sim1222/SyslogPro
1
0
Fork 0
mirror of https://github.com/misskey-dev/SyslogPro.git synced 2025-04-29 02:37:18 +09:00
Code Issues Packages Projects Releases Wiki Activity
SyslogPro/docs/module-SyslogPro-CEF.html
Craig Yamato 1b83a3e15d updated documents
2018-09-25 19:12:40 +00:00

1626 lines
24 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>CEF - Documentation</title>
<script src="scripts/prettify/prettify.js"></script>
<script src="scripts/prettify/lang-css.js"></script>
<!--[if lt IE 9]>
<script src="//html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link type="text/css" rel="stylesheet" href="styles/prettify.css">
<link type="text/css" rel="stylesheet" href="styles/jsdoc.css">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
</head>
<body>
<input type="checkbox" id="nav-trigger" class="nav-trigger" />
<label for="nav-trigger" class="navicon-button x">
<div class="navicon"></div>
</label>
<label for="nav-trigger" class="overlay"></label>
<nav>
<h2><a href="index.html">Home</a></h2><h3>Classes</h3><ul><li><a href="module-SyslogPro-CEF.html">CEF</a><ul class='methods'><li data-type='method'><a href="module-SyslogPro-CEF.html#buildMessage">buildMessage</a></li><li data-type='method'><a href="module-SyslogPro-CEF.html#send">send</a></li><li data-type='method'><a href="module-SyslogPro-CEF.html#validate">validate</a></li></ul></li><li><a href="module-SyslogPro-LEEF.html">LEEF</a><ul class='methods'><li data-type='method'><a href="module-SyslogPro-LEEF.html#buildMessage">buildMessage</a></li><li data-type='method'><a href="module-SyslogPro-LEEF.html#send">send</a></li></ul></li><li><a href="module-SyslogPro-RFC3164.html">RFC3164</a><ul class='methods'><li data-type='method'><a href="module-SyslogPro-RFC3164.html#alert">alert</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#buildMessage">buildMessage</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#crit">crit</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#critical">critical</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#debug">debug</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#emer">emer</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#emergency">emergency</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#err">err</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#error">error</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#info">info</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#informational">informational</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#log">log</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#note">note</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#notice">notice</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#send">send</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#setColor">setColor</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#warn">warn</a></li><li data-type='method'><a href="module-SyslogPro-RFC3164.html#warning">warning</a></li></ul></li><li><a href="module-SyslogPro-RFC5424.html">RFC5424</a><ul class='methods'><li data-type='method'><a href="module-SyslogPro-RFC5424.html#alert">alert</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#buildMessage">buildMessage</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#crit">crit</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#critical">critical</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#debug">debug</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#emer">emer</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#emergency">emergency</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#err">err</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#error">error</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#info">info</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#informational">informational</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#log">log</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#note">note</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#notice">notice</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#send">send</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#setColor">setColor</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#warn">warn</a></li><li data-type='method'><a href="module-SyslogPro-RFC5424.html#warning">warning</a></li></ul></li><li><a href="module-SyslogPro-Syslog.html">Syslog</a><ul class='methods'><li data-type='method'><a href="module-SyslogPro-Syslog.html#addTlsServerCerts">addTlsServerCerts</a></li><li data-type='method'><a href="module-SyslogPro-Syslog.html#send">send</a></li><li data-type='method'><a href="module-SyslogPro-Syslog.html#tcpMessage">tcpMessage</a></li><li data-type='method'><a href="module-SyslogPro-Syslog.html#tlsMessage">tlsMessage</a></li><li data-type='method'><a href="module-SyslogPro-Syslog.html#udpMessage">udpMessage</a></li></ul></li></ul><h3>Modules</h3><ul><li><a href="module-SyslogPro.html">SyslogPro</a><ul class='methods'><li data-type='method'><a href="module-SyslogPro.html#~rgbToAnsi">rgbToAnsi</a></li></ul></li></ul>
</nav>
<div id="main">
<h1 class="page-title">CEF</h1>
<section>
<header>
<h2>
<span class="ancestors"><a href="module-SyslogPro.html">SyslogPro</a>~</span>
CEF
</h2>
<div class="class-description">A class to work with HP CEF (Common Event Format) messages. This form
of system messages are designed to work with security systems. Messages can
be saved to file (Saving to file if not part of this module but a CEF
formatted message produced by this module can be saved externally to it) or
sent via Syslog.
Most APIs will return a promise. These APIs can be used using
`then(...)/catch(...)`
A Syslog class with a configured Syslog server target can also be used as
the input into the formatting classes so that it may run independently. The CEF
format is designed to send event data to a SIEM system and should not be as
a logging stream. This class is meant to be used once per message.</div>
</header>
<article>
<div class="container-overview">
<h2>Constructor</h2>
<h4 class="name" id="CEF"><span class="type-signature"></span>new CEF<span class="signature">(options<span class="signature-attributes">opt</span>)</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line1868">line 1868</a>
</li></ul></dd>
<dt class="tag-version">Version:</dt>
<dd class="tag-version"><ul class="dummy"><li>0.0.0</li></ul></dd>
<dt class="tag-since">Since:</dt>
<dd class="tag-since"><ul class="dummy"><li>0.0.0</li></ul></dd>
</dl>
<div class="description">
Construct a new CEF formatting object with user options
</div>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th>Attributes</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>options</code></td>
<td class="type">
<span class="param-type">object</span>
</td>
<td class="attributes">
&lt;optional><br>
</td>
<td class="description last">Options object
<h6>Properties</h6>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th>Attributes</th>
<th>Default</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>deviceVendor</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="attributes">
&lt;optional><br>
</td>
<td class="default">
<code>'unknown'</code>
</td>
<td class="description last">The vendor of the system
that generated the event being reported</td>
</tr>
<tr>
<td class="name"><code>deviceProduct</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="attributes">
&lt;optional><br>
</td>
<td class="default">
<code>'unknown'</code>
</td>
<td class="description last">The product name of the
system that genrated the event being reported</td>
</tr>
<tr>
<td class="name"><code>deviceVersion</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="attributes">
&lt;optional><br>
</td>
<td class="default">
<code>'unknown'</code>
</td>
<td class="description last">The version name of the
system that genrated the event being reported</td>
</tr>
<tr>
<td class="name"><code>deviceEventClassId</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="attributes">
&lt;optional><br>
</td>
<td class="default">
<code>'unknown'</code>
</td>
<td class="description last">The eventId of the
system that genrated the event being reported</td>
</tr>
<tr>
<td class="name"><code>name</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="attributes">
&lt;optional><br>
</td>
<td class="default">
<code>'unknown'</code>
</td>
<td class="description last">Name of the service generating
the notice</td>
</tr>
<tr>
<td class="name"><code>severity</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="attributes">
&lt;optional><br>
</td>
<td class="default">
<code>'unknown'</code>
</td>
<td class="description last">Severity of the notification</td>
</tr>
<tr>
<td class="name"><code>extensions</code></td>
<td class="type">
<span class="param-type">string</span>
</td>
<td class="attributes">
&lt;optional><br>
</td>
<td class="default">
<code>{}</code>
</td>
<td class="description last">Any CEF Key=Value extensions</td>
</tr>
<tr>
<td class="name"><code>server</code></td>
<td class="type">
<span class="param-type">Syslog</span>
</td>
<td class="attributes">
&lt;optional><br>
</td>
<td class="default">
<code>false</code>
</td>
<td class="description last">A <a href="module-SyslogPro-Syslog.html"> Syslog server connection</a> that should be used to send messages directly
from this class. @see SyslogPro~Syslog</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<h5>Requires:</h5>
<ul>
<li>module:moment</li>
</ul>
</div>
<h3 class="subsection-title">Requires</h3>
<ul>
<li>module:moment</li>
</ul>
<h3 class="subsection-title">Members</h3>
<h4 class="name" id="constructor__"><span class="type-signature">(private) </span>constructor__<span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line1891">line 1891</a>
</li></ul></dd>
</dl>
<h4 class="name" id="deviceEventClassId"><span class="type-signature"></span>deviceEventClassId<span class="type-signature"> :string</span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line1900">line 1900</a>
</li></ul></dd>
</dl>
<h5>Type:</h5>
<ul>
<li>
<span class="param-type">string</span>
</li>
</ul>
<h4 class="name" id="deviceProduct"><span class="type-signature"></span>deviceProduct<span class="type-signature"> :string</span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line1896">line 1896</a>
</li></ul></dd>
</dl>
<h5>Type:</h5>
<ul>
<li>
<span class="param-type">string</span>
</li>
</ul>
<h4 class="name" id="deviceVendor"><span class="type-signature"></span>deviceVendor<span class="type-signature"> :string</span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line1894">line 1894</a>
</li></ul></dd>
</dl>
<h5>Type:</h5>
<ul>
<li>
<span class="param-type">string</span>
</li>
</ul>
<h4 class="name" id="deviceVersion"><span class="type-signature"></span>deviceVersion<span class="type-signature"> :string</span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line1898">line 1898</a>
</li></ul></dd>
</dl>
<h5>Type:</h5>
<ul>
<li>
<span class="param-type">string</span>
</li>
</ul>
<h4 class="name" id="extensions"><span class="type-signature"></span>extensions<span class="type-signature"> :object</span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line1906">line 1906</a>
</li></ul></dd>
</dl>
<h5>Type:</h5>
<ul>
<li>
<span class="param-type">object</span>
</li>
</ul>
<h4 class="name" id="name"><span class="type-signature"></span>name<span class="type-signature"> :string</span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line1902">line 1902</a>
</li></ul></dd>
</dl>
<h5>Type:</h5>
<ul>
<li>
<span class="param-type">string</span>
</li>
</ul>
<h4 class="name" id="server"><span class="type-signature">(private) </span>server<span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line2068">line 2068</a>
</li></ul></dd>
</dl>
<h4 class="name" id="severity"><span class="type-signature"></span>severity<span class="type-signature"> :string</span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line1904">line 1904</a>
</li></ul></dd>
</dl>
<h5>Type:</h5>
<ul>
<li>
<span class="param-type">string</span>
</li>
</ul>
<h3 class="subsection-title">Methods</h3>
<h4 class="name" id="buildMessage"><span class="type-signature"></span>buildMessage<span class="signature">()</span><span class="type-signature"> &rarr; {Promise}</span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line2308">line 2308</a>
</li></ul></dd>
</dl>
<div class="description">
Build a CEF formated string
</div>
<h5>Returns:</h5>
<div class="param-desc">
- String with formated message
</div>
<dl class="param-type">
<dt>
Type
</dt>
<dd>
<span class="param-type">Promise</span>
</dd>
</dl>
<h4 class="name" id="send"><span class="type-signature"></span>send<span class="signature">(options<span class="signature-attributes">opt</span>)</span><span class="type-signature"></span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line2335">line 2335</a>
</li></ul></dd>
</dl>
<h5>Parameters:</h5>
<table class="params">
<thead>
<tr>
<th>Name</th>
<th>Type</th>
<th>Attributes</th>
<th>Default</th>
<th class="last">Description</th>
</tr>
</thead>
<tbody>
<tr>
<td class="name"><code>options</code></td>
<td class="type">
<span class="param-type">Syslog</span>
</td>
<td class="attributes">
&lt;optional><br>
</td>
<td class="default">
<code>false</code>
</td>
<td class="description last">A <a href="module-SyslogPro-Syslog.html"> Syslog server connection</a> that should be used to send messages directly
from this class. @see SyslogPro~Syslog</td>
</tr>
</tbody>
</table>
<h4 class="name" id="validate"><span class="type-signature"></span>validate<span class="signature">()</span><span class="type-signature"> &rarr; {Promise}</span></h4>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source"><ul class="dummy"><li>
<a href="index.js.html">index.js</a>, <a href="index.js.html#line2080">line 2080</a>
</li></ul></dd>
</dl>
<div class="description">
Validate this CEF object
</div>
<h5>Throws:</h5>
<dl>
<dt>
<div class="param-desc">
- First element to fail validation
</div>
</dt>
<dd></dd>
<dt>
<dl class="param-type">
<dt>
Type
</dt>
<dd>
<span class="param-type">Error</span>
</dd>
</dl>
</dt>
<dd></dd>
</dl>
<h5>Returns:</h5>
<div class="param-desc">
- True if validated
</div>
<dl class="param-type">
<dt>
Type
</dt>
<dd>
<span class="param-type">Promise</span>
</dd>
</dl>
</article>
</section>
</div>
<br class="clear">
<footer>
Documentation generated by <a href="https://github.com/jsdoc3/jsdoc">JSDoc 3.5.5</a> on Tue Sep 25 2018 19:11:53 GMT+0000 (Coordinated Universal Time) using the <a href="https://github.com/clenemt/docdash">docdash</a> theme.
</footer>
<script>prettyPrint();</script>
<script src="scripts/linenumber.js"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink