sysloglogs

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 25, 2020 License: AGPL-3.0, Apache-2.0 Imports: 9 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var RFC3164Desc = `Syslog parser for the RFC3164 format (ie. BSD-syslog messages)
Reference: https://tools.ietf.org/html/rfc3164`
View Source
var RFC5424Desc = `Syslog parser for the RFC5424 format.
Reference: https://tools.ietf.org/html/rfc5424`

Functions

This section is empty.

Types

type RFC3164

type RFC3164 struct {
	Priority  *uint8             `` /* 166-byte string literal not displayed */
	Facility  *uint8             `` /* 160-byte string literal not displayed */
	Severity  *uint8             `json:"severity" validate:"required" description:"Severity indicates how severe the message is. Eg: 0=Emergency to 7=Debug."`
	Timestamp *timestamp.RFC3339 `json:"timestamp,omitempty" description:"Timestamp of the syslog message in UTC."`
	Hostname  *string            `json:"hostname,omitempty" description:"Hostname identifies the machine that originally sent the syslog message."`
	Appname   *string            `json:"appname,omitempty" description:"Appname identifies the device or application that originated the syslog message."`
	ProcID    *string            `` /* 166-byte string literal not displayed */
	MsgID     *string            `` /* 152-byte string literal not displayed */
	Message   *string            `json:"message,omitempty" description:"Message contains free-form text that provides information about the event."`

	// NOTE: added to end of struct to allow expansion later
	parsers.PantherLog
}

nolint:lll

type RFC3164Parser

type RFC3164Parser struct {
	// contains filtered or unexported fields
}

RFC3164Parser parses Syslog logs in the RFC3164 format

func (*RFC3164Parser) LogType

func (p *RFC3164Parser) LogType() string

LogType returns the log type supported by this parser

func (*RFC3164Parser) New

func (p *RFC3164Parser) New() parsers.LogParser

New returns an initialized LogParser for Syslog RFC3164 logs

func (*RFC3164Parser) Parse

func (p *RFC3164Parser) Parse(log string) []*parsers.PantherLog

Parse returns the parsed events or nil if parsing failed

type RFC5424

type RFC5424 struct {
	Priority       *uint8                        `` /* 166-byte string literal not displayed */
	Facility       *uint8                        `` /* 160-byte string literal not displayed */
	Severity       *uint8                        `json:"severity" validate:"required" description:"Severity indicates how severe the message is. Eg: 0=Emergency to 7=Debug."`
	Version        *uint16                       `` /* 164-byte string literal not displayed */
	Timestamp      *timestamp.RFC3339            `json:"timestamp,omitempty" description:"Timestamp of the syslog message in UTC."`
	Hostname       *string                       `json:"hostname,omitempty" description:"Hostname identifies the machine that originally sent the syslog message."`
	Appname        *string                       `json:"appname,omitempty" description:"Appname identifies the device or application that originated the syslog message."`
	ProcID         *string                       `` /* 166-byte string literal not displayed */
	MsgID          *string                       `` /* 152-byte string literal not displayed */
	StructuredData *map[string]map[string]string `` /* 151-byte string literal not displayed */
	Message        *string                       `json:"message,omitempty" description:"Message contains free-form text that provides information about the event."`

	// NOTE: added to end of struct to allow expansion later
	parsers.PantherLog
}

nolint:lll

type RFC5424Parser

type RFC5424Parser struct {
	// contains filtered or unexported fields
}

RFC5424Parser parses Syslog logs in the RFC5424 format

func (*RFC5424Parser) LogType

func (p *RFC5424Parser) LogType() string

LogType returns the log type supported by this parser

func (*RFC5424Parser) New

func (p *RFC5424Parser) New() parsers.LogParser

New returns an initialized LogParser for Syslog RFC5424 logs

func (*RFC5424Parser) Parse

func (p *RFC5424Parser) Parse(log string) []*parsers.PantherLog

Parse returns the parsed events or nil if parsing failed

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL