base/protocols/syslog/main.bro

Syslog

Core script support for logging syslog messages. This script represents one syslog message as one logged record.

Namespace:Syslog
Imports:base/protocols/syslog/consts.bro
Source File:/scripts/base/protocols/syslog/main.bro

Summary

Types

Syslog::Info: record The record type which contains the fields of the syslog log.

Detailed Interface

Types

Syslog::Info
Type:

record

ts: time &log

Timestamp when the syslog message was seen.

uid: string &log

Unique ID for the connection.

id: conn_id &log

The connection’s 4-tuple of endpoint addresses/ports.

proto: transport_proto &log

Protocol over which the message was seen.

facility: string &log

Syslog facility for the message.

severity: string &log

Syslog severity for the message.

message: string &log

The plain text message.

The record type which contains the fields of the syslog log.


Copyright 2016, The Bro Project. Last updated on December 12, 2017. Created using Sphinx 1.5.2.