if (Extensions[cefExts[ext][0]]) { - if (typeof cefExts[ext][1] === Extensions[cefExts[ext][0]] - .type - .toLowerCase()) { - if (Extensions[cefExts[ext][0]].len > 0 - && typeof cefExts[ext][1] === 'string' - && cefExts[ext][1].length > Extensions[cefExts[ext][0]].len){ - let errMsg = 'FORMAT ERROR:'; - errMsg += ' CEF Extention Key'; - errMsg += ' ' + cefExts[ext][0]; - errMsg += ' value length is to long;'; - errMsg += ' max length is'; - errMsg += ' ' + Extensions[cefExts[ext][0]].len; - reject(new Error(errMsg)); - } - } else { - let errMsg = 'TYPE ERROR:'; - errMsg += ' CEF Key'; + || ( + typeof this.severity === 'number' + && ( + this.severity < 0 + || this.severity > 10 + ) + ) + ) + ) { + throw new Error('TYPE ERROR: CEF Severity not set correctly'); + } + const cefExts = Object.entries(this.extensions); + const cefExtsLen = cefExts.length; + for (let ext = 0; ext < cefExtsLen; ext++) { + if (cefExts[ext][1] !== null) { + if (Extensions[cefExts[ext][0]]) { + if (typeof cefExts[ext][1] === Extensions[cefExts[ext][0]] + .type + .toLowerCase()) { + if (Extensions[cefExts[ext][0]].len > 0 + && typeof cefExts[ext][1] === 'string' + && cefExts[ext][1].length > Extensions[cefExts[ext][0]].len){ + let errMsg = 'FORMAT ERROR:'; + errMsg += ' CEF Extention Key'; errMsg += ' ' + cefExts[ext][0]; - errMsg += ' value type was expected to be'; - errMsg += ' ' + Extensions[cefExts[ext][0]].type.toLowerCase(); - reject(new Error(errMsg)); + errMsg += ' value length is to long;'; + errMsg += ' max length is'; + errMsg += ' ' + Extensions[cefExts[ext][0]].len; + throw new Error(errMsg); } + } else { + let errMsg = 'TYPE ERROR:'; + errMsg += ' CEF Key'; + errMsg += ' ' + cefExts[ext][0]; + errMsg += ' value type was expected to be'; + errMsg += ' ' + Extensions[cefExts[ext][0]].type.toLowerCase(); + throw new Error(errMsg); } } } - resolve(true); - }); + } + return true; } /** * Build a CEF formated string * @public - * @return {Promise} - String with formated message + * @return {string} - String with formated message */ buildMessage() { - return new Promise((resolve, - reject) => { - let fmtMsg = 'CEF:0'; - fmtMsg += '|' + this.deviceVendor; - fmtMsg += '|' + this.deviceProduct; - fmtMsg += '|' + this.deviceVersion; - fmtMsg += '|' + this.deviceEventClassId; - fmtMsg += '|' + this.name; - fmtMsg += '|' + this.severity; - fmtMsg += '|'; + let fmtMsg = 'CEF:0'; + fmtMsg += '|' + this.deviceVendor; + fmtMsg += '|' + this.deviceProduct; + fmtMsg += '|' + this.deviceVersion; + fmtMsg += '|' + this.deviceEventClassId; + fmtMsg += '|' + this.name; + fmtMsg += '|' + this.severity; + fmtMsg += '|'; - const cefExts = Object.entries(this.extensions); - const cefExtsLen = cefExts.length; - for (let ext = 0; ext < cefExtsLen; ext++) { - if (cefExts[ext][1] !== null) { - fmtMsg += cefExts[ext][0] + '=' + cefExts[ext][1] + ' '; - } + const cefExts = Object.entries(this.extensions); + const cefExtsLen = cefExts.length; + for (let ext = 0; ext < cefExtsLen; ext++) { + if (cefExts[ext][1] !== null) { + fmtMsg += cefExts[ext][0] + '=' + cefExts[ext][1] + ' '; } - resolve(fmtMsg); - }); + } + return fmtMsg; } /** * @public @@ -3354,23 +3048,12 @@ class CEF { * Syslog server connection} that should be used to send messages directly * from this class. @see SyslogPro~Syslog */ - send(options) { - return new Promise((resolve, - reject) => { - this.buildMessage() - .then((result) => { - if (!this.server) { - this.server = new Syslog(options); - } - this.server.send(result) - .then((sendResult) => { - resolve(sendResult); - }) - .catch((reson) => { - reject(reson); - }); - }); - }); + async send(options) { + const result = this.buildMessage(); + if (!this.server) { + this.server = new Syslog(options); + } + return this.server.send(result); } } diff --git a/tests/syslog.test.js b/tests/syslog.test.js index af590bf..d3b9081 100644 --- a/tests/syslog.test.js +++ b/tests/syslog.test.js @@ -90,7 +90,7 @@ afterAll(() => { // CEF Class Tests describe('CEF Class Tests', () => { - test('CEF Validate with bad extension type ERROR', (done) => { + test('CEF Validate with bad extension type ERROR', () => { let syslogOptions = { port:global.tcpServerPort+100, protocol: 'tcp' @@ -102,18 +102,15 @@ describe('CEF Class Tests', () => { } }); expect.assertions(1); - return cef.validate({}) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: CEF Key deviceAction value type was '; - errorMsg += 'expected to be string'; - expect(reson.message).toBe(errorMsg); - done(); - }); + try { + cef.validate({}); + } catch (reason) { + let errorMsg = 'TYPE ERROR: CEF Key deviceAction value type was '; + errorMsg += 'expected to be string'; + expect(reason.message).toBe(errorMsg); + } }); - test('CEF Validate with bad extension value length ERROR', (done) => { + test('CEF Validate with bad extension value length ERROR', () => { let cef = new SyslogPro.CEF({ extensions: { myNewExt: 'test', @@ -122,75 +119,54 @@ describe('CEF Class Tests', () => { severity: 6 }); expect.assertions(1); - return cef.validate({}) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'FORMAT ERROR: CEF Extention Key applicationProtocol '; - errorMsg += 'value length is to long; max length is 31'; - expect(reson.message).toBe(errorMsg); - done(); - }); + try { + cef.validate({}); + } catch(reason) { + let errorMsg = 'FORMAT ERROR: CEF Extention Key applicationProtocol '; + errorMsg += 'value length is to long; max length is 31'; + expect(reason.message).toBe(errorMsg); + } }); - test('CEF Validate with bad Severity ERROR', (done) => { + test('CEF Validate with bad Severity ERROR', () => { let cef = new SyslogPro.CEF(); cef.severity = 'BAD'; expect.assertions(1); - return cef.validate() - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errMsg = 'TYPE ERROR: CEF Severity not set correctly'; - expect(reson.message).toBe(errMsg); - done(); - }); + try { + cef.validate(); + } catch(reason) { + let errMsg = 'TYPE ERROR: CEF Severity not set correctly'; + expect(reason.message).toBe(errMsg); + } }); - test('CEF Validate with bad device information ERROR', (done) => { + test('CEF Validate with bad device information ERROR', () => { let cef = new SyslogPro.CEF(); cef.deviceProduct = {}; expect.assertions(1); - return cef.validate() - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errMsg = 'TYPE ERROR: CEF Device Info must be a string'; - expect(reson.message).toBe(errMsg); - done(); - }); + try { + cef.validate(); + } catch(reason) { + let errMsg = 'TYPE ERROR: CEF Device Info must be a string'; + expect(reason.message).toBe(errMsg); + } }); - test('CEF Validate and Send A UDP Message to ::1', (done) => { + test('CEF Validate and Send A UDP Message to ::1', async () => { let cef = new SyslogPro.CEF( { extensions: { deviceAction: 'block' - } + } } ); - expect.assertions(1); - return cef.validate() - .then((result) => { - cef.send({ - target: '::1', - port:global.udpServerPort - }) - .then((result) => { - let validateMsg = 'CEF:0|Unknown|Unknown|Unknown|Unknown|Unknown'; - validateMsg += '|Unknown|deviceAction=block '; - expect(result).toBe(validateMsg); - done(); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); + let result = cef.validate(); + result = await cef.send({ + target: '::1', + port:global.udpServerPort + }); + let validateMsg = 'CEF:0|Unknown|Unknown|Unknown|Unknown|Unknown'; + validateMsg += '|Unknown|deviceAction=block '; + expect(result).toBe(validateMsg); }); - test('CEF Send over TCP with bad port ERROR', (done) => { + test('CEF Send over TCP with bad port ERROR', async () => { let syslog = new SyslogPro.Syslog({ target: '127.0.0.1', port: global.tcpServerPort+100, @@ -200,20 +176,17 @@ describe('CEF Class Tests', () => { server: syslog }); expect.assertions(1); - return cef.send({}) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - expect(reson.message).toBe('connect ECONNREFUSED 127.0.0.1:8101'); - done(); - }); + try { + await cef.send({}); + } catch (reason) { + expect(reason.message).toBe('connect ECONNREFUSED 127.0.0.1:8101'); + } }); }); // LEEF Class Test describe('LEEF Class Tests', () => { - test('LEEF Send over TLS with bad port ERROR', (done) => { + test('LEEF Send over TLS with bad port ERROR', async () => { let syslog = new SyslogPro.Syslog({ port: global.tlsBasicServerPort+100, protocol: 'tls', @@ -231,28 +204,18 @@ describe('LEEF Class Tests', () => { server: syslog }); expect.assertions(1); - return leef.send() - .then((result) => { - console.log(result); - }) - .catch((reson) => { - expect(reson.message).toBe('connect ECONNREFUSED 127.0.0.1:8102'); - done(); - }); + try { + await leef.send(); + } catch(reason) { + expect(reason.message).toBe('connect ECONNREFUSED 127.0.0.1:8102'); + } }); - test('LEEF Send', (done) => { + test('LEEF Send', async () => { let leef = new SyslogPro.LEEF(); - expect.assertions(1); - return leef.send() - .then((result) => { - expect(result).toBe('LEEF:2.0|unknown|unknown|unknown|unknown|'); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + const result = await leef.send(); + expect(result).toBe('LEEF:2.0|unknown|unknown|unknown|unknown|'); }); - test('LEEF Send with Auth TLS options', (done) => { + test('LEEF Send with Auth TLS options', async () => { let syslogOptions = { port: global.tlsAuthServerPort, protocol: 'tls', @@ -264,110 +227,53 @@ describe('LEEF Class Tests', () => { server: syslogOptions }); expect.assertions(1); - return leef.send() - .then((result) => { - expect(result).toBe('LEEF:2.0|unknown|unknown|unknown|unknown|'); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + const result = await leef.send(); + expect(result).toBe('LEEF:2.0|unknown|unknown|unknown|unknown|'); }); }); // RFC5424 Class Test describe('RFC5424 Class Tests', () => { - test('RFC5424 Sending critical - debug Severity Messages', (done) => { + test('RFC5424 Sending critical - debug Severity Messages', async () => { let rfc5424 = new SyslogPro.RFC5424(); - expect.assertions(7); - rfc5424.debug('test') - .then((result) => { - expect(result).toMatch(/<191>1 /); - rfc5424.log('test') - .then((result) => { - expect(result).toMatch(/<190>1 /); - rfc5424.info('test') - .then((result) => { - expect(result).toMatch(/<190>1 /); - rfc5424.note('test') - .then((result) => { - expect(result).toMatch(/<189>1 /); - rfc5424.warn('test') - .then((result) => { - expect(result).toMatch(/<188>1 /); - rfc5424.err('test') - .then((result) => { - expect(result).toMatch(/<187>1 /); - rfc5424.crit('test') - .then((result) => { - expect(result).toMatch(/<186>1 /); - done(); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); + let result = await rfc5424.debug('test') + expect(result).toMatch(/<191>1 /); + result = await rfc5424.log('test'); + expect(result).toMatch(/<190>1 /); + result = await rfc5424.info('test'); + expect(result).toMatch(/<190>1 /); + result = await rfc5424.note('test'); + expect(result).toMatch(/<189>1 /); + result = await rfc5424.warn('test'); + expect(result).toMatch(/<188>1 /); + result = await rfc5424.err('test'); + expect(result).toMatch(/<187>1 /); + result = await rfc5424.crit('test'); + expect(result).toMatch(/<186>1 /); }); - test('RFC5424 Sending emergency - alert Severity Messages', (done) => { + test('RFC5424 Sending emergency - alert Severity Messages', async () => { let syslog = new SyslogPro.Syslog(); let rfc5424 = new SyslogPro.RFC5424({ server: syslog }); expect.assertions(2); - rfc5424.alert('test') - .then((result) => { - expect(result).toMatch(/<185>1 /); - rfc5424.emer('test') - .then((result) => { - expect(result).toMatch(/<184>1 /); - done(); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); + let result = await rfc5424.alert('test') + expect(result).toMatch(/<185>1 /); + result = await rfc5424.emer('test') + expect(result).toMatch(/<184>1 /); }); - test('RFC5424 Send with a bad message type ERROR', (done) => { + test('RFC5424 Send with a bad message type ERROR', async () => { let rfc5424 = new SyslogPro.RFC5424(); expect.assertions(1); - rfc5424.send([]) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errMsg = 'FORMAT ERROR: Syslog message must be a string '; - errMsg += 'msgSeverity must be a number between 0 and 7'; - expect(reson.message).toBe(errMsg); - done(); - }); + try { + await rfc5424.send([]); + } catch(reason) { + let errMsg = 'FORMAT ERROR: Syslog message must be a string '; + errMsg += 'msgSeverity must be a number between 0 and 7'; + expect(reason.message).toBe(errMsg); + } }); - test('RFC5424 Send with a bad port number ERROR', (done) => { + test('RFC5424 Send with a bad port number ERROR', async () => { let rfc5424 = new SyslogPro.RFC5424({ utf8BOM: false, timestampUTC: true, @@ -391,18 +297,14 @@ describe('RFC5424 Class Tests', () => { } }); expect.assertions(1); - rfc5424.send('hello') - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errMsg = 'connect ECONNREFUSED 127.0.0.1:8101'; - expect(reson.message).toBe(errMsg); - done(); - }); + try { + await rfc5424.send('hello'); + } catch(reason) { + let errMsg = 'connect ECONNREFUSED 127.0.0.1:8101'; + expect(reason.message).toBe(errMsg); + } }); - test('RFC5424 BuildMessage with Timestamp options', (done) => { - expect.assertions(9); + test('RFC5424 BuildMessage with Timestamp options', () => { let rfc5424 = new SyslogPro.RFC5424({ color: true, timestamp: false, @@ -410,144 +312,97 @@ describe('RFC5424 Class Tests', () => { timestampTZ: false, timestampMS: false, }); - rfc5424.buildMessage('hello') - .then((result) => { - expect(result).toMatch(/<190>1 - /); - let rfc5424 = new SyslogPro.RFC5424({ - color: true, - extendedColor: true, - timestamp: true, - timestampUTC: false, - timestampTZ: false, - timestampMS: false, - }); - rfc5424.buildMessage('hello',{ - msgColor: 50 - }) - .then((result) => { - let resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2} /; - expect(result).toMatch(resultMsg); - let rfc5424 = new SyslogPro.RFC5424({ - includeStructuredData: true, - color: true, - extendedColor: false, - timestamp: true, - timestampUTC: false, - timestampTZ: false, - timestampMS: true, - }); - rfc5424.buildMessage('hello', { - msgColor: 30, - msgStructuredData: [ - '[ourSDID@32473 test=test]', - '[ourSDID@32473 test=test]' - ] - }) - .then((result) => { - let resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6} /; - expect(result).toMatch(resultMsg); - let rfc5424 = new SyslogPro.RFC5424({ - timestamp: true, - timestampUTC: false, - timestampTZ: true, - timestampMS: true, - }); - rfc5424.buildMessage('hello') - .then((result) => { - let resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}\+/; - expect(result).toMatch(resultMsg); - let rfc5424 = new SyslogPro.RFC5424({ - timestamp: true, - timestampUTC: false, - timestampTZ: true, - timestampMS: false, - }); - rfc5424.buildMessage('hello') - .then((result) => { - let resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\+/; - expect(result).toMatch(resultMsg); - let rfc5424 = new SyslogPro.RFC5424({ - timestamp: true, - timestampUTC: true, - timestampTZ: false, - timestampMS: false, - }); - rfc5424.buildMessage('hello') - .then((result) => { - let resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2} /; - expect(result).toMatch(resultMsg); - let rfc5424 = new SyslogPro.RFC5424({ - timestamp: true, - timestampUTC: true, - timestampTZ: false, - timestampMS: true, - }); - rfc5424.buildMessage('hello') - .then((result) => { - let resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6} /; - expect(result).toMatch(resultMsg); - let rfc5424 = new SyslogPro.RFC5424({ - timestamp: true, - timestampUTC: true, - timestampTZ: true, - timestampMS: true, - }); - rfc5424.buildMessage('hello') - .then((result) => { - let resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}\+/; - expect(result).toMatch(resultMsg); - let rfc5424 = new SyslogPro.RFC5424({ - timestamp: true, - timestampUTC: true, - timestampTZ: true, - timestampMS: false, - }); - rfc5424.buildMessage('hello') - .then((result) => { - let resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\+/; - expect(result).toMatch(resultMsg); - done(); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); + let result = rfc5424.buildMessage('hello'); + expect(result).toMatch(/<190>1 - /); + rfc5424 = new SyslogPro.RFC5424({ + color: true, + extendedColor: true, + timestamp: true, + timestampUTC: false, + timestampTZ: false, + timestampMS: false, + }); + result = rfc5424.buildMessage('hello',{ + msgColor: 50 + }) + let resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2} /; + expect(result).toMatch(resultMsg); + rfc5424 = new SyslogPro.RFC5424({ + includeStructuredData: true, + color: true, + extendedColor: false, + timestamp: true, + timestampUTC: false, + timestampTZ: false, + timestampMS: true, + }); + result = rfc5424.buildMessage('hello', { + msgColor: 30, + msgStructuredData: [ + '[ourSDID@32473 test=test]', + '[ourSDID@32473 test=test]' + ] + }); + resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6} /; + expect(result).toMatch(resultMsg); + rfc5424 = new SyslogPro.RFC5424({ + timestamp: true, + timestampUTC: false, + timestampTZ: true, + timestampMS: true, + }); + result = rfc5424.buildMessage('hello'); + resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}\+/; + expect(result).toMatch(resultMsg); + rfc5424 = new SyslogPro.RFC5424({ + timestamp: true, + timestampUTC: false, + timestampTZ: true, + timestampMS: false, + }); + result = rfc5424.buildMessage('hello'); + resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\+/; + expect(result).toMatch(resultMsg); + rfc5424 = new SyslogPro.RFC5424({ + timestamp: true, + timestampUTC: true, + timestampTZ: false, + timestampMS: false, + }); + result = rfc5424.buildMessage('hello'); + resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2} /; + expect(result).toMatch(resultMsg); + rfc5424 = new SyslogPro.RFC5424({ + timestamp: true, + timestampUTC: true, + timestampTZ: false, + timestampMS: true, + }); + result = rfc5424.buildMessage('hello'); + resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6} /; + expect(result).toMatch(resultMsg); + rfc5424 = new SyslogPro.RFC5424({ + timestamp: true, + timestampUTC: true, + timestampTZ: true, + timestampMS: true, + }); + result = rfc5424.buildMessage('hello'); + resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}\+/; + expect(result).toMatch(resultMsg); + rfc5424 = new SyslogPro.RFC5424({ + timestamp: true, + timestampUTC: true, + timestampTZ: true, + timestampMS: false, + }); + result = rfc5424.buildMessage('hello'); + resultMsg = /<190>1 \d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\+/; + expect(result).toMatch(resultMsg); }); - test('RFC5424 SetColors', (done) => { - expect.assertions(1); + test('RFC5424 SetColors', () => { let rfc5424 = new SyslogPro.RFC5424(); - rfc5424.setColor({ + const result = rfc5424.setColor({ emergencyColor: 30, alertColor: 30, criticalColor: 30, @@ -557,202 +412,131 @@ describe('RFC5424 Class Tests', () => { informationalColor: 30, debugColor: 30 }, - false) - .then((result) => { - expect(result).toBe(true); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + false); + expect(result).toBe(true); }); - test('RFC5424 SetColors with color type ERROR', (done) => { + test('RFC5424 SetColors with color type ERROR', () => { expect.assertions(8); let rfc5424 = new SyslogPro.RFC5424(); - rfc5424.setColor({ - emergencyColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'emergencyColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc5424.setColor({ - alertColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'alertColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc5424.setColor({ - criticalColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'criticalColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc5424.setColor({ - errorColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'errorColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc5424.setColor({ - warningColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'warningColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc5424.setColor({ - noticeColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'noticeColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc5424.setColor({ - informationalColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'informationalColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc5424.setColor({ - debugColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'debugColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - done(); - }); - }); - }); - }); - }); - }); - }); - }); + try { + rfc5424.setColor({ + emergencyColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'emergencyColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc5424.setColor({ + alertColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'alertColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc5424.setColor({ + criticalColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'criticalColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc5424.setColor({ + errorColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'errorColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc5424.setColor({ + warningColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'warningColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc5424.setColor({ + noticeColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'noticeColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc5424.setColor({ + informationalColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'informationalColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc5424.setColor({ + debugColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'debugColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } }); - test('RFC5424 buildMessage color options', (done) => { - expect.assertions(2); + test('RFC5424 buildMessage color options', () => { let rfc5424 = new SyslogPro.RFC5424({ color: true, extendedColor: true }); - rfc5424.buildMessage('test', { + let result = rfc5424.buildMessage('test', { msgColor: 30 }) - .then((result) => { - expect(result).toMatch(/<190>1 .+(\u001b\[38;5;30mtest\u001b\[0m\n)/); - rfc5424.extendedColor = false; - rfc5424.buildMessage('test', { - msgColor: {} - }) - .then((result) => { - expect(result).toMatch(/<190>1 .+(\u001b\[39mtest\u001b\[0m\n)/); - done(); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); + expect(result).toMatch(/<190>1 .+(\u001b\[38;5;30mtest\u001b\[0m\n)/); + rfc5424.extendedColor = false; + result = rfc5424.buildMessage('test', { + msgColor: {} + }); + expect(result).toMatch(/<190>1 .+(\u001b\[39mtest\u001b\[0m\n)/); }); }); // RFC3164 Class Test describe('RFC3164 Class Tests', () => { - test('RFC3164 Sending critical - debug Severity Messages', (done) => { + test('RFC3164 Sending critical - debug Severity Messages', async () => { let rfc3164 = new SyslogPro.RFC3164(); expect.assertions(7); - rfc3164.debug('test') - .then((result) => { - expect(result).toMatch(/<191>J|F|M|A|S|O|N|D/); - rfc3164.log('test') - .then((result) => { - expect(result).toMatch(/<190>J|F|M|A|S|O|N|D/); - rfc3164.info('test') - .then((result) => { - expect(result).toMatch(/<190>J|F|M|A|S|O|N|D/); - rfc3164.note('test') - .then((result) => { - expect(result).toMatch(/<189>J|F|M|A|S|O|N|D/); - rfc3164.warn('test') - .then((result) => { - expect(result).toMatch(/<188>J|F|M|A|S|O|N|D/); - rfc3164.err('test') - .then((result) => { - expect(result).toMatch(/<187>J|F|M|A|S|O|N|D/); - rfc3164.crit('test') - .then((result) => { - expect(result).toMatch(/<186>J|F|M|A|S|O|N|D/); - done(); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); + let result = await rfc3164.debug('test'); + expect(result).toMatch(/<191>J|F|M|A|S|O|N|D/); + result = await rfc3164.log('test'); + expect(result).toMatch(/<190>J|F|M|A|S|O|N|D/); + result = await rfc3164.info('test'); + expect(result).toMatch(/<190>J|F|M|A|S|O|N|D/); + result = await rfc3164.note('test'); + expect(result).toMatch(/<189>J|F|M|A|S|O|N|D/); + result = await rfc3164.warn('test'); + expect(result).toMatch(/<188>J|F|M|A|S|O|N|D/); + result = await rfc3164.err('test'); + expect(result).toMatch(/<187>J|F|M|A|S|O|N|D/); + result = await rfc3164.crit('test') + expect(result).toMatch(/<186>J|F|M|A|S|O|N|D/); }); - test('RFC3164 Sending TCP emergency - alert Severity Messages', (done) => { + test('RFC3164 Sending TCP emergency - alert Severity Messages', async () => { let syslog = new SyslogPro.Syslog({ protocol: 'tcp', port: global.tcpServerPort @@ -760,38 +544,23 @@ describe('RFC3164 Class Tests', () => { let rfc3164 = new SyslogPro.RFC3164({ server: syslog }); - expect.assertions(2); - rfc3164.alert('test') - .then((result) => { - expect(result).toMatch(/<185>J|F|M|A|S|O|N|D/); - rfc3164.emer('test') - .then((result) => { - expect(result).toMatch(/<184>J|F|M|A|S|O|N|D/); - done(); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); + let result = await rfc3164.alert('test'); + expect(result).toMatch(/<185>J|F|M|A|S|O|N|D/); + result = await rfc3164.emer('test'); + expect(result).toMatch(/<184>J|F|M|A|S|O|N|D/); }); - test('RFC3164 Send with a bad message type ERROR', (done) => { + test('RFC3164 Send with a bad message type ERROR', async () => { let rfc3164 = new SyslogPro.RFC3164(); expect.assertions(1); - rfc3164.send([]) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errMsg = 'FORMAT ERROR: Syslog message must be a string '; - errMsg += 'msgSeverity must be a number between 0 and 7'; - expect(reson.message).toBe(errMsg); - done(); - }); + try { + await rfc3164.send([]); + } catch(reason) { + let errMsg = 'FORMAT ERROR: Syslog message must be a string '; + errMsg += 'msgSeverity must be a number between 0 and 7'; + expect(reason.message).toBe(errMsg); + } }); - test('RFC3164 Send with a bad port number ERROR', (done) => { + test('RFC3164 Send with a bad port number ERROR', async () => { let rfc3164 = new SyslogPro.RFC3164({ colors: { emergencyColor: 30, @@ -810,228 +579,171 @@ describe('RFC3164 Class Tests', () => { } }); expect.assertions(1); - rfc3164.send('hello') - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errMsg = 'connect ECONNREFUSED 127.0.0.1:8101'; - expect(reson.message).toBe(errMsg); - done(); - }); + try { + await rfc3164.send('hello'); + } catch(reason) { + let errMsg = 'connect ECONNREFUSED 127.0.0.1:8101'; + expect(reason.message).toBe(errMsg); + } }); - test('RFC3164 SetColors', (done) => { - expect.assertions(1); + test('RFC3164 SetColors', () => { let rfc3164 = new SyslogPro.RFC3164(); - rfc3164.setColor({ - emergencyColor: 30, - alertColor: 30, - criticalColor: 30, - errorColor: 30, - warningColor:30, - noticeColor: 30, - informationalColor: 30, - debugColor: 30 - }, - false) - .then((result) => { - expect(result).toBe(true); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + const result = rfc3164.setColor({ + emergencyColor: 30, + alertColor: 30, + criticalColor: 30, + errorColor: 30, + warningColor:30, + noticeColor: 30, + informationalColor: 30, + debugColor: 30 + }, + false); + expect(result).toBe(true); }); - test('RFC3164 SetColors with color type ERROR', (done) => { + test('RFC3164 SetColors with color type ERROR', () => { expect.assertions(8); let rfc3164 = new SyslogPro.RFC3164(); - rfc3164.setColor({ - emergencyColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'emergencyColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc3164.setColor({ - alertColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'alertColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc3164.setColor({ - criticalColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'criticalColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc3164.setColor({ - errorColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'errorColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc3164.setColor({ - warningColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'warningColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc3164.setColor({ - noticeColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'noticeColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc3164.setColor({ - informationalColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'informationalColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - rfc3164.setColor({ - debugColor: {} - }, false) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: '; - errorMsg += 'debugColor'; - errorMsg += ' Not in RGB color hex or color code'; - expect(reson.message).toBe(errorMsg); - done(); - }); - }); - }); - }); - }); - }); - }); - }); + try { + rfc3164.setColor({ + emergencyColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'emergencyColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc3164.setColor({ + alertColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'alertColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc3164.setColor({ + criticalColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'criticalColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc3164.setColor({ + errorColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'errorColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc3164.setColor({ + warningColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'warningColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc3164.setColor({ + noticeColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'noticeColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc3164.setColor({ + informationalColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'informationalColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } + try { + rfc3164.setColor({ + debugColor: {} + }, false); + } catch(reason) { + let errorMsg = 'TYPE ERROR: '; + errorMsg += 'debugColor'; + errorMsg += ' Not in RGB color hex or color code'; + expect(reason.message).toBe(errorMsg); + } }); - test('RFC3164 buildMessage color options', (done) => { - expect.assertions(3); + test('RFC3164 buildMessage color options', () => { let rfc3164 = new SyslogPro.RFC3164({ color: true, extendedColor: true }); - rfc3164.buildMessage('test', { + let result = rfc3164.buildMessage('test', { msgColor: 30 - }) - .then((result) => { - expect(result).toMatch(/<190>(J|F|M|A|S|O|N|D).+(\u001b\[38;5;30mtest\u001b\[0m\n)/); - rfc3164.extendedColor = false; - rfc3164.buildMessage('test', { - msgColor: {} - }) - .then((result) => { - expect(result).toMatch(/<190>(J|F|M|A|S|O|N|D).+(\u001b\[39mtest\u001b\[0m\n)/); - rfc3164.buildMessage('test', { - }) - .then((result) => { - expect(result).toMatch(/<190>(J|F|M|A|S|O|N|D).+(\u001b\[36mtest\u001b\[0m\n)/); - done(); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); - }) - .catch((reson) => { - console.log(reson); - }); + }); + expect(result).toMatch(/<190>(J|F|M|A|S|O|N|D).+(\u001b\[38;5;30mtest\u001b\[0m\n)/); + rfc3164.extendedColor = false; + result = rfc3164.buildMessage('test', { + msgColor: {} + }); + expect(result).toMatch(/<190>(J|F|M|A|S|O|N|D).+(\u001b\[39mtest\u001b\[0m\n)/); + result = rfc3164.buildMessage('test', { + }); + expect(result).toMatch(/<190>(J|F|M|A|S|O|N|D).+(\u001b\[36mtest\u001b\[0m\n)/); }); }); // Base Syslog Class Test describe('Base Syslog Class tests', () => { - test('Syslog Send UDP with DNS Error', (done) => { + test('Syslog Send UDP with DNS Error', async () => { let syslog = new SyslogPro.Syslog({ target: 'noteareal.dns', protocol: 'udp', port: global.udpServerPort }); expect.assertions(1); - syslog.send('test') - .then((result) => { - console.log(result); - }) - .catch((reson) => { - expect(reson.message).toBe('getaddrinfo ENOTFOUND noteareal.dns'); - done(); - }); - }); - test('Syslog Send UDP with bad message type Error', (done) => { - let syslog = new SyslogPro.Syslog({ - target: 'noteareal.dns', - protocol: 'udp', - port: global.udpServerPort - }); - expect.assertions(1); - syslog.send({}) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: Syslog message must be a string'; - expect(reson.message).toBe(errorMsg); - done(); - }); + try { + await syslog.send('test'); + } catch(reason) { + expect(reason.message).toBe('getaddrinfo ENOTFOUND noteareal.dns'); + } }); - test('Syslog Send UDP with IPv6 target', (done) => { + test('Syslog Send UDP with bad message type Error', async () => { + let syslog = new SyslogPro.Syslog({ + target: 'noteareal.dns', + protocol: 'udp', + port: global.udpServerPort + }); + expect.assertions(1); + try { + await syslog.send({}); + } catch(reason) { + let errorMsg = 'TYPE ERROR: Syslog message must be a string'; + expect(reason.message).toBe(errorMsg); + } + }); + test('Syslog Send UDP with IPv6 target', async () => { let syslog = new SyslogPro.Syslog({ target: '127.0.0.1', protocol: 'udp', port: global.udpServerPort }); - expect.assertions(1); - syslog.send('test') - .then((result) => { - expect(result).toBe('test'); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + const result = await syslog.send('test'); + expect(result).toBe('test'); }); - test('Syslog Send TLS with timeout Error', (done) => { + test('Syslog Send TLS with timeout Error', async () => { let syslog = new SyslogPro.Syslog({ protocol: 'tls', port: global.tlsBasicServerPort, @@ -1039,17 +751,14 @@ describe('Base Syslog Class tests', () => { tcpTimeout: 1 }); expect.assertions(1); - syslog.send('test') - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TIMEOUT ERROR: Syslog server TLS timeout'; - expect(reson.message).toBe(errorMsg); - done(); - }); + try { + await syslog.send('test'); + } catch(reason) { + let errorMsg = 'TIMEOUT ERROR: Syslog server TLS timeout'; + expect(reason.message).toBe(errorMsg); + } }); - test('Syslog Send TLS with server cert location type Error', (done) => { + test('Syslog Send TLS with server cert location type Error', async () => { let syslog = new SyslogPro.Syslog({ protocol: 'tls', port: global.tlsBasicServerPort, @@ -1057,18 +766,15 @@ describe('Base Syslog Class tests', () => { tcpTimeout: 1 }); expect.assertions(1); - syslog.send('test') - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: TLS Server Cert is not a file'; - errorMsg += 'location string'; - expect(reson.message).toBe(errorMsg); - done(); - }); + try { + await syslog.send('test'); + } catch(reason) { + let errorMsg = 'TYPE ERROR: TLS Server Cert is not a file'; + errorMsg += 'location string'; + expect(reason.message).toBe(errorMsg); + } }); - test('Syslog Send TLS with client cert location type Error', (done) => { + test('Syslog Send TLS with client cert location type Error', async () => { let syslog = new SyslogPro.Syslog({ protocol: 'tls', port: global.tlsBasicServerPort, @@ -1078,18 +784,15 @@ describe('Base Syslog Class tests', () => { tcpTimeout: 1 }); expect.assertions(1); - syslog.send('test') - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: TLS Client Cert is not a file'; - errorMsg += 'location string'; - expect(reson.message).toBe(errorMsg); - done(); - }); + try { + await syslog.send('test'); + } catch(reason) { + let errorMsg = 'TYPE ERROR: TLS Client Cert is not a file'; + errorMsg += 'location string'; + expect(reason.message).toBe(errorMsg); + } }); - test('Syslog Send TLS with client key location type Error', (done) => { + test('Syslog Send TLS with client key location type Error', async () => { let syslog = new SyslogPro.Syslog({ protocol: 'tls', port: global.tlsBasicServerPort, @@ -1099,113 +802,90 @@ describe('Base Syslog Class tests', () => { tcpTimeout: 1 }); expect.assertions(1); - syslog.send('test') - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: TLS Client Key is not a file'; - errorMsg += 'location string'; - expect(reson.message).toBe(errorMsg); - done(); - }); + try { + await syslog.send('test'); + } catch(reason) { + let errorMsg = 'TYPE ERROR: TLS Client Key is not a file'; + errorMsg += 'location string'; + expect(reason.message).toBe(errorMsg); + } }); - test('Syslog Send TLS with no server certs', (done) => { + test('Syslog Send TLS with no server certs', async () => { let syslog = new SyslogPro.Syslog({ protocol: 'tls', port: 443, target: 'cloud.positon.org', // Public test server }); - expect.assertions(1); - syslog.send('test') - .then((result) => { - expect(result).toBe('test'); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + const result = await syslog.send('test'); + expect(result).toBe('test'); }); - test('Syslog Send TCP with DNS Error', (done) => { + test('Syslog Send TCP with DNS Error', async () => { let syslog = new SyslogPro.Syslog({ target: 'noteareal.dns', protocol: 'tcp', port: global.tcpServerPort }); expect.assertions(1); - syslog.send('test') - .then((result) => { - console.log(result); - }) - .catch((reson) => { - expect(reson.message).toBe('getaddrinfo ENOTFOUND noteareal.dns'); - done(); - }); - }); - test('Syslog Send TCP with timeout Error', (done) => { + try { + await syslog.send('test'); + } catch(reason) { + expect(reason.message).toBe('getaddrinfo ENOTFOUND noteareal.dns'); + } + }); + test('Syslog Send TCP with timeout Error', async () => { let syslog = new SyslogPro.Syslog({ protocol: 'tcp', target: 'portquiz.net', // Public test server tcpTimeout: 1 }); expect.assertions(1); - syslog.send('test') - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TIMEOUT ERROR: Syslog server TCP timeout'; - expect(reson.message).toBe(errorMsg); - done(); - }); + try { + await syslog.send('test'); + } catch(reason) { + let errorMsg = 'TIMEOUT ERROR: Syslog server TCP timeout'; + expect(reason.message).toBe(errorMsg); + } }); - test('Syslog addTlsServerCerts server cert location type Error', (done) => { + test('Syslog addTlsServerCerts server cert location type Error', () => { let syslog = new SyslogPro.Syslog({ protocol: 'tls', port: global.tlsBasicServerPort, tcpTimeout: 1 }); expect.assertions(1); - syslog.addTlsServerCerts(6) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'TYPE ERROR: Server Cert file locations should be a'; - errorMsg += ' string or array of strings'; - expect(reson.message).toBe(errorMsg); - done(); - }); + try { + syslog.addTlsServerCerts(6); + } catch (reason) { + let errorMsg = 'TYPE ERROR: Server Cert file locations should be a'; + errorMsg += ' string or array of strings'; + expect(reason.message).toBe(errorMsg); + } }); - test('Syslog constructor with format cef but no object', (done) => { + test('Syslog constructor with format cef but no object', () => { let syslog = new SyslogPro.Syslog({ format: 'cef' }); expect(syslog.cef.constructor__).toBe(true); - done(); }); - test('Syslog constructor with format leef but no object', (done) => { + test('Syslog constructor with format leef but no object', () => { let syslog = new SyslogPro.Syslog({ format: 'leef' }); expect(syslog.leef.constructor__).toBe(true); - done(); }); - test('Syslog constructor with format rfc5424 but no object', (done) => { + test('Syslog constructor with format rfc5424 but no object', () => { let syslog = new SyslogPro.Syslog({ format: 'rfc5424' }); expect(syslog.rfc5424.constructor__).toBe(true); - done(); }); - test('Syslog constructor with format rfc3164 but no object', (done) => { + test('Syslog constructor with format rfc3164 but no object', () => { let syslog = new SyslogPro.Syslog({ format: 'rfc3164' }); expect(syslog.rfc3164.constructor__).toBe(true); - done(); }); - test('Syslog constructor with format objects', (done) => { + test('Syslog constructor with format objects', () => { let rfc3164 = new SyslogPro.RFC3164(); let rfc5424 = new SyslogPro.RFC5424(); let leef = new SyslogPro.LEEF(); @@ -1221,9 +901,8 @@ describe('Base Syslog Class tests', () => { expect(syslog.rfc5424.constructor__).toBe(true); expect(syslog.leef.constructor__).toBe(true); expect(syslog.cef.constructor__).toBe(true); - done(); }); - test('Syslog constructor with format objects configs', (done) => { + test('Syslog constructor with format objects configs', () => { let rfc3164 = {}; let rfc5424 = {}; let leef = {}; @@ -1239,129 +918,66 @@ describe('Base Syslog Class tests', () => { expect(syslog.rfc5424.constructor__).toBe(true); expect(syslog.leef.constructor__).toBe(true); expect(syslog.cef.constructor__).toBe(true); - done(); }); - test('Syslog Send with Protocol selection Error', (done) => { + test('Syslog Send with Protocol selection Error', async () => { let syslog = new SyslogPro.Syslog({ protocol: 'bad' }); expect.assertions(1); - syslog.send('test') - .then((result) => { - console.log(result); - }) - .catch((reson) => { - let errorMsg = 'FORMAT ERROR: Protocol not recognized, should be '; - errorMsg += 'udp|tcp|tls'; - expect(reson.message).toBe(errorMsg); - done(); - }); + try { + await syslog.send('test'); + } catch(reason) { + let errorMsg = 'FORMAT ERROR: Protocol not recognized, should be '; + errorMsg += 'udp|tcp|tls'; + expect(reason.message).toBe(errorMsg); + } }); }); // RGB to ANSI Color Function Test describe('RGB to ANSI Color Function Tests', () => { - test('RgbToAnsi Non Extended Colors hex v === 2', (done) => { - expect.assertions(1); - SyslogPro.RgbToAnsi('#ffffff', false) - .then((result) => { - expect(result).toBe(90); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + test('RgbToAnsi Non Extended Colors hex v === 2', () => { + const result = SyslogPro.RgbToAnsi('#ffffff', false); + expect(result).toBe(90); }); - test('RgbToAnsi Non Extended Colors hex v === 0', (done) => { - expect.assertions(1); - SyslogPro.RgbToAnsi('#000000', false) - .then((result) => { - expect(result).toBe(30); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + test('RgbToAnsi Non Extended Colors hex v === 0', () => { + const result = SyslogPro.RgbToAnsi('#000000', false); + expect(result).toBe(30); }); - test('RgbToAnsi Non Extended Colors hex v === 1', (done) => { - expect.assertions(1); - SyslogPro.RgbToAnsi('#640000', false) - .then((result) => { - expect(result).toBe(30); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + test('RgbToAnsi Non Extended Colors hex v === 1', () => { + const result = SyslogPro.RgbToAnsi('#640000', false); + expect(result).toBe(30); }); - test('RegToAnsi Extended Colors #640000', (done) => { - expect.assertions(1); - SyslogPro.RgbToAnsi('#640000', true) - .then((result) => { - expect(result).toBe(88); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + test('RegToAnsi Extended Colors #640000', () => { + const result = SyslogPro.RgbToAnsi('#640000', true); + expect(result).toBe(88); }); - test('RegToAnsi Extended Colors #050505', (done) => { - expect.assertions(1); - SyslogPro.RgbToAnsi('#050505', true) - .then((result) => { - expect(result).toBe(16); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + test('RegToAnsi Extended Colors #050505', () => { + const result = SyslogPro.RgbToAnsi('#050505', true); + expect(result).toBe(16); }); - test('RegToAnsi Extended Colors #646464', (done) => { - expect.assertions(1); - SyslogPro.RgbToAnsi('#646464', true) - .then((result) => { - expect(result).toBe(241); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + test('RegToAnsi Extended Colors #646464', () => { + const result = SyslogPro.RgbToAnsi('#646464', true) + expect(result).toBe(241); }); - test('RegToAnsi Extended Colors #f9f9f9', (done) => { - expect.assertions(1); - SyslogPro.RgbToAnsi('#f9f9f9', true) - .then((result) => { - expect(result).toBe(231); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + test('RegToAnsi Extended Colors #f9f9f9', () => { + const result = SyslogPro.RgbToAnsi('#f9f9f9', true); + expect(result).toBe(231); }); - test('RegToAnsi Extended Colors 100', (done) => { - expect.assertions(1); - SyslogPro.RgbToAnsi(100, true) - .then((result) => { - expect(result).toBe(100); - done(); - }) - .catch((reson) => { - console.log(reson); - }); + test('RegToAnsi Extended Colors 100', () => { + const result = SyslogPro.RgbToAnsi(100, true); + expect(result).toBe(100); }); - test('RegToAnsi Extended Colors 300 out of range Error', (done) => { + test('RegToAnsi Extended Colors 300 out of range Error', () => { expect.assertions(1); - SyslogPro.RgbToAnsi(300, true) - .then((result) => { - console.log(result); - }) - .catch((reson) => { - expect(reson.message).toBe('FORMAT ERROR: Color code not in range'); - done(); - }); + try { + SyslogPro.RgbToAnsi(300, true); + } catch(reason) { + expect(reason.message).toBe('FORMAT ERROR: Color code not in range'); + } }); }); /*global expect*/ /*global beforeAll*/ -/*global afterAll*/ \ No newline at end of file +/*global afterAll*/