mirror of
https://github.com/misskey-dev/SyslogPro.git
synced 2025-04-29 02:37:18 +09:00
3714 lines
246 KiB
HTML
3714 lines
246 KiB
HTML
<!DOCTYPE html>
|
||
|
||
<html>
|
||
<head>
|
||
<title>index.js</title>
|
||
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
|
||
<meta name="viewport" content="width=device-width, target-densitydpi=160dpi, initial-scale=1.0; maximum-scale=1.0; user-scalable=0;">
|
||
<link rel="stylesheet" media="all" href="docco.css" />
|
||
</head>
|
||
<body>
|
||
<div id="container">
|
||
<div id="background"></div>
|
||
|
||
<ul class="sections">
|
||
|
||
<li id="title">
|
||
<div class="annotation">
|
||
<h1>index.js</h1>
|
||
</div>
|
||
</li>
|
||
|
||
|
||
|
||
<li id="section-1">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-1">¶</a>
|
||
</div>
|
||
<p>INDEX.JS</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre><span class="hljs-comment">/** Copyright (c) 2018 Craig Yamato */</span>
|
||
|
||
<span class="hljs-comment">/**
|
||
* @fileoverview The SyslogPro module for sending syslog messages
|
||
* Most APIs will return a promise. These APIs can be used using
|
||
* `then(...)/catch(...)`
|
||
*
|
||
* Syslog formatting classes can be used as input into a Syslog class to be used
|
||
* simultaneously to the same Syslog server. The Syslog Class with a configured
|
||
* Syslog server target can also be used as the input into each of the
|
||
* formatting classes so that they may run independently.
|
||
* @author Craig Yamato <craig@kentik.com>
|
||
* @copyright (c) 2018 - Craig Yamato
|
||
* @version 0.1.0
|
||
* @exports Syslog
|
||
* @exports LEEF
|
||
* @exports CEF
|
||
* @module SyslogPro
|
||
*/</span>
|
||
<span class="hljs-meta">'use strict'</span>;
|
||
<span class="hljs-keyword">const</span> moment = <span class="hljs-built_in">require</span>(<span class="hljs-string">'moment'</span>);
|
||
<span class="hljs-keyword">const</span> os = <span class="hljs-built_in">require</span>(<span class="hljs-string">'os'</span>);
|
||
<span class="hljs-keyword">const</span> dns = <span class="hljs-built_in">require</span>(<span class="hljs-string">'dns'</span>);
|
||
<span class="hljs-keyword">let</span> dnsPromises = dns.promises;
|
||
<span class="hljs-keyword">const</span> fs = <span class="hljs-built_in">require</span>(<span class="hljs-string">'fs'</span>);
|
||
|
||
<span class="hljs-comment">/**
|
||
* Format the ANSI foreground color code from a RGB hex code or ANSI color code
|
||
* @private
|
||
* @param {string} hex - The color hex code in the form of #FFFFFF or Number of
|
||
* the ANSI color code (30-37 Standard & 0-255 Extended)
|
||
* @returns {Promise} - The formatted ANSI color code
|
||
* @throws {Error} - A Format Error
|
||
*/</span>
|
||
<span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">rgbToAnsi</span>(<span class="hljs-params">hex,
|
||
extendedColor</span>) </span>{
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">let</span> colorCode = <span class="hljs-number">0</span>; <span class="hljs-comment">// Var to hold color code</span></pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-2">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-2">¶</a>
|
||
</div>
|
||
<p>Break HEX Code up into RGB</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">const</span> hexParts = <span class="hljs-regexp">/^#?([a-f\d]{2})([a-f\d]{2})([a-f\d]{2})$/i</span>.exec(hex);
|
||
<span class="hljs-keyword">if</span> (hexParts || <span class="hljs-keyword">typeof</span> hex === <span class="hljs-string">'number'</span>) {
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> hex === <span class="hljs-string">'number'</span>) {
|
||
<span class="hljs-keyword">if</span> (extendedColor && hex < <span class="hljs-number">256</span>) {
|
||
resolve(hex);
|
||
} <span class="hljs-keyword">else</span> <span class="hljs-keyword">if</span> ((hex > <span class="hljs-number">29</span> && hex < <span class="hljs-number">38</span>) || (hex > <span class="hljs-number">89</span> && hex < <span class="hljs-number">98</span>)) {
|
||
resolve(hex);
|
||
} <span class="hljs-keyword">else</span> {
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(<span class="hljs-string">'FORMAT ERROR: Color code not in range'</span>));
|
||
}
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">const</span> r = <span class="hljs-built_in">parseInt</span>(hexParts[<span class="hljs-number">1</span>], <span class="hljs-number">16</span>);
|
||
<span class="hljs-keyword">const</span> g = <span class="hljs-built_in">parseInt</span>(hexParts[<span class="hljs-number">2</span>], <span class="hljs-number">16</span>);
|
||
<span class="hljs-keyword">const</span> b = <span class="hljs-built_in">parseInt</span>(hexParts[<span class="hljs-number">3</span>], <span class="hljs-number">16</span>);
|
||
<span class="hljs-keyword">if</span> (extendedColor) {
|
||
<span class="hljs-keyword">if</span> (r === g && g === b) {</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-3">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-3">¶</a>
|
||
</div>
|
||
<p>Gray Scale Color</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">if</span> (r < <span class="hljs-number">8</span>) {
|
||
colorCode = <span class="hljs-number">16</span>;
|
||
} <span class="hljs-keyword">else</span> <span class="hljs-keyword">if</span> (r > <span class="hljs-number">248</span>) {
|
||
colorCode = <span class="hljs-number">231</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
colorCode = <span class="hljs-built_in">Math</span>.round(((r - <span class="hljs-number">8</span>) / <span class="hljs-number">247</span>) * <span class="hljs-number">24</span>) + <span class="hljs-number">232</span>;
|
||
}
|
||
} <span class="hljs-keyword">else</span> {
|
||
colorCode = <span class="hljs-number">16</span>
|
||
+ (<span class="hljs-number">36</span> * <span class="hljs-built_in">Math</span>.round(r / <span class="hljs-number">255</span> * <span class="hljs-number">5</span>))
|
||
+ (<span class="hljs-number">6</span> * <span class="hljs-built_in">Math</span>.round(g / <span class="hljs-number">255</span> * <span class="hljs-number">5</span>))
|
||
+ <span class="hljs-built_in">Math</span>.round(b / <span class="hljs-number">255</span> * <span class="hljs-number">5</span>);
|
||
}
|
||
} <span class="hljs-keyword">else</span> {
|
||
colorCode = <span class="hljs-number">30</span>;
|
||
<span class="hljs-keyword">const</span> red = r / <span class="hljs-number">255</span>;
|
||
<span class="hljs-keyword">const</span> green = g / <span class="hljs-number">255</span>;
|
||
<span class="hljs-keyword">const</span> blue = b / <span class="hljs-number">255</span>;
|
||
<span class="hljs-keyword">let</span> v = <span class="hljs-built_in">Math</span>.max(red, green, blue) * <span class="hljs-number">100</span>;
|
||
v = <span class="hljs-built_in">Math</span>.round(v / <span class="hljs-number">50</span>);
|
||
<span class="hljs-keyword">if</span> (v === <span class="hljs-number">1</span>) {
|
||
colorCode += ((<span class="hljs-built_in">Math</span>.round(b / <span class="hljs-number">255</span>) << <span class="hljs-number">2</span>)
|
||
| (<span class="hljs-built_in">Math</span>.round(g / <span class="hljs-number">255</span>) << <span class="hljs-number">1</span>)
|
||
| <span class="hljs-built_in">Math</span>.round(r / <span class="hljs-number">255</span>));
|
||
}
|
||
<span class="hljs-keyword">if</span> (v === <span class="hljs-number">2</span>) {
|
||
colorCode += <span class="hljs-number">60</span>;
|
||
}
|
||
}
|
||
}
|
||
resolve(colorCode);
|
||
<span class="hljs-keyword">return</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(<span class="hljs-string">'TYPE ERROR: Not in RGB color hex or color code'</span>));
|
||
<span class="hljs-keyword">return</span>;
|
||
}
|
||
});
|
||
}
|
||
|
||
<span class="hljs-comment">/**
|
||
* A class to work with syslog messages using UDP, TCP, or TLS transport.
|
||
* There is support for Syslog message formatting RFC-3164, RFC-5424 including
|
||
* Structured Data, IBM LEEF (Log Event Extended Format), and HP CEF (Common
|
||
* Event Format).
|
||
* Syslog formatting classes can be used as input into a Syslog class to be used
|
||
* simultaneously to the same Syslog server. *
|
||
* @requires moment
|
||
* @version 0.0.0
|
||
* @since 0.0.0
|
||
*/</span>
|
||
<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">Syslog</span> </span>{
|
||
<span class="hljs-comment">/**
|
||
* Construct a new Syslog transport object with user options
|
||
* @public
|
||
* @version 0.0.0
|
||
* @since 0.0.0
|
||
* @this Syslog
|
||
* @param {object} [options] - Options object
|
||
* >>>Transport Configuration
|
||
* @param {string} [options.target='localhost'] - The IP Address|FQDN of the
|
||
* Syslog Server, this option if set will take presidents over any target
|
||
* set in a formatting object
|
||
* @param {string} [options.protocol='udp'] - L4 transport protocol
|
||
* (udp|tcp|tls), this option if set will take presidents over any
|
||
* transport set in a formatting object
|
||
* @param {number} [options.port=514] - IP port, this option if set will take
|
||
* presidents over any IP Port set in a formatting object
|
||
* @param {number} [options.tcpTimeout=10000] - Ignored for all other
|
||
* transports, this option if set will take presidents over any timeout
|
||
* set in a formatting object
|
||
* @param {string[]} [options.tlsServerCerts] - Array of authorized TLS server
|
||
* certificates file locations, this option if set will take presidents
|
||
* over any certificates set in a formatting object
|
||
* @param {string} [options.tlsClientCert] - Client TLS certificate file
|
||
* location that this client should use, this option if set will take
|
||
* presidents over any certificates set in a formatting object
|
||
* @param {string} [options.tlsClientKey] - Client TLS key file
|
||
* location that this client should use, this option if set will take
|
||
* presidents over any certificates set in a formatting object
|
||
* >>>Syslog Format Settings
|
||
* @param {string} [options.format='none'] - Valid syslog format options for
|
||
* this module are 'none', 'rfc3164', 'rfc5424', 'leef', 'cef'
|
||
* @param {RFC3164} [options.rfc5424] - {@link module:SyslogPro~RFC5424|
|
||
* RFC5424 related settings}
|
||
* @param {RFC5424} [options.rfc5424] - {@link module:SyslogPro~RFC5424|
|
||
* RFC5424 related settings}
|
||
* @param {LEEF} [options.leef] - {@link module:SyslogPro~LEEF|IBM LEEF
|
||
* (Log Event Extended Format) object}
|
||
* @param {CEF} [options.cef] - {@link module:SyslogPro~CEF|HP CEF
|
||
* (Common Event Format) formatting object}
|
||
*/</span>
|
||
<span class="hljs-keyword">constructor</span>(options) {
|
||
<span class="hljs-keyword">this</span>.constructor__ = <span class="hljs-literal">true</span>;
|
||
<span class="hljs-keyword">if</span> (!options) {
|
||
options = {};
|
||
}</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-4">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-4">¶</a>
|
||
</div>
|
||
<p>Basic transport setup</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.target = options.target || <span class="hljs-string">'localhost'</span>;
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.protocol = options.protocol || <span class="hljs-string">'udp'</span>;
|
||
<span class="hljs-keyword">this</span>.protocol = <span class="hljs-keyword">this</span>.protocol.toLowerCase();
|
||
<span class="hljs-comment">/** @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.port = options.port || <span class="hljs-number">514</span>;
|
||
<span class="hljs-comment">/** @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.tcpTimeout = options.tcpTimeout || <span class="hljs-number">10000</span>;
|
||
<span class="hljs-keyword">if</span> ((<span class="hljs-keyword">typeof</span> options.tlsServerCerts === <span class="hljs-string">'object'</span>
|
||
&& <span class="hljs-built_in">Array</span>.isArray(options.tlsServerCerts))
|
||
|| <span class="hljs-keyword">typeof</span> options.tlsServerCerts === <span class="hljs-string">'string'</span>) {
|
||
<span class="hljs-keyword">this</span>.addTlsServerCerts(options.tlsServerCerts);
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-comment">/** @type {string[]} */</span>
|
||
<span class="hljs-keyword">this</span>.tlsServerCerts = [];
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.tlsClientCert) {
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.tlsClientCert = options.tlsClientCert;
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.tlsClientKey) {
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.tlsClientKey = options.tlsClientKey;
|
||
}</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-5">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-5">¶</a>
|
||
</div>
|
||
<p>Syslog Format</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> options.format === <span class="hljs-string">'string'</span>) {
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.format = options.format.toLowerCase();
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.format = options.format || <span class="hljs-string">'none'</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.rfc3164) {
|
||
<span class="hljs-keyword">if</span> (options.rfc3164.constructor__) {
|
||
<span class="hljs-comment">/** @type {RFC3164} */</span>
|
||
<span class="hljs-keyword">this</span>.rfc3164 = options.rfc3164;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.rfc3164 = <span class="hljs-keyword">new</span> RFC3164(options);
|
||
}
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.rfc5424) {
|
||
<span class="hljs-keyword">if</span> (options.rfc5424.constructor__) {
|
||
<span class="hljs-comment">/** @type {RFC5424} */</span>
|
||
<span class="hljs-keyword">this</span>.rfc5424 = options.rfc5424;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.rfc5424 = <span class="hljs-keyword">new</span> RFC5424(options);
|
||
}
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.leef) {
|
||
<span class="hljs-keyword">if</span> (options.leef.constructor__) {
|
||
<span class="hljs-comment">/** @type {LEEF} */</span>
|
||
<span class="hljs-keyword">this</span>.leef = options.leef;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.leef = <span class="hljs-keyword">new</span> LEEF(options);
|
||
}
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.cef) {
|
||
<span class="hljs-keyword">if</span> (options.cef.constructor__) {
|
||
<span class="hljs-comment">/** @type {CEF} */</span>
|
||
<span class="hljs-keyword">this</span>.cef = options.cef;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.cef = <span class="hljs-keyword">new</span> CEF(options);
|
||
}
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.format === <span class="hljs-string">'rfc3164'</span> && !<span class="hljs-keyword">this</span>.rfc3164) {
|
||
<span class="hljs-keyword">this</span>.rfc3164 = <span class="hljs-keyword">new</span> RFC3164();
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.format === <span class="hljs-string">'rfc5424'</span> && !<span class="hljs-keyword">this</span>.rfc5424) {
|
||
<span class="hljs-keyword">this</span>.rfc5424 = <span class="hljs-keyword">new</span> RFC5424();
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.format === <span class="hljs-string">'leef'</span> && !<span class="hljs-keyword">this</span>.leef) {
|
||
<span class="hljs-keyword">this</span>.leef = <span class="hljs-keyword">new</span> LEEF();
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.format === <span class="hljs-string">'cef'</span> && !<span class="hljs-keyword">this</span>.cef) {
|
||
<span class="hljs-keyword">this</span>.cef = <span class="hljs-keyword">new</span> CEF();
|
||
}
|
||
}
|
||
|
||
<span class="hljs-comment">/**
|
||
* Add a TLS server certificate which can be used to authenticate the server
|
||
* this syslog client is connecting too. This function will validate the
|
||
* input as a file location string and add it to an array of certificates
|
||
* @private
|
||
* @version 0.0.0
|
||
* @since 0.0.0
|
||
* @param {string|string[]} certs - File location of the certificate(s)
|
||
* @returns {Promise} - True
|
||
* @throws {Error} - A Type Error
|
||
*/</span>
|
||
addTlsServerCerts(certs) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> certs === <span class="hljs-string">'object'</span> && <span class="hljs-built_in">Array</span>.isArray(certs)) {
|
||
<span class="hljs-comment">/** @private @type {string[]} */</span>
|
||
<span class="hljs-keyword">this</span>.tlsServerCerts = certs;
|
||
} <span class="hljs-keyword">else</span> <span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> certs === <span class="hljs-string">'string'</span>) {
|
||
<span class="hljs-keyword">this</span>.tlsServerCerts = [certs];
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">let</span> errMsg =
|
||
<span class="hljs-string">'TYPE ERROR: Server Cert file locations should be a string'</span>;
|
||
errMsg += <span class="hljs-string">' or array of strings'</span>;
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(errMsg));
|
||
}
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send the Syslog message over UDP
|
||
* @private
|
||
* @param {string} msg - The formatted Syslog Message
|
||
* @returns {Promise} - The Syslog formatted string sent
|
||
* @throws {Error} - Network Error
|
||
*/</span>
|
||
udpMessage(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-6">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-6">¶</a>
|
||
</div>
|
||
<p>Test for target DNS and Address Family (IPv4/6) by looking up the DNS</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">const</span> dgram = <span class="hljs-built_in">require</span>(<span class="hljs-string">'dgram'</span>);
|
||
<span class="hljs-keyword">const</span> dnsOptions = {
|
||
<span class="hljs-attr">verbatim</span>: <span class="hljs-literal">true</span>,
|
||
};
|
||
dnsPromises.lookup(<span class="hljs-keyword">this</span>.target, dnsOptions)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">const</span> udpType = result.family === <span class="hljs-number">4</span> ? <span class="hljs-string">'udp4'</span> : <span class="hljs-string">'udp6'</span>;
|
||
<span class="hljs-keyword">let</span> client = dgram.createSocket(udpType);</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-7">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-7">¶</a>
|
||
</div>
|
||
<p>Turn msg in to a UTF8 buffer</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">let</span> msgBuffer = Buffer.from(msg, <span class="hljs-string">'utf8'</span>);
|
||
client.send(msgBuffer, <span class="hljs-keyword">this</span>.port, <span class="hljs-keyword">this</span>.target, () => {
|
||
client.close();
|
||
resolve(msg);
|
||
});
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">error</span>) =></span> {
|
||
reject(error); <span class="hljs-comment">// Reject out of the sendMessage function promise</span>
|
||
});
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send the Syslog message over TCP
|
||
* @private
|
||
* @param {string} msg - The formatted Syslog Message
|
||
* @returns {Promise} - The Syslog formatted string sent
|
||
* @throws {Error} - Timeout error for TCP and TLS connections
|
||
* @throws {Error} - Network Error
|
||
*/</span>
|
||
tcpMessage(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">const</span> net = <span class="hljs-built_in">require</span>(<span class="hljs-string">'net'</span>);
|
||
<span class="hljs-keyword">const</span> dnsOptions = {
|
||
<span class="hljs-attr">verbatim</span>: <span class="hljs-literal">true</span>,
|
||
};
|
||
dnsPromises.lookup(<span class="hljs-keyword">this</span>.target, dnsOptions)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">const</span> tcpOptions = {
|
||
<span class="hljs-attr">host</span>: <span class="hljs-keyword">this</span>.target,
|
||
<span class="hljs-attr">port</span>: <span class="hljs-keyword">this</span>.port,
|
||
<span class="hljs-attr">family</span>: result.family,
|
||
};
|
||
<span class="hljs-keyword">const</span> client = net.createConnection(tcpOptions, () => {</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-8">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-8">¶</a>
|
||
</div>
|
||
<p>Turn msg in to a UTF8 buffer</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">let</span> msgBuffer = Buffer.from(msg, <span class="hljs-string">'utf8'</span>);
|
||
client.write(msgBuffer, () => {
|
||
client.end();
|
||
});
|
||
});
|
||
client.setTimeout(<span class="hljs-keyword">this</span>.tcpTimeout);
|
||
client.on(<span class="hljs-string">'end'</span>, () => {
|
||
resolve(msg);
|
||
});
|
||
client.on(<span class="hljs-string">'timeout'</span>, () => {
|
||
client.end();
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(<span class="hljs-string">'TIMEOUT ERROR: Syslog server TCP timeout'</span>));
|
||
});
|
||
client.on(<span class="hljs-string">'error'</span>, (error) => {
|
||
client.destroy();
|
||
reject(error);
|
||
});
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">error</span>) =></span> {
|
||
reject(error);
|
||
});
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send the Syslog message over TLS
|
||
* @private
|
||
* @param {string} msg - The formatted Syslog Message
|
||
* @returns {Promise} - The Syslog formatted string sent
|
||
* @throws {Error} - Timeout error for TCP and TLS connections
|
||
* @throws {Error} - Network Error
|
||
*/</span>
|
||
tlsMessage(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">const</span> tls = <span class="hljs-built_in">require</span>(<span class="hljs-string">'tls'</span>);
|
||
<span class="hljs-keyword">const</span> tlsOptions = {
|
||
<span class="hljs-attr">host</span>: <span class="hljs-keyword">this</span>.target,
|
||
<span class="hljs-attr">port</span>: <span class="hljs-keyword">this</span>.port,
|
||
};</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-9">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-9">¶</a>
|
||
</div>
|
||
<p>Load client cert and key if requested</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.tlsClientKey === <span class="hljs-string">'string'</span>
|
||
&& <span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.tlsClientCert === <span class="hljs-string">'string'</span>) {
|
||
tlsOptions.key = fs.readFileSync(<span class="hljs-keyword">this</span>.tlsClientKey);
|
||
tlsOptions.cert = fs.readFileSync(<span class="hljs-keyword">this</span>.tlsClientCert);
|
||
} <span class="hljs-keyword">else</span> <span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.tlsClientKey !== <span class="hljs-string">'string'</span>
|
||
&& <span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.tlsClientKey !== <span class="hljs-string">'undefined'</span>) {
|
||
<span class="hljs-keyword">let</span> errMsg = <span class="hljs-string">'TYPE ERROR: TLS Client Key is not a file'</span>;
|
||
errMsg += <span class="hljs-string">'location string'</span>;
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(errMsg));
|
||
<span class="hljs-keyword">return</span>;
|
||
} <span class="hljs-keyword">else</span> <span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.tlsClientCert !== <span class="hljs-string">'string'</span>
|
||
&& <span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.tlsClientCert !== <span class="hljs-string">'undefined'</span>) {
|
||
<span class="hljs-keyword">let</span> errMsg = <span class="hljs-string">'TYPE ERROR: TLS Client Cert is not a file'</span>;
|
||
errMsg += <span class="hljs-string">'location string'</span>;
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(errMsg));
|
||
<span class="hljs-keyword">return</span>;
|
||
}</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-10">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-10">¶</a>
|
||
</div>
|
||
<p>Load any server certs if provided</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">let</span> tlsCerts = <span class="hljs-keyword">this</span>.tlsServerCerts.length;
|
||
<span class="hljs-keyword">if</span> (tlsCerts > <span class="hljs-number">0</span>) {
|
||
<span class="hljs-keyword">let</span> tlsOptionsCerts = [];
|
||
<span class="hljs-keyword">for</span> (<span class="hljs-keyword">let</span> certIndex = <span class="hljs-number">0</span>; certIndex < tlsCerts; certIndex++) {
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.tlsServerCerts[certIndex] !== <span class="hljs-string">'string'</span>) {
|
||
<span class="hljs-keyword">let</span> errMsg = <span class="hljs-string">'TYPE ERROR: TLS Server Cert is not a file'</span>;
|
||
errMsg += <span class="hljs-string">'location string'</span>;
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(errMsg));
|
||
}
|
||
<span class="hljs-keyword">let</span> cert = fs.readFileSync(<span class="hljs-keyword">this</span>.tlsServerCerts[certIndex]);
|
||
tlsOptionsCerts.push(cert);
|
||
}
|
||
tlsOptions.ca = tlsOptionsCerts;
|
||
tlsOptions.rejectUnauthorized = <span class="hljs-literal">true</span>;
|
||
}
|
||
<span class="hljs-keyword">const</span> client = tls.connect(tlsOptions, () => {</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-11">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-11">¶</a>
|
||
</div>
|
||
<p>Turn msg in to a UTF8 buffer</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">let</span> msgBuffer = Buffer.from(msg, <span class="hljs-string">'utf8'</span>);
|
||
client.write(msgBuffer, () => {
|
||
client.end();
|
||
});
|
||
});
|
||
client.setTimeout(<span class="hljs-keyword">this</span>.tcpTimeout);
|
||
client.on(<span class="hljs-string">'end'</span>, () => {
|
||
resolve(msg);
|
||
});
|
||
client.on(<span class="hljs-string">'timeout'</span>, () => {
|
||
client.end();
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(<span class="hljs-string">'TIMEOUT ERROR: Syslog server TLS timeout'</span>));
|
||
});
|
||
client.on(<span class="hljs-string">'error'</span>, (error) => {
|
||
client.destroy();
|
||
reject(error);
|
||
});
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send the Syslog message to the selected target Syslog server using the
|
||
* selected transport.
|
||
* @private
|
||
* @param {string} msg - The formatted Syslog Message
|
||
* @returns {Promise} - The Syslog formatted string sent
|
||
* @throws {Error} - Timeout error for TCP and TLS connections
|
||
* @throws {Error} - Network Error
|
||
*/</span>
|
||
send(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> msg !== <span class="hljs-string">'string'</span>) {
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(<span class="hljs-string">'TYPE ERROR: Syslog message must be a string'</span>));
|
||
<span class="hljs-keyword">return</span>;
|
||
}
|
||
<span class="hljs-keyword">this</span>.protocol = <span class="hljs-keyword">this</span>.protocol.toLowerCase();
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.protocol === <span class="hljs-string">'udp'</span>) {
|
||
<span class="hljs-keyword">this</span>.udpMessage(msg)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
resolve(result);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reject(reson);
|
||
});
|
||
} <span class="hljs-keyword">else</span> <span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.protocol === <span class="hljs-string">'tcp'</span>) {
|
||
<span class="hljs-keyword">this</span>.tcpMessage(msg)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
resolve(result);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reject(reson);
|
||
});
|
||
} <span class="hljs-keyword">else</span> <span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.protocol === <span class="hljs-string">'tls'</span>) {
|
||
<span class="hljs-keyword">this</span>.tlsMessage(msg)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
resolve(result);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reject(reson);
|
||
});
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">let</span> errorMsg = <span class="hljs-string">'FORMAT ERROR: Protocol not recognized, should be '</span>;
|
||
errorMsg += <span class="hljs-string">'udp|tcp|tls'</span>;
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(errorMsg));
|
||
}
|
||
});
|
||
}
|
||
}
|
||
|
||
<span class="hljs-comment">/**
|
||
* A class to work with RFC3164 formatted syslog messages. The messaging is
|
||
* fully configurable and ANSI foreground colors can be added. Both ANSI 8 and
|
||
* ANSI 256 color are fully supported. Most APIs will return a promise. These
|
||
* APIs can be used using `then(...)/catch(...)`
|
||
*
|
||
* A Syslog class with a configured
|
||
* Syslog server target can also be used as the input into the formatting
|
||
* classes so that it may run independently.
|
||
*
|
||
* The RFC3164 Syslog logging format is meant to be used as a stream of log data
|
||
* from a service or application. This class is designed to be used in this
|
||
* fashion where new messages are written to the class as needed.
|
||
* @requires moment
|
||
* @version 0.0.0
|
||
* @since 0.0.0
|
||
*/</span>
|
||
<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">RFC3164</span> </span>{
|
||
<span class="hljs-comment">/**
|
||
* Construct a new RFC3164 formatted Syslog object with user options
|
||
* @public
|
||
* @this RFC3164
|
||
* @param {object} [options] - Options object
|
||
* @param {string} [options.applicationName='NodeJSLogger'] - Application
|
||
* @param {string} [options.hostname=os.hostname] - The name of this server
|
||
* @param {number} [options.facility=23] - Facility code to use sending this
|
||
* message
|
||
* @param {boolean} [options.color=false] - Apply color coding encoding tag
|
||
* with syslog message text
|
||
* @param {boolean} [options.extendedColor=false] - Use the extended ANSI
|
||
* color set encoding tag with syslog message text
|
||
* @param {object} [options.colors] - User defended colors for
|
||
* severities
|
||
* @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in
|
||
* the form of #FFFFFF or as or the ANSI color code number (30-37 Standard
|
||
* & 0-255 Extended)
|
||
* @param {string} [options.colors.alertColor] - A RGB Hex coded color in the
|
||
* form of #FFFFFF or as or the ANSI color code number (30-37 Standard &
|
||
* 0-255 Extended)
|
||
* @param {string} [options.colors.criticalColor] - A RGB Hex coded color in
|
||
* the form of #FFFFFF or as or the ANSI color code number (30-37 Standard
|
||
* & 0-255 Extended)
|
||
* @param {string} [options.colors.errorColor] - A RGB Hex coded color in the
|
||
* form of #FFFFFF or as or the ANSI color code number (30-37 Standard &
|
||
* 0-255 Extended)
|
||
* @param {string} [options.colors.warningColor] - A RGB Hex coded color in
|
||
* the form of #FFFFFF or as or the ANSI color code number (30-37 Standard
|
||
* & 0-255 Extended)
|
||
* @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the
|
||
* form of #FFFFFF or as or the ANSI color code number (30-37 Standard &
|
||
* 0-255 Extended)
|
||
* @param {string} [options.colors.informationalColor] - A RGB Hex coded color
|
||
* in the form of #FFFFFF or as or the ANSI color code number (30-37
|
||
* Standard & 0-255 Extended)
|
||
* @param {string} [options.colors.debugColor] - A RGB Hex coded color in the
|
||
* form of #FFFFFF or as or the ANSI color code number (30-37 Standard &
|
||
* 0-255 Extended)
|
||
* @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog|
|
||
* Syslog server connection} that should be used to send messages directly
|
||
* from this class. @see SyslogPro~Syslog
|
||
*/</span>
|
||
<span class="hljs-keyword">constructor</span>(options) {
|
||
<span class="hljs-comment">/** @private @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.constructor__ = <span class="hljs-literal">true</span>;
|
||
options = options || {};
|
||
<span class="hljs-keyword">this</span>.hostname = options.hostname || os.hostname();
|
||
<span class="hljs-keyword">this</span>.applicationName = options.applicationName || <span class="hljs-string">''</span>;
|
||
<span class="hljs-keyword">this</span>.facility = options.facility || <span class="hljs-number">23</span>;
|
||
<span class="hljs-keyword">if</span> (options.color) {
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.color = <span class="hljs-literal">true</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.color = <span class="hljs-literal">false</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.extendedColor) {
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.extendedColor = <span class="hljs-literal">true</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.extendedColor = <span class="hljs-literal">false</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.server) {
|
||
<span class="hljs-keyword">if</span> (!options.server.constructor__) {
|
||
<span class="hljs-comment">/** @private @type {Syslog} */</span>
|
||
<span class="hljs-keyword">this</span>.server = <span class="hljs-keyword">new</span> Syslog(options.server);
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.server = options.server;
|
||
}
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.extendedColor) {
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.emergencyColor = <span class="hljs-number">1</span>; <span class="hljs-comment">// Red foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.alertColor = <span class="hljs-number">202</span>; <span class="hljs-comment">// Dark Orange foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.criticalColor = <span class="hljs-number">208</span>; <span class="hljs-comment">// Orange foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.errorColor = <span class="hljs-number">178</span>; <span class="hljs-comment">// Light Orange foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.warningColor = <span class="hljs-number">226</span>; <span class="hljs-comment">// Yellow foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.noticeColor = <span class="hljs-number">117</span>; <span class="hljs-comment">// Light Blue foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.informationalColor = <span class="hljs-number">45</span>; <span class="hljs-comment">// Blue foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.debugColor = <span class="hljs-number">27</span>; <span class="hljs-comment">// Dark Blue foreground color</span>
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.emergencyColor = <span class="hljs-number">31</span>; <span class="hljs-comment">// Red foreground color</span>
|
||
<span class="hljs-keyword">this</span>.alertColor = <span class="hljs-number">31</span>; <span class="hljs-comment">// Red foreground color</span>
|
||
<span class="hljs-keyword">this</span>.criticalColor = <span class="hljs-number">31</span>; <span class="hljs-comment">// Red foreground color</span>
|
||
<span class="hljs-keyword">this</span>.errorColor = <span class="hljs-number">33</span>; <span class="hljs-comment">// Yellow foreground color</span>
|
||
<span class="hljs-keyword">this</span>.warningColor = <span class="hljs-number">33</span>; <span class="hljs-comment">// Yellow foreground color</span>
|
||
<span class="hljs-keyword">this</span>.noticeColor = <span class="hljs-number">36</span>; <span class="hljs-comment">// Blue foreground color</span>
|
||
<span class="hljs-keyword">this</span>.informationalColor = <span class="hljs-number">36</span>; <span class="hljs-comment">// Blue foreground color</span>
|
||
<span class="hljs-keyword">this</span>.debugColor = <span class="hljs-number">34</span>; <span class="hljs-comment">// Dark Blue foreground color</span>
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> options.colors === <span class="hljs-string">'object'</span>) {
|
||
<span class="hljs-keyword">this</span>.setColor(options.colors, <span class="hljs-keyword">this</span>.extendedColor);
|
||
}
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Sets the color to be used for messages at a set priority
|
||
* @public
|
||
* @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.alertColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.criticalColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.errorColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.warningColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.noticeColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.informationalColor] - A RGB Hex coded color in the
|
||
* form of #FFFFFF or as or the ANSI color code number (30-37 Standard &
|
||
* 0-255 Extended)
|
||
* @param {string} [colors.debugColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @throws {Error} A standard error object
|
||
*/</span>
|
||
setColor(colors, extendedColor) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">let</span> colorPromises = [];
|
||
<span class="hljs-keyword">if</span> (colors.emergencyColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.emergencyColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.emergencyColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'emergencyColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.alertColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.alertColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.alertColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'alertColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.criticalColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.criticalColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.criticalColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'criticalColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.errorColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.errorColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.errorColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'errorColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.warningColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.warningColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.warningColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'warningColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.noticeColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.noticeColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.noticeColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'noticeColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.informationalColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.informationalColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.informationalColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'informationalColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.debugColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.debugColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.debugColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'debugColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-built_in">Promise</span>.all(colorPromises)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">results</span>) =></span> {
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reject(reson);
|
||
});
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Building a formatted message. Returns a promise with a formatted message
|
||
* @public
|
||
* @param {string} msg - The Syslog Message
|
||
* @param {object} [options] - Options object
|
||
* @param {number} [options.severity=7] - An array of structure
|
||
* @param {number} [options.colorCode=36] - The ANSI color code to use if
|
||
* message coloration is selected
|
||
* @returns {Promise} A Syslog formatted string according to the selected RFC
|
||
* @throws {Error} A standard error object
|
||
*/</span>
|
||
buildMessage(msg, options) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
options = options || {};
|
||
<span class="hljs-keyword">let</span> severity = <span class="hljs-keyword">typeof</span> options.severity === <span class="hljs-string">'number'</span> ?
|
||
options.severity : <span class="hljs-number">6</span>;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> msg !== <span class="hljs-string">'string'</span> || options.msgSeverity > <span class="hljs-number">7</span>) {
|
||
<span class="hljs-keyword">let</span> errMsg = <span class="hljs-string">'FORMAT ERROR: Syslog message must be a string'</span>;
|
||
errMsg += <span class="hljs-string">' msgSeverity must be a number between 0 and 7'</span>;
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(errMsg));
|
||
<span class="hljs-keyword">return</span>;
|
||
}
|
||
<span class="hljs-keyword">let</span> fmtMsg = <span class="hljs-string">''</span>; <span class="hljs-comment">// Formatted Syslog message string var</span>
|
||
<span class="hljs-keyword">const</span> newLine = <span class="hljs-string">'\n'</span>;
|
||
<span class="hljs-keyword">const</span> newLineRegEx = <span class="hljs-regexp">/(\r|\n|(\r\n))/</span>;
|
||
<span class="hljs-keyword">const</span> escapeCode = <span class="hljs-string">'\u001B'</span>;
|
||
<span class="hljs-keyword">const</span> resetColor = <span class="hljs-string">'\u001B[0m'</span>;</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-12">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-12">¶</a>
|
||
</div>
|
||
<p>The PRI is common to both RFC formats</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">const</span> pri = (<span class="hljs-keyword">this</span>.facility * <span class="hljs-number">8</span>) + severity;</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-13">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-13">¶</a>
|
||
</div>
|
||
<p>Remove any newline character</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> msg = msg.replace(newLineRegEx, <span class="hljs-string">''</span>);</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-14">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-14">¶</a>
|
||
</div>
|
||
<p>Add requested color</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.color) {
|
||
options.msgColor = options.msgColor || <span class="hljs-number">36</span>;
|
||
<span class="hljs-keyword">let</span> colorCode = <span class="hljs-string">'['</span>;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.extendedColor) {
|
||
colorCode += <span class="hljs-string">'38;5;'</span>; <span class="hljs-comment">// Extended 256 Colors ANSI Code</span>
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> options.msgColor === <span class="hljs-string">'number'</span>) {
|
||
colorCode += options.msgColor;
|
||
colorCode += <span class="hljs-string">'m'</span>; <span class="hljs-comment">// ANSI Color Closer</span>
|
||
} <span class="hljs-keyword">else</span> {
|
||
colorCode = <span class="hljs-string">'[39m'</span>; <span class="hljs-comment">// Use terminal's default color</span>
|
||
}
|
||
msg = escapeCode + colorCode + msg + resetColor;
|
||
}</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-15">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-15">¶</a>
|
||
</div>
|
||
<p>RegEx to find a leading 0 in the day of a DateTime for RFC3164 RFC3164
|
||
uses BSD timeformat</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">const</span> rfc3164DateRegEx =
|
||
<span class="hljs-regexp">/((A|D|F|J|M|N|O|S)(a|c|e|p|o|u)(b|c|g|l|n|p|r|t|v|y)\s)0(\d\s\d\d:\d\d:\d\d)/</span>;
|
||
<span class="hljs-keyword">const</span> timestamp = moment()
|
||
.format(<span class="hljs-string">'MMM DD hh:mm:ss'</span>)
|
||
.replace(rfc3164DateRegEx, <span class="hljs-string">'$1 $5'</span>);</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-16">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-16">¶</a>
|
||
</div>
|
||
<p>Build message</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> fmtMsg = <span class="hljs-string">'<'</span> + pri + <span class="hljs-string">'>'</span>;
|
||
fmtMsg += timestamp;
|
||
fmtMsg += <span class="hljs-string">' '</span> + <span class="hljs-keyword">this</span>.hostname;
|
||
fmtMsg += <span class="hljs-string">' '</span> + <span class="hljs-keyword">this</span>.applicationName;
|
||
fmtMsg += <span class="hljs-string">' '</span> + msg;
|
||
fmtMsg += newLine;
|
||
resolve(fmtMsg);
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* send a RFC5424 formatted message. Returns a promise with the formatted
|
||
* message that was sent. If no server connection was defined when the
|
||
* class was created a default Syslog connector will be used.
|
||
* @see SyslogPro~Syslog
|
||
* @public
|
||
* @param {string} msg - The unformatted Syslog message to send
|
||
* @param {object} [options] - Options object
|
||
* @param {number} [options.severity=7] - An array of structure
|
||
* @param {number} [options.colorCode=36] - The ANSI color code to use if
|
||
* @returns {Promise} A Syslog formatted string according to the selected RFC
|
||
* @throws {Error} A standard error object
|
||
*/</span>
|
||
send(msg, options) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">if</span> (!<span class="hljs-keyword">this</span>.server) {
|
||
<span class="hljs-keyword">this</span>.server = <span class="hljs-keyword">new</span> Syslog();
|
||
}
|
||
<span class="hljs-keyword">this</span>.buildMessage(msg, options)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.server.send(result)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">sendResult</span>) =></span> {
|
||
resolve(sendResult);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">error</span>) =></span> {
|
||
reject(error);
|
||
});
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">error</span>) =></span> {
|
||
reject(error);
|
||
});
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a security level of 0 (Emergency)
|
||
* @public
|
||
* @param {string} msg - The emergency message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
emergency(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">0</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.emergencyColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a security level of 0 (Emergency)
|
||
* @public
|
||
* @param {string} msg - The emergency message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
emer(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.emergency(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 1 (Alert)
|
||
* @public
|
||
* @param {string} msg - The alert message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
alert(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">1</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.alertColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 2 (Critical)
|
||
* @public
|
||
* @param {string} msg - The critical message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
critical(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">2</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.criticalColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 2 (Critical)
|
||
* @public
|
||
* @param {string} msg - The critical message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
crit(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.critical(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 3 (Error)
|
||
* @public
|
||
* @param {string} msg - The error message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
error(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">3</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.errorColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 3 (Error)
|
||
* @public
|
||
* @param {string} msg - The error message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
err(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.error(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 4 (Warning)
|
||
* @public
|
||
* @param {string} msg - The warning message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
warning(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">4</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.warningColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 4 (Warning)
|
||
* @public
|
||
* @param {string} msg - The warning message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
warn(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.warning(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 5 (Notice)
|
||
* @public
|
||
* @param {string} msg - The notice message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
notice(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">5</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.noticeColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 5 (Notice)
|
||
* @public
|
||
* @param {string} msg - The notice message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
note(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.notice(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 6 (Informational)
|
||
* @public
|
||
* @param {string} msg - The informational message to send to the Syslog
|
||
* server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
informational(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">6</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.informationalColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 6 (Informational)
|
||
* @public
|
||
* @param {string} msg - The informational message to send to the Syslog
|
||
* server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
info(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.informational(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 6 (Informational)
|
||
* @public
|
||
* @param {string} msg - The informational message to send to the Syslog
|
||
* server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
log(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.informational(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 7 (Debug)
|
||
* @public
|
||
* @param {string} msg - The debug message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
debug(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">7</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.debugColor,
|
||
});
|
||
}
|
||
}
|
||
|
||
<span class="hljs-comment">/**
|
||
* A class to work with RFC5424 formatted syslog messages. The messaging is
|
||
* fully configurable and ANSI foreground * colors can be added. Both ANSI 8
|
||
* and ANSI 256 color are fully supported.
|
||
*Most APIs will return a promise. These APIs can be used using
|
||
* `then(...)/catch(...)`
|
||
*
|
||
* A Syslog class with a configured
|
||
* Syslog server target can also be used as the input into the formatting
|
||
* classes so that it may run independently.
|
||
*
|
||
* The RFC5424 Syslog logging format is meant to be used as a stream of log data
|
||
* from a service or application. This class is designed to be used in this
|
||
* fashion where new messages are written to the class as needed.
|
||
* @requires moment
|
||
* @version 0.0.0
|
||
* @since 0.0.0
|
||
*/</span>
|
||
<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">RFC5424</span> </span>{
|
||
<span class="hljs-comment">/**
|
||
* Construct a new RFC5424 formatted Syslog object with user options
|
||
* @public
|
||
* @this RFC5424
|
||
* @param {object} [options] - Options object
|
||
* @param {string} [options.applicationName='NodeJSLogger'] - Application
|
||
* @param {string} [options.hostname=os.hostname] - The name of this server
|
||
* @param {boolean} [options.timestamp=false] - Included a Timestamp
|
||
* @param {boolean} [options.timestampUTC=false] - RFC standard is for
|
||
* local time
|
||
* @param {boolean} [options.timestampMS=false] - Timestamp with ms
|
||
* resolution
|
||
* @param {boolean} [options.timestampTZ=true] - Should the timestamp
|
||
* included time zone
|
||
* @param {boolean} [options.encludeStructuredData=false] - Included
|
||
* any provided structured data
|
||
* @param {boolean} [options.utf8BOM=true] - Included the UTF8
|
||
* @param {boolean} [options.color=false] - Included the UTF8
|
||
* @param {boolean} [options.extendedColor=false] - Included the UTF8
|
||
* encoding tag with syslog message text
|
||
* @param {object} [options.colors] - User defended colors for
|
||
* severities
|
||
* @param {string} [options.colors.emergencyColor] - A RGB Hex coded color in
|
||
* the form of #FFFFFF or as or the ANSI color code number (30-37 Standard
|
||
* & 0-255 Extended)
|
||
* @param {string} [options.colors.alertColor] - A RGB Hex coded color in the
|
||
* form of #FFFFFF or as or the ANSI color code number (30-37 Standard &
|
||
* 0-255 Extended)
|
||
* @param {string} [options.colors.criticalColor] - A RGB Hex coded color in
|
||
* the form of #FFFFFF or as or the ANSI color code number (30-37 Standard
|
||
* & 0-255 Extended)
|
||
* @param {string} [options.colors.errorColor] - A RGB Hex coded color in the
|
||
* form of #FFFFFF or as or the ANSI color code number (30-37 Standard &
|
||
* 0-255 Extended)
|
||
* @param {string} [options.colors.warningColor] - A RGB Hex coded color in
|
||
* the form of #FFFFFF or as or the ANSI color code number (30-37 Standard
|
||
* & 0-255 Extended)
|
||
* @param {string} [options.colors.noticeColor] - A RGB Hex coded color in the
|
||
* form of #FFFFFF or as or the ANSI color code number (30-37 Standard &
|
||
* 0-255 Extended)
|
||
* @param {string} [options.colors.informationalColor] - A RGB Hex coded color
|
||
* in the form of #FFFFFF or as or the ANSI color code number (30-37
|
||
* Standard & 0-255 Extended)
|
||
* @param {string} [options.colors.debugColor] - A RGB Hex coded color in the
|
||
* form of #FFFFFF or as or the ANSI color code number (30-37 Standard &
|
||
* 0-255 Extended)
|
||
* @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog|
|
||
* Syslog server connection} that should be used to send messages directly
|
||
* from this class. @see SyslogPro~Syslog
|
||
*/</span>
|
||
<span class="hljs-keyword">constructor</span>(options) {
|
||
<span class="hljs-comment">/** @private @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.constructor__ = <span class="hljs-literal">true</span>;
|
||
options = options || {};
|
||
<span class="hljs-keyword">this</span>.hostname = options.hostname || os.hostname();
|
||
<span class="hljs-keyword">this</span>.applicationName = options.applicationName || <span class="hljs-string">''</span>;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> options.timestamp === <span class="hljs-string">'undefined'</span> || options.timestamp) {
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.timestamp = <span class="hljs-literal">true</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.timestamp = <span class="hljs-literal">false</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.timestampUTC) {
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.timestampUTC = <span class="hljs-literal">true</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.timestampUTC = <span class="hljs-literal">false</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> options.timestampTZ === <span class="hljs-string">'undefined'</span> || options.timestampTZ) {
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.timestampTZ = <span class="hljs-literal">true</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.timestampTZ = <span class="hljs-literal">false</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.timestampMS) {
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.timestampMS = <span class="hljs-literal">true</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.timestampMS = <span class="hljs-literal">false</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.encludeStructuredData) {
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.encludeStructuredData = <span class="hljs-literal">true</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.encludeStructuredData = <span class="hljs-literal">false</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> options.utf8BOM === <span class="hljs-string">'undefined'</span> || options.utf8BOM) {
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.utf8BOM = <span class="hljs-literal">true</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.utf8BOM = <span class="hljs-literal">false</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.color) {
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.color = <span class="hljs-literal">true</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.color = <span class="hljs-literal">false</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.extendedColor) {
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.extendedColor = <span class="hljs-literal">true</span>;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.extendedColor = <span class="hljs-literal">false</span>;
|
||
}
|
||
<span class="hljs-keyword">if</span> (options.server) {
|
||
<span class="hljs-keyword">if</span> (!options.server.constructor__) {
|
||
<span class="hljs-comment">/** @private @type {Syslog} */</span>
|
||
<span class="hljs-keyword">this</span>.server = <span class="hljs-keyword">new</span> Syslog(options.server);
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.server = options.server;
|
||
}
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.extendedColor) {
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.emergencyColor = <span class="hljs-number">1</span>; <span class="hljs-comment">// Red foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.alertColor = <span class="hljs-number">202</span>; <span class="hljs-comment">// Dark Orange foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.criticalColor = <span class="hljs-number">208</span>; <span class="hljs-comment">// Orange foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.errorColor = <span class="hljs-number">178</span>; <span class="hljs-comment">// Light Orange foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.warningColor = <span class="hljs-number">226</span>; <span class="hljs-comment">// Yellow foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.noticeColor = <span class="hljs-number">117</span>; <span class="hljs-comment">// Light Blue foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.informationalColor = <span class="hljs-number">45</span>; <span class="hljs-comment">// Blue foreground color</span>
|
||
<span class="hljs-comment">/** @private @type {number} */</span>
|
||
<span class="hljs-keyword">this</span>.debugColor = <span class="hljs-number">27</span>; <span class="hljs-comment">// Dark Blue foreground color</span>
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.emergencyColor = <span class="hljs-number">31</span>; <span class="hljs-comment">// Red foreground color</span>
|
||
<span class="hljs-keyword">this</span>.alertColor = <span class="hljs-number">31</span>; <span class="hljs-comment">// Red foreground color</span>
|
||
<span class="hljs-keyword">this</span>.criticalColor = <span class="hljs-number">31</span>; <span class="hljs-comment">// Red foreground color</span>
|
||
<span class="hljs-keyword">this</span>.errorColor = <span class="hljs-number">33</span>; <span class="hljs-comment">// Yellow foreground color</span>
|
||
<span class="hljs-keyword">this</span>.warningColor = <span class="hljs-number">33</span>; <span class="hljs-comment">// Yellow foreground color</span>
|
||
<span class="hljs-keyword">this</span>.noticeColor = <span class="hljs-number">36</span>; <span class="hljs-comment">// Blue foreground color</span>
|
||
<span class="hljs-keyword">this</span>.informationalColor = <span class="hljs-number">36</span>; <span class="hljs-comment">// Blue foreground color</span>
|
||
<span class="hljs-keyword">this</span>.debugColor = <span class="hljs-number">34</span>; <span class="hljs-comment">// Dark Blue foreground color</span>
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> options.colors === <span class="hljs-string">'object'</span>) {
|
||
<span class="hljs-keyword">this</span>.setColor(options.colors, <span class="hljs-keyword">this</span>.extendedColor);
|
||
}
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Sets the color to be used for messages at a set priority
|
||
* @public
|
||
* @param {string} [colors.emergencyColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.alertColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.criticalColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.errorColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.warningColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.noticeColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @param {string} [colors.informationalColor] - A RGB Hex coded color in the
|
||
* form of #FFFFFF or as or the ANSI color code number (30-37 Standard &
|
||
* 0-255 Extended)
|
||
* @param {string} [colors.debugColor] - A RGB Hex coded color in the form
|
||
* of #FFFFFF or as or the ANSI color code number (30-37 Standard & 0-255
|
||
* Extended)
|
||
* @throws {Error} A standard error object
|
||
*/</span>
|
||
setColor(colors, extendedColor) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">let</span> colorPromises = [];
|
||
<span class="hljs-keyword">if</span> (colors.emergencyColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.emergencyColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.emergencyColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'emergencyColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.alertColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.alertColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.alertColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'alertColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.criticalColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.criticalColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.criticalColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'criticalColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.errorColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.errorColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.errorColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'errorColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.warningColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.warningColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.warningColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'warningColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.noticeColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.noticeColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.noticeColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'noticeColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.informationalColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.informationalColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.informationalColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'informationalColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-keyword">if</span> (colors.debugColor) {
|
||
colorPromises.push(
|
||
<span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
rgbToAnsi(colors.debugColor, <span class="hljs-keyword">this</span>.extendedColor)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.debugColor = result;
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reson.message = <span class="hljs-string">'TYPE ERROR: '</span>;
|
||
reson.message += <span class="hljs-string">'debugColor'</span>;
|
||
reson.message += <span class="hljs-string">' Not in RGB color hex or color code'</span>;
|
||
reject(reson);
|
||
});
|
||
}));
|
||
}
|
||
<span class="hljs-built_in">Promise</span>.all(colorPromises)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">results</span>) =></span> {
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reject(reson);
|
||
});
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Building a formatted message. Returns a promise with a formatted message
|
||
* @public
|
||
* @param {string} msg - The Syslog Message
|
||
* @param {object} [options] - Options object
|
||
* @param {number} [options.severity=7] - An array of structure
|
||
* @param {number} [options.facility=23] - Facility code to use sending this
|
||
* message
|
||
* @param {string} [options.pid='-'] - The process id of the service sending
|
||
* this message
|
||
* @param {string[]} [options.structuredData] - An array of structure
|
||
* data strings conforming to the IETF/IANA defined SD-IDs or IANA
|
||
* registered SMI Network Management Private Enterprise Code SD-ID
|
||
* conforming to the format
|
||
* [name@<private enterprise number> parameter=value]
|
||
* @param {number} [options.colorCode=36] - The ANSI color code to use if
|
||
* message coloration is selected
|
||
* @returns {Promise} A Syslog formatted string according to the selected RFC
|
||
* @throws {Error} A standard error object
|
||
*/</span>
|
||
buildMessage(msg, options) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
options = options || {};
|
||
<span class="hljs-keyword">let</span> severity = <span class="hljs-keyword">typeof</span> options.severity === <span class="hljs-string">'number'</span> ?
|
||
options.severity : <span class="hljs-number">6</span>;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> msg !== <span class="hljs-string">'string'</span> || options.severity > <span class="hljs-number">7</span>) {
|
||
<span class="hljs-keyword">let</span> errMsg = <span class="hljs-string">'FORMAT ERROR: Syslog message must be a string'</span>;
|
||
errMsg += <span class="hljs-string">' msgSeverity must be a number between 0 and 7'</span>;
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(errMsg));
|
||
<span class="hljs-keyword">return</span>;
|
||
}
|
||
<span class="hljs-keyword">let</span> facility = options.facility || <span class="hljs-number">23</span>;
|
||
<span class="hljs-keyword">let</span> pid = options.pid || <span class="hljs-string">'-'</span>;
|
||
<span class="hljs-keyword">let</span> id = options.id || <span class="hljs-string">'-'</span>;
|
||
<span class="hljs-keyword">let</span> msgStructuredData = options.msgStructuredData || [];
|
||
<span class="hljs-keyword">let</span> fmtMsg = <span class="hljs-string">''</span>; <span class="hljs-comment">// Formated Syslog message string var</span>
|
||
<span class="hljs-keyword">const</span> newLine = <span class="hljs-string">'\n'</span>;
|
||
<span class="hljs-keyword">const</span> newLineRegEx = <span class="hljs-regexp">/(\r|\n|(\r\n))/</span>;
|
||
<span class="hljs-keyword">const</span> escapeCode = <span class="hljs-string">'\u001B'</span>;
|
||
<span class="hljs-keyword">const</span> resetColor = <span class="hljs-string">'\u001B[0m'</span>;</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-17">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-17">¶</a>
|
||
</div>
|
||
<p>The PRI is common to both RFC formats</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">const</span> pri = (facility * <span class="hljs-number">8</span>) + severity;</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-18">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-18">¶</a>
|
||
</div>
|
||
<p>Remove any newline character</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> msg = msg.replace(newLineRegEx, <span class="hljs-string">''</span>);</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-19">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-19">¶</a>
|
||
</div>
|
||
<p>Add requested color</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.color) {
|
||
options.msgColor = options.msgColor || <span class="hljs-number">36</span>;
|
||
<span class="hljs-keyword">let</span> colorCode = <span class="hljs-string">'['</span>;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.extendedColor) {
|
||
colorCode += <span class="hljs-string">'38;5;'</span>; <span class="hljs-comment">// Extended 256 Colors ANSI Code</span>
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> options.msgColor === <span class="hljs-string">'number'</span>) {
|
||
colorCode += options.msgColor;
|
||
colorCode += <span class="hljs-string">'m'</span>; <span class="hljs-comment">// ANSI Color Closer</span>
|
||
} <span class="hljs-keyword">else</span> {
|
||
colorCode = <span class="hljs-string">'[39m'</span>; <span class="hljs-comment">// Use terminal's default color</span>
|
||
}
|
||
msg = escapeCode + colorCode + msg + resetColor;
|
||
}</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-20">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-20">¶</a>
|
||
</div>
|
||
<p>RFC5424 timestamp formating</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">let</span> timestamp = <span class="hljs-string">'-'</span>;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.timestamp) {
|
||
<span class="hljs-keyword">let</span> timeQuality = <span class="hljs-string">'[timeQuality'</span>;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.timestampUTC) {
|
||
timeQuality += <span class="hljs-string">' tzKnown=1'</span>;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.timestampMS) {
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.timestampTZ) {
|
||
timestamp = moment().utc().format(<span class="hljs-string">'YYYY-MM-DDThh:mm:ss.SSSSSSZ'</span>);
|
||
} <span class="hljs-keyword">else</span> {
|
||
timestamp = moment().utc().format(<span class="hljs-string">'YYYY-MM-DDThh:mm:ss.SSSSSS'</span>);
|
||
}
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.timestampTZ) {
|
||
timestamp = moment().utc().format(<span class="hljs-string">'YYYY-MM-DDThh:mm:ssZ'</span>);
|
||
} <span class="hljs-keyword">else</span> {
|
||
timestamp = moment().utc().format(<span class="hljs-string">'YYYY-MM-DDThh:mm:ss'</span>);
|
||
}
|
||
}
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.timestampTZ) {
|
||
timeQuality += <span class="hljs-string">' tzKnown=1'</span>;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.timestampMS) {
|
||
timeQuality += <span class="hljs-string">' isSynced=1'</span>;
|
||
timeQuality += <span class="hljs-string">' syncAccuracy=0'</span>;
|
||
timestamp = moment().format(<span class="hljs-string">'YYYY-MM-DDThh:mm:ss.SSSSSSZ'</span>);
|
||
} <span class="hljs-keyword">else</span> {
|
||
timestamp = moment().format(<span class="hljs-string">'YYYY-MM-DDThh:mm:ssZ'</span>);
|
||
}
|
||
} <span class="hljs-keyword">else</span> {
|
||
timeQuality += <span class="hljs-string">' tzKnown=0'</span>;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.timestampMS) {
|
||
timeQuality += <span class="hljs-string">' isSynced=1'</span>;
|
||
timeQuality += <span class="hljs-string">' syncAccuracy=0'</span>;
|
||
timestamp = moment().format(<span class="hljs-string">'YYYY-MM-DDThh:mm:ss.SSSSSS'</span>);
|
||
} <span class="hljs-keyword">else</span> {
|
||
timestamp = moment().format(<span class="hljs-string">'YYYY-MM-DDThh:mm:ss'</span>);
|
||
}
|
||
}
|
||
}
|
||
timeQuality += <span class="hljs-string">']'</span>;
|
||
msgStructuredData.push(timeQuality);
|
||
}</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-21">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-21">¶</a>
|
||
</div>
|
||
<p>Build Structured Data string</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">let</span> structuredData = <span class="hljs-string">'-'</span>;
|
||
<span class="hljs-keyword">const</span> sdElementCount = msgStructuredData.length;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.encludeStructuredData && sdElementCount > <span class="hljs-number">0</span>) {
|
||
<span class="hljs-keyword">let</span> sdElementNames = [];
|
||
<span class="hljs-keyword">let</span> sdElements = [];
|
||
<span class="hljs-keyword">const</span> sdElementNameRegEx = <span class="hljs-regexp">/(\[)(\S*)(\s|\])/</span>;</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-22">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-22">¶</a>
|
||
</div>
|
||
<p>Loop to drop duplicates of the same SD Element name</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">for</span> (<span class="hljs-keyword">let</span> elementIndex = <span class="hljs-number">0</span>;
|
||
elementIndex < sdElementCount;
|
||
elementIndex++) {
|
||
<span class="hljs-keyword">let</span> elementName =
|
||
msgStructuredData[elementIndex]
|
||
.match(sdElementNameRegEx)[<span class="hljs-number">2</span>];
|
||
<span class="hljs-keyword">if</span> (!sdElementNames.includes(elementName)) {
|
||
sdElementNames.push(elementName);
|
||
sdElements.push(msgStructuredData[elementIndex]);
|
||
}
|
||
}
|
||
structuredData = sdElements.join(<span class="hljs-string">''</span>);
|
||
}</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-23">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-23">¶</a>
|
||
</div>
|
||
<p>Build the message</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> fmtMsg = <span class="hljs-string">'<'</span> + pri + <span class="hljs-string">'>'</span>;
|
||
fmtMsg += <span class="hljs-string">'1'</span>; <span class="hljs-comment">// Version number</span>
|
||
fmtMsg += <span class="hljs-string">' '</span> + timestamp;
|
||
fmtMsg += <span class="hljs-string">' '</span> + <span class="hljs-keyword">this</span>.hostname;
|
||
fmtMsg += <span class="hljs-string">' '</span> + <span class="hljs-keyword">this</span>.applicationName;
|
||
fmtMsg += <span class="hljs-string">' '</span> + pid;
|
||
fmtMsg += <span class="hljs-string">' '</span> + id;
|
||
fmtMsg += <span class="hljs-string">' '</span> + structuredData;
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.utf8BOM) {
|
||
fmtMsg += <span class="hljs-string">' BOM'</span> + msg;
|
||
} <span class="hljs-keyword">else</span> {
|
||
fmtMsg += <span class="hljs-string">' '</span> + msg;
|
||
}
|
||
fmtMsg += newLine;
|
||
resolve(fmtMsg);
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* send a RFC5424 formatted message. Returns a promise with the formatted
|
||
* message that was sent. If no server connection was defined when the
|
||
* class was created a default Syslog connector will be used.
|
||
* @see SyslogPro~Syslog
|
||
* @public
|
||
* @param {string} msg - The unformatted Syslog message to send
|
||
* @returns {Promise} A Syslog formatted string according to the selected RFC
|
||
* @throws {Error} A standard error object
|
||
*/</span>
|
||
send(msg, options) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">if</span> (!<span class="hljs-keyword">this</span>.server) {
|
||
<span class="hljs-keyword">this</span>.server = <span class="hljs-keyword">new</span> Syslog();
|
||
}
|
||
<span class="hljs-keyword">this</span>.buildMessage(msg, options)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.server.send(result)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">sendResult</span>) =></span> {
|
||
resolve(sendResult);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">error</span>) =></span> {
|
||
reject(error);
|
||
});
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">error</span>) =></span> {
|
||
reject(error);
|
||
});
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 0 (Emergency)
|
||
* @public
|
||
* @param {string} msg - The emergency message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
emergency(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">0</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.emergencyColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 0 (Emergency)
|
||
* @public
|
||
* @param {string} msg - The emergency message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
emer(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.emergency(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 1 (Alert)
|
||
* @public
|
||
* @param {string} msg - The alert message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
alert(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">1</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.alertColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 2 (Critical)
|
||
* @public
|
||
* @param {string} msg - The critical message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
critical(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">2</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.criticalColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 2 (Critical)
|
||
* @public
|
||
* @param {string} msg - The critical message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
crit(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.critical(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 3 (Error)
|
||
* @public
|
||
* @param {string} msg - The error message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
error(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">3</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.errorColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 3 (Error)
|
||
* @public
|
||
* @param {string} msg - The error message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
err(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.error(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 4 (Warning)
|
||
* @public
|
||
* @param {string} msg - The warning message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
warning(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">4</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.warningColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 4 (Warning)
|
||
* @public
|
||
* @param {string} msg - The warning message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
warn(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.warning(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 5 (Notice)
|
||
* @public
|
||
* @param {string} msg - The notice message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
notice(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">5</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.noticeColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 5 (Notice)
|
||
* @public
|
||
* @param {string} msg - The notice message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
note(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.notice(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 6 (Informational)
|
||
* @public
|
||
* @param {string} msg - The informational message to send to the Syslog
|
||
* server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
informational(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">6</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.informationalColor,
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 6 (Informational)
|
||
* @public
|
||
* @param {string} msg - The informational message to send to the Syslog
|
||
* server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
info(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.informational(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 6 (Informational)
|
||
* @public
|
||
* @param {string} msg - The informational message to send to the Syslog
|
||
* server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
log(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.informational(msg);
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Send a syslog message with a severity level of 7 (Debug)
|
||
* @public
|
||
* @param {string} msg - The debug message to send to the Syslog server
|
||
* @returns {Promise} - The formatted syslog message sent to the Syslog server
|
||
* @throws {Error} - Any bubbled-up error
|
||
*/</span>
|
||
debug(msg) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">this</span>.send(msg, {
|
||
<span class="hljs-attr">severity</span>: <span class="hljs-number">7</span>,
|
||
<span class="hljs-attr">colorCode</span>: <span class="hljs-keyword">this</span>.debugColor,
|
||
});
|
||
}
|
||
}
|
||
|
||
<span class="hljs-comment">/**
|
||
* A class to work with IBM LEEF (Log Event Extended Format) messages this form
|
||
* of system messages are designed to work with security systems. Messages can
|
||
* be saved to file (Saving to file if not part of this module but a LEEF
|
||
* formatted message produced by this module can be saved externally to it) or
|
||
* sent via Syslog.
|
||
* Most APIs will return a promise. These APIs can be used using
|
||
* `then(...)/catch(...)`
|
||
*
|
||
* A Syslog class with a configured Syslog server target can also be used as
|
||
* the input into the formatting classes so that it may run independently. The
|
||
* LEEF format is designed to send event data to a SIEM system and should not
|
||
* be as a logging stream. This class is meant to be used once per message.
|
||
* @requires moment
|
||
* @version 0.0.0
|
||
* @since 0.0.0
|
||
*/</span>
|
||
<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">LEEF</span> </span>{
|
||
<span class="hljs-comment">/**
|
||
* Construct a new LEEF formatting object with user options
|
||
* @public
|
||
* @param {object} [options] - Options object
|
||
* @param {string} [options.vendor='unknown'] - The vendor of the system that
|
||
* generated the event being reported
|
||
* @param {string} [options.product='unknown'] - The product name of the
|
||
* system that genrated the event being reported
|
||
* @param {string} [options.version='unknown'] - The version name of the
|
||
* system that genrated the event being reported
|
||
* @param {string} [options.eventId='unknown'] - The eventId of the
|
||
* system that genrated the event being reported
|
||
* @param {object} [options.attributes] - LEEF message attributes which
|
||
* defaults to all base attributes with null values, new attributes should
|
||
* be added as new elements to this object
|
||
* @param {boolean} [options.syslogHeader='true'] - Should the LEEF message
|
||
* include a Syslog header with Timestamp and source
|
||
* @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog|
|
||
* Syslog server connection} that should be used to send messages directly
|
||
* from this class. @see SyslogPro~Syslog
|
||
*/</span>
|
||
<span class="hljs-keyword">constructor</span>(options) {
|
||
<span class="hljs-comment">/** @private @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.constructor__ = <span class="hljs-literal">true</span>;
|
||
options = options || {};
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.vendor = options.vendor || <span class="hljs-string">'unknown'</span>;
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.product = options.product || <span class="hljs-string">'unknown'</span>;
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.version = options.version || <span class="hljs-string">'unknown'</span>;
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.eventId = options.eventId || <span class="hljs-string">'unknown'</span>;
|
||
<span class="hljs-comment">/** @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.syslogHeader = <span class="hljs-keyword">typeof</span> options.syslogHeader === <span class="hljs-string">'boolean'</span>
|
||
? options.syslogHeader : <span class="hljs-literal">true</span>;
|
||
<span class="hljs-comment">/** @type {object} */</span>
|
||
<span class="hljs-keyword">this</span>.attributes = options.attributes || {
|
||
<span class="hljs-attr">cat</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">devTime</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">devTimeFormat</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">proto</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sev</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">src</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">dst</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">srcPort</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">dstPort</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">srcPreNAT</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">dstPreNAT</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">srcPostNAT</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">dstPostNAT</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">usrName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">srcMAC</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">dstMAC</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">srcPreNATPort</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">dstPreNATPort</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">srcPostNATPort</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">dstPostNATPort</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">identSrc</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">identHostName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">identNetBios</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">identGrpName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">identMAC</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">vSrc</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">vSrcName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">accountName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">srcBytes</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">dstBytes</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">srcPackets</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">dstPackets</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">totalPackets</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">role</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">realm</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">policy</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">resource</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">url</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">groupID</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">domain</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">isLoginEvent</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">isLogoutEvent</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">identSecondlp</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">calLanguage</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">AttributeLimits</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">calCountryOrRegion</span>: <span class="hljs-literal">null</span>,
|
||
};
|
||
<span class="hljs-keyword">if</span> (options.server) {
|
||
<span class="hljs-keyword">if</span> (options.server.constructor__) {
|
||
<span class="hljs-comment">/** @private @type {Syslog} */</span>
|
||
<span class="hljs-keyword">this</span>.server = options.server;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.server = <span class="hljs-keyword">new</span> Syslog(options.server);
|
||
}
|
||
}
|
||
}
|
||
<span class="hljs-comment">/**
|
||
*Build a formatted message
|
||
* @public
|
||
* @return {Promise} - string with formatted message
|
||
*/</span>
|
||
buildMessage() {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">let</span> fmtMsg = <span class="hljs-string">'LEEF:2.0'</span>;
|
||
fmtMsg += <span class="hljs-string">'|'</span> + <span class="hljs-keyword">this</span>.vendor;
|
||
fmtMsg += <span class="hljs-string">'|'</span> + <span class="hljs-keyword">this</span>.product;
|
||
fmtMsg += <span class="hljs-string">'|'</span> + <span class="hljs-keyword">this</span>.version;
|
||
fmtMsg += <span class="hljs-string">'|'</span> + <span class="hljs-keyword">this</span>.eventId;
|
||
fmtMsg += <span class="hljs-string">'|'</span>;</pre></div></div>
|
||
|
||
</li>
|
||
|
||
|
||
<li id="section-24">
|
||
<div class="annotation">
|
||
|
||
<div class="pilwrap ">
|
||
<a class="pilcrow" href="#section-24">¶</a>
|
||
</div>
|
||
<p>Build LEEF Attributes</p>
|
||
|
||
</div>
|
||
|
||
<div class="content"><div class='highlight'><pre> <span class="hljs-keyword">const</span> Tab = <span class="hljs-string">'\x09'</span>;
|
||
<span class="hljs-keyword">const</span> leefAttribs = <span class="hljs-built_in">Object</span>.entries(<span class="hljs-keyword">this</span>.attributes);
|
||
<span class="hljs-keyword">const</span> leefAttribsLen = leefAttribs.length;
|
||
<span class="hljs-keyword">for</span> (<span class="hljs-keyword">let</span> attrib = <span class="hljs-number">0</span>; attrib < leefAttribsLen; attrib++) {
|
||
<span class="hljs-keyword">if</span> (leefAttribs[attrib][<span class="hljs-number">1</span>] !== <span class="hljs-literal">null</span>) {
|
||
fmtMsg += leefAttribs[attrib][<span class="hljs-number">0</span>] + <span class="hljs-string">'='</span> + leefAttribs[attrib][<span class="hljs-number">1</span>] + Tab;
|
||
}
|
||
}
|
||
resolve(fmtMsg);
|
||
});
|
||
}
|
||
|
||
<span class="hljs-comment">/**
|
||
* @public
|
||
* @param {Syslog} [options=false] - A {@link module:SyslogPro~Syslog|
|
||
* Syslog server connection} that should be used to send messages directly
|
||
* from this class. @see SyslogPro~Syslog
|
||
*/</span>
|
||
send(options) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">this</span>.buildMessage()
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">if</span> (!<span class="hljs-keyword">this</span>.server) {
|
||
<span class="hljs-keyword">this</span>.server = <span class="hljs-keyword">new</span> Syslog(options);
|
||
}
|
||
<span class="hljs-keyword">this</span>.server.send(result)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">sendResult</span>) =></span> {
|
||
resolve(sendResult);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reject(reson);
|
||
});
|
||
});
|
||
});
|
||
}
|
||
}
|
||
|
||
<span class="hljs-comment">/**
|
||
* A class to work with HP CEF (Common Event Format) messages. This form
|
||
* of system messages are designed to work with security systems. Messages can
|
||
* be saved to file (Saving to file if not part of this module but a CEF
|
||
* formatted message produced by this module can be saved externally to it) or
|
||
* sent via Syslog.
|
||
* Most APIs will return a promise. These APIs can be used using
|
||
* `then(...)/catch(...)`
|
||
*
|
||
* A Syslog class with a configured Syslog server target can also be used as
|
||
* the input into the formatting classes so that it may run independently. The
|
||
* CEF format is designed to send event data to a SIEM system and should not be
|
||
* as a logging stream. This class is meant to be used once per message.
|
||
* @requires moment
|
||
* @version 0.0.0
|
||
* @since 0.0.0
|
||
*/</span>
|
||
<span class="hljs-class"><span class="hljs-keyword">class</span> <span class="hljs-title">CEF</span> </span>{
|
||
<span class="hljs-comment">/**
|
||
* Construct a new CEF formatting object with user options
|
||
* @public
|
||
* @param {object} [options] - Options object
|
||
* @param {string} [options.deviceVendor='unknown'] - The vendor of the system
|
||
* that generated the event being reported
|
||
* @param {string} [options.deviceProduct='unknown'] - The product name of the
|
||
* system that genrated the event being reported
|
||
* @param {string} [options.deviceVersion='unknown'] - The version name of the
|
||
* system that genrated the event being reported
|
||
* @param {string} [options.deviceEventClassId='unknown'] - The eventId of the
|
||
* system that genrated the event being reported
|
||
* @param {string} [options.name='unknown'] - Name of the service generating
|
||
* the notice
|
||
* @param {string} [options.severity='unknown'] - Severity of the notification
|
||
* @param {string} [options.extensions={}] - Any CEF Key=Value extensions
|
||
* @param {Syslog} [options.server=false] - A {@link module:SyslogPro~Syslog|
|
||
* Syslog server connection} that should be used to send messages directly
|
||
* from this class. @see SyslogPro~Syslog
|
||
*/</span>
|
||
<span class="hljs-keyword">constructor</span>(options) {
|
||
<span class="hljs-comment">/** @private @type {boolean} */</span>
|
||
<span class="hljs-keyword">this</span>.constructor__ = <span class="hljs-literal">true</span>;
|
||
options = options || {};
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.deviceVendor = options.deviceVendor || <span class="hljs-string">'Unknown'</span>;
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.deviceProduct = options.deviceProduct || <span class="hljs-string">'Unknown'</span>;
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.deviceVersion = options.deviceVersion || <span class="hljs-string">'Unknown'</span>;
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.deviceEventClassId = options.deviceEventClassId || <span class="hljs-string">'Unknown'</span>;
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.name = options.name || <span class="hljs-string">'Unknown'</span>;
|
||
<span class="hljs-comment">/** @type {string} */</span>
|
||
<span class="hljs-keyword">this</span>.severity = options.severity || <span class="hljs-string">'Unknown'</span>;
|
||
<span class="hljs-comment">/** @type {object} */</span>
|
||
<span class="hljs-keyword">this</span>.extensions = options.extensions || {
|
||
<span class="hljs-attr">deviceAction</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">applicationProtocol</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomIPv6Address1</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'deviceCustomIPv6 Address1Label'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomIPv6Address3</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'deviceCustomIPv6Address3 Label'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'deviceCustomIPv6 Address4'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'deviceCustomIPv6 Address4Label'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceEventCategory</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomFloatingPoint1</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'deviceCustom FloatingPoint1Label'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomFloatingPoint2</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'deviceCustomFloatingPoint2 Label'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomFloatingPoint3</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'deviceCustom FloatingPoint3Label'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomFloatingPoint4</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'deviceCustom FloatingPoint4Label'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomNumber1</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomNumber1Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">DeviceCustomNumber2</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomNumber2Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomNumber3</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomNumber3Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">baseEventCount</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString1</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString1Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString2</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString2Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString3</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString3Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString4</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString4Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString5</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString5Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString6</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomString6Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationDnsDomain</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationServiceName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'destinationTranslated Address'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationTranslatedPort</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomDate1</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomDate1Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomDate2</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceCustomDate2Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceDirection</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceDnsDomain</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceExternalId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceFacility</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceInboundInterface</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceNtDomain</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceOutboundInterface</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">devicePayloadId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceProcessName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceTranslatedAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationHostName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationMacAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationNtDomain</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationProcessId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationUserPrivileges</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationProcessName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationPort</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceTimeZone</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationUserId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationUserName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceHostName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceMacAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceProcessId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">endTime</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">externalId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">fileCreateTime</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">fileHash</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">fileId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">fileModificationTime</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">filePath</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">filePermission</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">fileType</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">flexDate1</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">flexDate1Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">flexString1</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">flexString1Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">flexString2</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">flexString2Label</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">filename</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">fileSize</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">bytesIn</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">message</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">oldFileCreateTime</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">oldFileHash</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">oldFileId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">oldFileModificationTime</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">oldFileName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">oldFilePath</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">oldFileSize</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">oldFileType</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">bytesOut</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">eventOutcome</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">transportProtocol</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">Reason</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">requestUrl</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">requestClientApplication</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">requestContext</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">requestCookies</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">requestMethod</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceReceiptTime</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceHostName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceMacAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceNtDomain</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceDnsDomain</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceServiceName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceTranslatedAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceTranslatedPort</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceProcessId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceUserPrivileges</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceProcessName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourcePort</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">startTime</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceUserId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceUserName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentDnsDomain</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentNtDomain</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentTranslatedAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'agentTranslatedZone ExternalID'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentTranslatedZoneURI</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentZoneExternalID</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentZoneURI</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentHostName</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentMacAddress</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentReceiptTime</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentType</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentTimeZone</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">agentVersion</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">customerExternalID</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">customerURI</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'destinationTranslated ZoneExternalID'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'destinationTranslated ZoneURI'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationZoneExternalID</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationZoneURI</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'deviceTranslatedZone ExternalID'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceTranslatedZoneURI</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceZoneExternalID</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">deviceZoneURI</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationGeoLatitude</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">destinationGeoLongitude</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">eventId</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">rawEvent</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceGeoLatitude</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceGeoLongitude</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-string">'sourceTranslatedZone ExternalID'</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceTranslatedZoneURI</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceZoneExternalID</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">sourceZoneURI</span>: <span class="hljs-literal">null</span>,
|
||
};
|
||
<span class="hljs-keyword">if</span> (options.server) {
|
||
<span class="hljs-keyword">if</span> (options.server.constructor__) {
|
||
<span class="hljs-comment">/** @private @type {Syslog} */</span>
|
||
<span class="hljs-keyword">this</span>.server = options.server;
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">this</span>.server = <span class="hljs-keyword">new</span> Syslog(options.server);
|
||
}
|
||
}
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Validate this CEF object
|
||
* @public
|
||
* @return {Promise} - True if validated
|
||
* @throws {Error} - First element to fail validation
|
||
*/</span>
|
||
validate() {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>(<span class="hljs-function">(<span class="hljs-params">resolve, reject</span>) =></span> {
|
||
<span class="hljs-keyword">const</span> Extensions = {
|
||
<span class="hljs-attr">deviceAction</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'act'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">63</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Action taken by the device.'</span>,
|
||
},
|
||
<span class="hljs-attr">applicationProtocol</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'app'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">31</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Application level protocol, example values are HTTP, '</span> +
|
||
<span class="hljs-string">'HTTPS, SSHv2, Telnet, POP, IMPA, IMAPS, and so on.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomIPv6Address1</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'c6a1'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of four IPv6 address fields available to map '</span> +
|
||
<span class="hljs-string">'fields that do not apply to any other in this dictionary. '</span> +
|
||
<span class="hljs-string">'TIP: See the guidelines under “User-Defined Extensions” for '</span> +
|
||
<span class="hljs-string">'tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-string">'deviceCustomIPv6 Address1Label'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'c6a1Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomIPv6Address3</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'c6a3'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of four IPv6 address fields available to map '</span> +
|
||
<span class="hljs-string">'fields that do not apply to any other in this dictionary. '</span> +
|
||
<span class="hljs-string">'TIP: See the guidelines under “User-Defined Extensions” for '</span> +
|
||
<span class="hljs-string">'tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-string">'deviceCustomIPv6Address3 Label'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'c6a3Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-string">'deviceCustomIPv6 Address4'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'c6a4'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of four IPv6 address fields available to map '</span> +
|
||
<span class="hljs-string">'fields that do not apply to any other in this dictionary. '</span> +
|
||
<span class="hljs-string">'TIP: See the guidelines under “User-Defined Extensions” for '</span> +
|
||
<span class="hljs-string">'tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-string">'deviceCustomIPv6 Address4Label'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'C6a4Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceEventCategory</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cat'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Represents the category assigned by the originating '</span> +
|
||
<span class="hljs-string">'device. Devices often use their own categorization schema to '</span> +
|
||
<span class="hljs-string">'classify event. Example: “/Monitor/Disk/Read”'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomFloatingPoint1</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cfp1'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of four floating point fields available to map '</span> +
|
||
<span class="hljs-string">'fields that do not apply to any other in this dictionary.'</span>,
|
||
},
|
||
<span class="hljs-string">'deviceCustom FloatingPoint1Label'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cfp1Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomFloatingPoint2</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cfp2'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of four floating point fields available to map '</span> +
|
||
<span class="hljs-string">'fields that do not apply to any other in this dictionary.'</span>,
|
||
},
|
||
<span class="hljs-string">'deviceCustomFloatingPoint2 Label'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cfp2Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomFloatingPoint3</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cfp3'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of four floating point fields available to map '</span> +
|
||
<span class="hljs-string">'fields that do not apply to any other in this dictionary.'</span>,
|
||
},
|
||
<span class="hljs-string">'deviceCustom FloatingPoint3Label'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cfp3Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomFloatingPoint4</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cfp4'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of four floating point fields available to map '</span> +
|
||
<span class="hljs-string">'fields that do not apply to any other in this dictionary.'</span>,
|
||
},
|
||
<span class="hljs-string">'deviceCustom FloatingPoint4Label'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cfp4Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomNumber1</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cn1'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of three number fields available to map fields '</span> +
|
||
<span class="hljs-string">'that do not apply to any other in this dictionary. Use '</span> +
|
||
<span class="hljs-string">'sparingly and seek a more specific dictionary supplied field '</span> +
|
||
<span class="hljs-string">'when possible.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomNumber1Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cn1Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">DeviceCustomNumber2</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cn2'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of three number fields available to map fields '</span> +
|
||
<span class="hljs-string">'that do not apply to any other in this dictionary. Use '</span> +
|
||
<span class="hljs-string">'sparingly and seek a more specific, dictionary supplied field '</span> +
|
||
<span class="hljs-string">'when possible.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomNumber2Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cn2Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomNumber3</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cn3'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of three number fields available to map fields '</span> +
|
||
<span class="hljs-string">'that do not apply to any other in this dictionary. Use '</span> +
|
||
<span class="hljs-string">'sparingly and seek a more specific, dictionary supplied field '</span> +
|
||
<span class="hljs-string">'when possible.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomNumber3Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cn3Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">baseEventCount</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cnt'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'A count associated with this event. How many times '</span> +
|
||
<span class="hljs-string">'was this same event observed? Count can be omitted if it is 1.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString1</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs1'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">4000</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of six strings available to map fields that do '</span> +
|
||
<span class="hljs-string">'not apply to any other in this dictionary. Use sparingly and '</span> +
|
||
<span class="hljs-string">'seek a more specific, dictionary supplied field when '</span> +
|
||
<span class="hljs-string">'possible. TIP: See the guidelines under “User-Defined '</span> +
|
||
<span class="hljs-string">'Extensions” for tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString1Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs1Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString2</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs2'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">4000</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of six strings available to map fields that do '</span> +
|
||
<span class="hljs-string">'not apply to any other in this dictionary. Use sparingly and '</span> +
|
||
<span class="hljs-string">'seek a more specific, dictionary supplied field when '</span> +
|
||
<span class="hljs-string">'possible. TIP: See the guidelines under “User-Defined '</span> +
|
||
<span class="hljs-string">'Extensions” for tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString2Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs2Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString3</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs3'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">4000</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of six strings available to map fields that do '</span> +
|
||
<span class="hljs-string">'not apply to any other in this dictionary. Use sparingly and '</span> +
|
||
<span class="hljs-string">'seek a more specific, dictionary supplied field when '</span> +
|
||
<span class="hljs-string">'possible. TIP: See the guidelines under “User-Defined '</span> +
|
||
<span class="hljs-string">'Extensions” for tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString3Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs3Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString4</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs4'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">4000</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of six strings available to map fields that do '</span> +
|
||
<span class="hljs-string">'not apply to any other in this dictionary. Use sparingly and '</span> +
|
||
<span class="hljs-string">'seek a more specific, dictionary supplied field when '</span> +
|
||
<span class="hljs-string">'possible. TIP: See the guidelines under “User-Defined '</span> +
|
||
<span class="hljs-string">'Extensions” for tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString4Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs4Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString5</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs5'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">4000</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of six strings available to map fields that do '</span> +
|
||
<span class="hljs-string">'not apply to any other in this dictionary. Use sparingly and '</span> +
|
||
<span class="hljs-string">'seek a more specific, dictionary supplied field when '</span> +
|
||
<span class="hljs-string">'possible. TIP: See the guidelines under “User-Defined '</span> +
|
||
<span class="hljs-string">'Extensions” for tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString5Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs5Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString6</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs6'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">4000</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of six strings available to map fields that do '</span> +
|
||
<span class="hljs-string">'not apply to any other in this dictionary. Use sparingly and '</span> +
|
||
<span class="hljs-string">'seek a more specific, dictionary supplied field when '</span> +
|
||
<span class="hljs-string">'possible. TIP: See the guidelines under “User-Defined '</span> +
|
||
<span class="hljs-string">'Extensions” for tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomString6Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'cs6Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationDnsDomain</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'destination DnsDomain'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The DNS domain part of the complete fully qualified '</span> +
|
||
<span class="hljs-string">'domain name (FQDN).'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationServiceName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'destination ServiceName'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The service targeted by this event. Example: “sshd”'</span>,
|
||
},
|
||
<span class="hljs-string">'destinationTranslated Address'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'Destination Translated Address'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the translated destination that the event '</span> +
|
||
<span class="hljs-string">'refers to in an IP network. The format is an IPv4 address. '</span> +
|
||
<span class="hljs-string">'Example: “192.168.10.1”'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationTranslatedPort</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'Destination TranslatedPort'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Port after it was translated; for example, a '</span> +
|
||
<span class="hljs-string">'firewall. Valid port numbers are 0 to 65535.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomDate1</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceCustom Date1'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of two timestamp fields available to map fields '</span> +
|
||
<span class="hljs-string">'that do not apply to any other in this dictionary. Use '</span> +
|
||
<span class="hljs-string">'sparingly and seek a more specific, dictionary supplied field '</span> +
|
||
<span class="hljs-string">'when possible. TIP: See the guidelines under “User-Defined '</span> +
|
||
<span class="hljs-string">'Extensions” for tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomDate1Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceCustom Date1Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomDate2</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceCustom Date2'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of two timestamp fields available to map fields '</span> +
|
||
<span class="hljs-string">'that do not apply to any other in this dictionary. Use '</span> +
|
||
<span class="hljs-string">'sparingly and seek a more specific, dictionary supplied field '</span> +
|
||
<span class="hljs-string">'when possible. TIP: See the guidelines under “User-Defined '</span> +
|
||
<span class="hljs-string">'Extensions” for tips on using these fields.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceCustomDate2Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceCustom Date2Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'All custom fields have a corresponding label field. '</span> +
|
||
<span class="hljs-string">'Each of these fields is a string and describes the purpose of '</span> +
|
||
<span class="hljs-string">'the custom field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceDirection</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceDirection'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Any information about what direction the observed '</span> +
|
||
<span class="hljs-string">'communication has taken. The following values are supported: '</span> +
|
||
<span class="hljs-string">'“0” for inbound or “1” for outbound'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceDnsDomain</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceDns Domain'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The DNS domain part of the complete fully qualified '</span> +
|
||
<span class="hljs-string">'domain name (FQDN).'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceExternalId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'device ExternalId'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'A name that uniquely identifies the device '</span> +
|
||
<span class="hljs-string">'generating this event.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceFacility</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceFacility'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The facility generating this event. For example, '</span> +
|
||
<span class="hljs-string">'Syslog has an explicit facility associated with every event.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceInboundInterface</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceInbound Interface'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">128</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Interface on which the packet or data entered the '</span> +
|
||
<span class="hljs-string">'device.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceNtDomain</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceNt Domain'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The Windows domain name of the device address.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceOutboundInterface</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'Device Outbound Interface'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">128</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Interface on which the packet or data left the '</span> +
|
||
<span class="hljs-string">'device.'</span>,
|
||
},
|
||
<span class="hljs-attr">devicePayloadId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'Device PayloadId'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">128</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Unique identifier for the payload associated with '</span> +
|
||
<span class="hljs-string">'the event.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceProcessName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceProcess Name'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Process name associated with the event. An example '</span> +
|
||
<span class="hljs-string">'might be the process generating the syslog entry in UNIX.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceTranslatedAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'device Translated Address'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the translated device address that the '</span> +
|
||
<span class="hljs-string">'event refers to in an IP network. The format is an IPv4 '</span> +
|
||
<span class="hljs-string">'address. Example: “192.168.10.1”'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationHostName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dhost'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the destination that an event refers to '</span> +
|
||
<span class="hljs-string">'in an IP network. The format should be a fully qualified '</span> +
|
||
<span class="hljs-string">'domain name (FQDN) associated with the destination node, when '</span> +
|
||
<span class="hljs-string">'a node is available. Examples: “host.domain.com” or “host”.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationMacAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dmac'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Six colon-seperated hexadecimal numbers. Example: '</span> +
|
||
<span class="hljs-string">'“00:0D:60:AF:1B:61”'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationNtDomain</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dntdom'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The Windows domain name of the destination address.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationProcessId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dpid'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Provides the ID of the destination process '</span> +
|
||
<span class="hljs-string">'associated with the event. For example, if an event contains '</span> +
|
||
<span class="hljs-string">'process ID 105, 105” is the process ID.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationUserPrivileges</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dpriv'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The typical values are “Administrator”, “User”, and '</span> +
|
||
<span class="hljs-string">'“Guest”. This identifies the destination user’s privileges. '</span> +
|
||
<span class="hljs-string">'In UNIX, for example, activity executed on the root user '</span> +
|
||
<span class="hljs-string">'would be identified with destinationUser Privileges of '</span> +
|
||
<span class="hljs-string">'“Administrator”.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationProcessName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dproc'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The name of the event’s destination process. '</span> +
|
||
<span class="hljs-string">'Example: “telnetd” or “sshd”.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationPort</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dpt'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The valid port numbers are between 0 and 65535.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dst'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the destination address that the event '</span> +
|
||
<span class="hljs-string">'refers to in an IP network. The format is an IPv4 address. '</span> +
|
||
<span class="hljs-string">'Example: “192.168.10.1”'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceTimeZone</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dtz'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The timezone for the device generating the event.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationUserId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'duid'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the destination user by ID. For example, '</span> +
|
||
<span class="hljs-string">'in UNIX, the root user is generally associated with user '</span> +
|
||
<span class="hljs-string">'ID 0.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationUserName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'duser'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the destination user by name. This is the '</span> +
|
||
<span class="hljs-string">'user associated with the event’s destination. Email addresses '</span> +
|
||
<span class="hljs-string">'are often mapped into the UserName fields. The recipient is a '</span> +
|
||
<span class="hljs-string">'candidate to put into this field.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dvc'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the device address that an event refers '</span> +
|
||
<span class="hljs-string">'to in an IP network. The format is an IPv4 address. Example: '</span> +
|
||
<span class="hljs-string">'“192.168.10.1”.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceHostName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dvchost'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">100</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The format should be a fully qualified domain name '</span> +
|
||
<span class="hljs-string">'(FQDN) associated with the device node, when a node is '</span> +
|
||
<span class="hljs-string">'available. Example: “host.domain.com” or “host”.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceMacAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dvcmac'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Six colon-separated hexadecimal numbers. Example: '</span> +
|
||
<span class="hljs-string">'“00:0D:60:AF:1B:61”'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceProcessId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dvcpid'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Provides the ID of the process on the device '</span> +
|
||
<span class="hljs-string">'generating the event.'</span>,
|
||
},
|
||
<span class="hljs-attr">endTime</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'end'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The time at which the activity related to the event '</span> +
|
||
<span class="hljs-string">'ended. The format is MMM dd yyyy HH:mm:ss or milliseconds '</span> +
|
||
<span class="hljs-string">'since epoch (Jan 1st1970). An example would be reporting the '</span> +
|
||
<span class="hljs-string">'end of a session.'</span>,
|
||
},
|
||
<span class="hljs-attr">externalId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'externalId'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">40</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The ID used by an originating device. They are '</span> +
|
||
<span class="hljs-string">'usually increasing numbers, associated with events.'</span>,
|
||
},
|
||
<span class="hljs-attr">fileCreateTime</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'fileCreateTime'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Time when the file was created.'</span>,
|
||
},
|
||
<span class="hljs-attr">fileHash</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'fileHash'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Hash of a file.'</span>,
|
||
},
|
||
<span class="hljs-attr">fileId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'fileId'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'An ID associated with a file could be the inode.'</span>,
|
||
},
|
||
<span class="hljs-attr">fileModificationTime</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'fileModification Time'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Time when the file was last modified.'</span>,
|
||
},
|
||
<span class="hljs-attr">filePath</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'filePath'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Full path to the file, including file name itself. '</span> +
|
||
<span class="hljs-string">'Example: C:\Program Files \WindowsNT\Accessories\ wordpad.exe '</span> +
|
||
<span class="hljs-string">'or /usr/bin/zip'</span>,
|
||
},
|
||
<span class="hljs-attr">filePermission</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'filePermission'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Permissions of the file.'</span>,
|
||
},
|
||
<span class="hljs-attr">fileType</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'fileType'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Type of file (pipe, socket, etc.)'</span>,
|
||
},
|
||
<span class="hljs-attr">flexDate1</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'flexDate1'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'A timestamp field available to map a timestamp that '</span> +
|
||
<span class="hljs-string">'does not apply to any other defined timestamp field in this '</span> +
|
||
<span class="hljs-string">'dictionary. Use all flex fields sparingly and seek a more '</span> +
|
||
<span class="hljs-string">'specific, dictionary supplied field when possible. These '</span> +
|
||
<span class="hljs-string">'fields are typically reserved for customer use and should not '</span> +
|
||
<span class="hljs-string">'be set by vendors unless necessary.'</span>,
|
||
},
|
||
<span class="hljs-attr">flexDate1Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'flexDate1Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">128</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The label field is a string and describes the '</span> +
|
||
<span class="hljs-string">'purpose of the flex field.'</span>,
|
||
},
|
||
<span class="hljs-attr">flexString1</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'flexString1'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of four floating point fields available to map '</span> +
|
||
<span class="hljs-string">'fields that do not apply to any other in this dictionary. Use '</span> +
|
||
<span class="hljs-string">'sparingly and seek a more specific, dictionary supplied field '</span> +
|
||
<span class="hljs-string">'when possible. These fields are typically reserved for '</span> +
|
||
<span class="hljs-string">'customer use and should not be set by vendors unless '</span> +
|
||
<span class="hljs-string">'necessary.'</span>,
|
||
},
|
||
<span class="hljs-attr">flexString1Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'flexString1 Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">128</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The label field is a string and describes the '</span> +
|
||
<span class="hljs-string">'purpose of the flex field.'</span>,
|
||
},
|
||
<span class="hljs-attr">flexString2</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'flexString2'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'One of four floating point fields available to map '</span> +
|
||
<span class="hljs-string">'fields that do not apply to any other in this dictionary. Use '</span> +
|
||
<span class="hljs-string">'sparingly and seek a more specific, dictionary supplied field '</span> +
|
||
<span class="hljs-string">'when possible. These fields are typically reserved for '</span> +
|
||
<span class="hljs-string">'customer use and should not be set by vendors unless '</span> +
|
||
<span class="hljs-string">'necessary.'</span>,
|
||
},
|
||
<span class="hljs-attr">flexString2Label</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'flex String2Label'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">128</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The label field is a string and describes the '</span> +
|
||
<span class="hljs-string">'purpose of the flex field.'</span>,
|
||
},
|
||
<span class="hljs-attr">filename</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'fname'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Name of the file only (without its path).'</span>,
|
||
},
|
||
<span class="hljs-attr">fileSize</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'fsize'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Size of the file.'</span>,
|
||
},
|
||
<span class="hljs-attr">bytesIn</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'in'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Number of bytes transferred inbound, relative to the '</span> +
|
||
<span class="hljs-string">'source to destination relationship, meaning that data was '</span> +
|
||
<span class="hljs-string">'flowing from source to destination.'</span>,
|
||
},
|
||
<span class="hljs-attr">message</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'msg'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'An arbitrary message giving more details about the '</span> +
|
||
<span class="hljs-string">'event. Multi-line entries can be produced by using \n as the '</span> +
|
||
<span class="hljs-string">'new line separator.'</span>,
|
||
},
|
||
<span class="hljs-attr">oldFileCreateTime</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'oldFileCreate Time'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Time when old file was created.'</span>,
|
||
},
|
||
<span class="hljs-attr">oldFileHash</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'oldFileHash'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Hash of the old file.'</span>,
|
||
},
|
||
<span class="hljs-attr">oldFileId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'oldFileId'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'An ID associated with the old file could be the '</span> +
|
||
<span class="hljs-string">'inode.'</span>,
|
||
},
|
||
<span class="hljs-attr">oldFileModificationTime</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'oldFile Modification Time'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Time when old file was last modified.'</span>,
|
||
},
|
||
<span class="hljs-attr">oldFileName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'oldFileName'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Name of the old file.'</span>,
|
||
},
|
||
<span class="hljs-attr">oldFilePath</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'oldFilePath'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Full path to the old fiWindowsNT\\Accessories le, '</span> +
|
||
<span class="hljs-string">'including the file name itself. Examples: c:\\Program '</span> +
|
||
<span class="hljs-string">'Files\\wordpad.exe or /usr/bin/zip'</span>,
|
||
},
|
||
<span class="hljs-attr">oldFileSize</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'oldFileSize'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Size of the old file.'</span>,
|
||
},
|
||
<span class="hljs-attr">oldFileType</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'oldFileType'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Type of the old file (pipe, socket, etc.)'</span>,
|
||
},
|
||
<span class="hljs-attr">bytesOut</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'out'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Number of bytes transferred outbound relative to the '</span> +
|
||
<span class="hljs-string">'source to destination relationship. For example, the byte '</span> +
|
||
<span class="hljs-string">'number of data flowing from the destination to the source.'</span>,
|
||
},
|
||
<span class="hljs-attr">eventOutcome</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'outcome'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">63</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Displays the outcome, usually as ‘success’ or '</span> +
|
||
<span class="hljs-string">'‘failure’.'</span>,
|
||
},
|
||
<span class="hljs-attr">transportProtocol</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'proto'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">31</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the Layer-4 protocol used. The possible '</span> +
|
||
<span class="hljs-string">'values are protocols such as TCP or UDP.'</span>,
|
||
},
|
||
<span class="hljs-attr">Reason</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'reason'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The reason an audit event was generated. For '</span> +
|
||
<span class="hljs-string">'example “badd password” or “unknown user”. This could also be '</span> +
|
||
<span class="hljs-string">'an error or return code. Example: “0x1234”'</span>,
|
||
},
|
||
<span class="hljs-attr">requestUrl</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'request'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'In the case of an HTTP request, this field contains '</span> +
|
||
<span class="hljs-string">'the URL accessed. The URL should contain the protocol as '</span> +
|
||
<span class="hljs-string">'well. Example: “http://www/secure.com”'</span>,
|
||
},
|
||
<span class="hljs-attr">requestClientApplication</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'requestClient Application'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The User-Agent associated with the request.'</span>,
|
||
},
|
||
<span class="hljs-attr">requestContext</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'requestContext'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">2048</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Description of the content from which the request '</span> +
|
||
<span class="hljs-string">'originated (for example, HTTP Referrer)'</span>,
|
||
},
|
||
<span class="hljs-attr">requestCookies</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'requestCookies'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Cookies associated with the request.'</span>,
|
||
},
|
||
<span class="hljs-attr">requestMethod</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'requestMethod'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The method used to access a URL. Possible values: '</span> +
|
||
<span class="hljs-string">'“POST”, “GET”, etc.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceReceiptTime</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'rt'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The time at which the event related to the activity '</span> +
|
||
<span class="hljs-string">'was received. The format is MMM dd yyyy HH:mm:ss or '</span> +
|
||
<span class="hljs-string">'milliseconds since epoch (Jan 1st 1970)'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceHostName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'shost'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the source that an event refers to in an '</span> +
|
||
<span class="hljs-string">'IP network. The format should be a fully qualified domain '</span> +
|
||
<span class="hljs-string">'name (DQDN) associated with the source node, when a mode is '</span> +
|
||
<span class="hljs-string">'available. Examples: “host” or “host.domain.com”.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceMacAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'smac'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Six colon-separated hexadecimal numbers. Example: '</span> +
|
||
<span class="hljs-string">'“00:0D:60:AF:1B:61”'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceNtDomain</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'sntdom'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The Windows domain name for the source address.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceDnsDomain</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'sourceDns Domain'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The DNS domain part of the complete fully qualified '</span> +
|
||
<span class="hljs-string">'domain name (FQDN).'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceServiceName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'source ServiceName'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The service that is responsible for generating this '</span> +
|
||
<span class="hljs-string">'event.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceTranslatedAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'source Translated Address'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the translated source that the event '</span> +
|
||
<span class="hljs-string">'refers to in an IP network. The format is an IPv4 address. '</span> +
|
||
<span class="hljs-string">'Example: “192.168.10.1”.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceTranslatedPort</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'source TranslatedPort'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'A port number after being translated by, for '</span> +
|
||
<span class="hljs-string">'example, a firewall. Valid port numbers are 0 to 65535.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceProcessId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'spid'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The ID of the source process associated with the '</span> +
|
||
<span class="hljs-string">'event.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceUserPrivileges</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'spriv'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The typical values are “Administrator”, “User”, and '</span> +
|
||
<span class="hljs-string">'“Guest”. It identifies the source user’s privileges. In UNIX, '</span> +
|
||
<span class="hljs-string">'for example, activity executed by the root user would be '</span> +
|
||
<span class="hljs-string">'identified with “Administrator”.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceProcessName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'sproc'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The name of the event’s source process.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourcePort</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'spt'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The valid port numbers are 0 to 65535.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'src'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the source that an event refers to in an '</span> +
|
||
<span class="hljs-string">'IP network. The format is an IPv4 address. Example: '</span> +
|
||
<span class="hljs-string">'“192.168.10.1”.'</span>,
|
||
},
|
||
<span class="hljs-attr">startTime</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'start'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The time when the activity the event referred to '</span> +
|
||
<span class="hljs-string">'started. The format is MMM dd yyyy HH:mm:ss or milliseconds '</span> +
|
||
<span class="hljs-string">'since epoch (Jan 1st 1970)'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceUserId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'suid'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the source user by ID. This is the user '</span> +
|
||
<span class="hljs-string">'associated with the source of the event. For example, in '</span> +
|
||
<span class="hljs-string">'UNIX, the root user is generally associated with user ID 0.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceUserName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'suser'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Identifies the source user by name. Email addresses '</span> +
|
||
<span class="hljs-string">'are also mapped into the UserName fields. The sender is a '</span> +
|
||
<span class="hljs-string">'candidate to put into this field.'</span>,
|
||
},
|
||
<span class="hljs-attr">type</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'type'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'0 means base event, 1 means aggregated, 2 means '</span> +
|
||
<span class="hljs-string">'correlation, and 3 means action. This field can be omitted '</span> +
|
||
<span class="hljs-string">'for base events (type 0).'</span>,
|
||
},
|
||
<span class="hljs-attr">agentDnsDomain</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'agentDns Domain'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The DNS domain name of the ArcSight connector that '</span> +
|
||
<span class="hljs-string">'processed the event.'</span>,
|
||
},
|
||
<span class="hljs-attr">agentNtDomain</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'agentNtDomain'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">agentTranslatedAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'agentTranslated Address'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-string">'agentTranslatedZone ExternalID'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'agentTranslated ZoneExternalID'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">200</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">agentTranslatedZoneURI</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'agentTranslated Zone URI'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">2048</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">agentZoneExternalID</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'agentZone ExternalID'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">200</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">agentZoneURI</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'agentZoneURI'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">2048</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">agentAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'agt'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The IP address of the ArcSight connector that '</span> +
|
||
<span class="hljs-string">'processed the event.'</span>,
|
||
},
|
||
<span class="hljs-attr">agentHostName</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'ahost'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">1023</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The hostname of the ArcSight connector that '</span> +
|
||
<span class="hljs-string">'processed the event.'</span>,
|
||
},
|
||
<span class="hljs-attr">agentId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'aid'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">40</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The agent ID of the ArcSight connector that '</span> +
|
||
<span class="hljs-string">'processed the event.'</span>,
|
||
},
|
||
<span class="hljs-attr">agentMacAddress</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'amac'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The MAC address of the ArcSight connector that '</span> +
|
||
<span class="hljs-string">'processed the event.'</span>,
|
||
},
|
||
<span class="hljs-attr">agentReceiptTime</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'art'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The time at which information about the event was '</span> +
|
||
<span class="hljs-string">'received by the ArcSight connector.'</span>,
|
||
},
|
||
<span class="hljs-attr">agentType</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'at'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">63</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The agent type of the ArcSight connector that '</span> +
|
||
<span class="hljs-string">'processed the event'</span>,
|
||
},
|
||
<span class="hljs-attr">agentTimeZone</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'atz'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">255</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The agent time zone of the ArcSight connector that '</span> +
|
||
<span class="hljs-string">'processed the event.'</span>,
|
||
},
|
||
<span class="hljs-attr">agentVersion</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'av'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">31</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The version of the ArcSight connector that processed '</span> +
|
||
<span class="hljs-string">'the event.'</span>,
|
||
},
|
||
<span class="hljs-attr">customerExternalID</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'customer ExternalID'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">200</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">customerURI</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'customerURI'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">2048</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-string">'destinationTranslated ZoneExternalID'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'destination TranslatedZone ExternalID'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">200</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-string">'destinationTranslated ZoneURI'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'destination Translated ZoneURI'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">2048</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The URI for the Translated Zone that the destination '</span> +
|
||
<span class="hljs-string">'asset has been assigned to in ArcSight.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationZoneExternalID</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'destinationZone ExternalID'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">200</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">destinationZoneURI</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'destinationZone URI'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">2048</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The URI for the Zone that the destination asset has '</span> +
|
||
<span class="hljs-string">'been assigned to in ArcSight.'</span>,
|
||
},
|
||
<span class="hljs-string">'deviceTranslatedZone ExternalID'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'device TranslatedZone ExternalID'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">200</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">deviceTranslatedZoneURI</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'device TranslatedZone URI'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">2048</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The URI for the Translated Zone that the device '</span> +
|
||
<span class="hljs-string">'asset has been assigned to in ArcSight.'</span>,
|
||
},
|
||
<span class="hljs-attr">deviceZoneExternalID</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceZone ExternalID'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">200</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">deviceZoneURI</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'deviceZoneURI'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">2048</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'Thee URI for the Zone that the device asset has been '</span> +
|
||
<span class="hljs-string">'assigned to in ArcSight.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationGeoLatitude</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dlat'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The latitudinal value from which the '</span> +
|
||
<span class="hljs-string">'destination’s IP address belongs.'</span>,
|
||
},
|
||
<span class="hljs-attr">destinationGeoLongitude</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'dlong'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The longitudinal value from which the destination’s '</span> +
|
||
<span class="hljs-string">'IP address belongs.'</span>,
|
||
},
|
||
<span class="hljs-attr">eventId</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'eventId'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'This is a unique ID that ArcSight assigns to each '</span> +
|
||
<span class="hljs-string">'event.'</span>,
|
||
},
|
||
<span class="hljs-attr">rawEvent</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'rawEvent'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">4000</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">sourceGeoLatitude</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'slat'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">sourceGeoLongitude</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'slong'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'Number'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-literal">null</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-string">'sourceTranslatedZone ExternalID'</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'source TranslatedZone ExternalID'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">200</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">sourceTranslatedZoneURI</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'source TranslatedZone URI'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">2048</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The URI for the Translated Zone that the destination '</span> +
|
||
<span class="hljs-string">'asset has been assigned to in ArcSight.'</span>,
|
||
},
|
||
<span class="hljs-attr">sourceZoneExternalID</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'sourceZone ExternalID'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">200</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">''</span>,
|
||
},
|
||
<span class="hljs-attr">sourceZoneURI</span>: {
|
||
<span class="hljs-attr">key</span>: <span class="hljs-string">'sourceZoneURI'</span>,
|
||
<span class="hljs-attr">type</span>: <span class="hljs-string">'String'</span>,
|
||
<span class="hljs-attr">len</span>: <span class="hljs-number">2048</span>,
|
||
<span class="hljs-attr">discription</span>: <span class="hljs-string">'The URI for the Zone that the source asset has been '</span> +
|
||
<span class="hljs-string">'assigned to in ArcSight.'</span> },
|
||
};
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.deviceVendor !== <span class="hljs-string">'string'</span>
|
||
|| <span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.deviceProduct !== <span class="hljs-string">'string'</span>
|
||
|| <span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.deviceVersion !== <span class="hljs-string">'string'</span>
|
||
) {
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(<span class="hljs-string">'TYPE ERROR: CEF Device Info must be a string'</span>));
|
||
}
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">this</span>.severity
|
||
&& (
|
||
(
|
||
<span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.severity === <span class="hljs-string">'string'</span>
|
||
&& (
|
||
<span class="hljs-keyword">this</span>.severity !== <span class="hljs-string">'Unknown'</span>
|
||
&& <span class="hljs-keyword">this</span>.severity !== <span class="hljs-string">'Low'</span>
|
||
&& <span class="hljs-keyword">this</span>.severity !== <span class="hljs-string">'Medium'</span>
|
||
&& <span class="hljs-keyword">this</span>.severity !== <span class="hljs-string">'High'</span>
|
||
&& <span class="hljs-keyword">this</span>.severity !== <span class="hljs-string">'Very-High'</span>
|
||
)
|
||
)
|
||
|| (
|
||
<span class="hljs-keyword">typeof</span> <span class="hljs-keyword">this</span>.severity === <span class="hljs-string">'number'</span>
|
||
&& (
|
||
<span class="hljs-keyword">this</span>.severity < <span class="hljs-number">0</span>
|
||
|| <span class="hljs-keyword">this</span>.severity > <span class="hljs-number">10</span>
|
||
)
|
||
)
|
||
)
|
||
) {
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(<span class="hljs-string">'TYPE ERROR: CEF Severity not set correctly'</span>));
|
||
}
|
||
<span class="hljs-keyword">const</span> cefExts = <span class="hljs-built_in">Object</span>.entries(<span class="hljs-keyword">this</span>.extensions);
|
||
<span class="hljs-keyword">const</span> cefExtsLen = cefExts.length;
|
||
<span class="hljs-keyword">for</span> (<span class="hljs-keyword">let</span> ext = <span class="hljs-number">0</span>; ext < cefExtsLen; ext++) {
|
||
<span class="hljs-keyword">if</span> (cefExts[ext][<span class="hljs-number">1</span>] !== <span class="hljs-literal">null</span>) {
|
||
<span class="hljs-keyword">if</span> (Extensions[cefExts[ext][<span class="hljs-number">0</span>]]) {
|
||
<span class="hljs-keyword">if</span> (<span class="hljs-keyword">typeof</span> cefExts[ext][<span class="hljs-number">1</span>] === Extensions[cefExts[ext][<span class="hljs-number">0</span>]]
|
||
.type
|
||
.toLowerCase()) {
|
||
<span class="hljs-keyword">if</span> (Extensions[cefExts[ext][<span class="hljs-number">0</span>]].len > <span class="hljs-number">0</span>
|
||
&& <span class="hljs-keyword">typeof</span> cefExts[ext][<span class="hljs-number">1</span>] === <span class="hljs-string">'string'</span>
|
||
&& cefExts[ext][<span class="hljs-number">1</span>].length > Extensions[cefExts[ext][<span class="hljs-number">0</span>]].len){
|
||
<span class="hljs-keyword">let</span> errMsg = <span class="hljs-string">'FORMAT ERROR:'</span>;
|
||
errMsg += <span class="hljs-string">' CEF Extention Key'</span>;
|
||
errMsg += <span class="hljs-string">' '</span> + cefExts[ext][<span class="hljs-number">0</span>];
|
||
errMsg += <span class="hljs-string">' value length is to long;'</span>;
|
||
errMsg += <span class="hljs-string">' max length is'</span>;
|
||
errMsg += <span class="hljs-string">' '</span> + Extensions[cefExts[ext][<span class="hljs-number">0</span>]].len;
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(errMsg));
|
||
}
|
||
} <span class="hljs-keyword">else</span> {
|
||
<span class="hljs-keyword">let</span> errMsg = <span class="hljs-string">'TYPE ERROR:'</span>;
|
||
errMsg += <span class="hljs-string">' CEF Key'</span>;
|
||
errMsg += <span class="hljs-string">' '</span> + cefExts[ext][<span class="hljs-number">0</span>];
|
||
errMsg += <span class="hljs-string">' value type was expected to be'</span>;
|
||
errMsg += <span class="hljs-string">' '</span> + Extensions[cefExts[ext][<span class="hljs-number">0</span>]].type.toLowerCase();
|
||
reject(<span class="hljs-keyword">new</span> <span class="hljs-built_in">Error</span>(errMsg));
|
||
}
|
||
}
|
||
}
|
||
}
|
||
resolve(<span class="hljs-literal">true</span>);
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* Build a CEF formated string
|
||
* @public
|
||
* @return {Promise} - String with formated message
|
||
*/</span>
|
||
buildMessage() {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>((resolve,
|
||
reject) => {
|
||
<span class="hljs-keyword">let</span> fmtMsg = <span class="hljs-string">'CEF:0'</span>;
|
||
fmtMsg += <span class="hljs-string">'|'</span> + <span class="hljs-keyword">this</span>.deviceVendor;
|
||
fmtMsg += <span class="hljs-string">'|'</span> + <span class="hljs-keyword">this</span>.deviceProduct;
|
||
fmtMsg += <span class="hljs-string">'|'</span> + <span class="hljs-keyword">this</span>.deviceVersion;
|
||
fmtMsg += <span class="hljs-string">'|'</span> + <span class="hljs-keyword">this</span>.deviceEventClassId;
|
||
fmtMsg += <span class="hljs-string">'|'</span> + <span class="hljs-keyword">this</span>.name;
|
||
fmtMsg += <span class="hljs-string">'|'</span> + <span class="hljs-keyword">this</span>.severity;
|
||
fmtMsg += <span class="hljs-string">'|'</span>;
|
||
|
||
<span class="hljs-keyword">const</span> cefExts = <span class="hljs-built_in">Object</span>.entries(<span class="hljs-keyword">this</span>.extensions);
|
||
<span class="hljs-keyword">const</span> cefExtsLen = cefExts.length;
|
||
<span class="hljs-keyword">for</span> (<span class="hljs-keyword">let</span> ext = <span class="hljs-number">0</span>; ext < cefExtsLen; ext++) {
|
||
<span class="hljs-keyword">if</span> (cefExts[ext][<span class="hljs-number">1</span>] !== <span class="hljs-literal">null</span>) {
|
||
fmtMsg += cefExts[ext][<span class="hljs-number">0</span>] + <span class="hljs-string">'='</span> + cefExts[ext][<span class="hljs-number">1</span>] + <span class="hljs-string">' '</span>;
|
||
}
|
||
}
|
||
resolve(fmtMsg);
|
||
});
|
||
}
|
||
<span class="hljs-comment">/**
|
||
* @public
|
||
* @param {Syslog} [options=false] - A {@link module:SyslogPro~Syslog|
|
||
* Syslog server connection} that should be used to send messages directly
|
||
* from this class. @see SyslogPro~Syslog
|
||
*/</span>
|
||
send(options) {
|
||
<span class="hljs-keyword">return</span> <span class="hljs-keyword">new</span> <span class="hljs-built_in">Promise</span>((resolve,
|
||
reject) => {
|
||
<span class="hljs-keyword">this</span>.buildMessage()
|
||
.then(<span class="hljs-function">(<span class="hljs-params">result</span>) =></span> {
|
||
<span class="hljs-keyword">if</span> (!<span class="hljs-keyword">this</span>.server) {
|
||
<span class="hljs-keyword">this</span>.server = <span class="hljs-keyword">new</span> Syslog(options);
|
||
}
|
||
<span class="hljs-keyword">this</span>.server.send(result)
|
||
.then(<span class="hljs-function">(<span class="hljs-params">sendResult</span>) =></span> {
|
||
resolve(sendResult);
|
||
})
|
||
.catch(<span class="hljs-function">(<span class="hljs-params">reson</span>) =></span> {
|
||
reject(reson);
|
||
});
|
||
});
|
||
});
|
||
}
|
||
}
|
||
|
||
<span class="hljs-built_in">module</span>.exports = {
|
||
<span class="hljs-attr">RgbToAnsi</span>: rgbToAnsi,
|
||
<span class="hljs-attr">RFC3164</span>: RFC3164,
|
||
<span class="hljs-attr">RFC5424</span>: RFC5424,
|
||
<span class="hljs-attr">LEEF</span>: LEEF,
|
||
<span class="hljs-attr">CEF</span>: CEF,
|
||
<span class="hljs-attr">Syslog</span>: Syslog,
|
||
};</pre></div></div>
|
||
|
||
</li>
|
||
|
||
</ul>
|
||
</div>
|
||
</body>
|
||
</html>
|