New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
cef - npm Package Compare versions
Comparing version 0.2.1 to 0.3.0
@@ -19,5 +19,7 @@ /** | ||
| const syslog = require('./syslog'); | ||
| const validatorForKey = require('./extensions').validatorForKey; | ||
| const CURRENT_CEF_VERSION = "0"; | ||
| const requiredParams = ['vendor', 'product', 'version', 'signature', 'name', 'severity']; | ||
| const sysLoggerOptions = [ | ||
@@ -170,6 +172,19 @@ 'syslog_tag', | ||
| var extensionArray = []; | ||
| var value = ""; | ||
| var validator = null; | ||
| Object.keys(extensions).forEach(function(key) { | ||
| extensionArray.push(util.format("%s=%s", | ||
| this.filterKey(key), | ||
| this.filterValue(extensions[key]))); | ||
| key = this.filterKey(key); | ||
| validator = validatorForKey(key); | ||
| if (validator) { | ||
| value = this.filterValue(extensions[key]); | ||
| if (validator(value)) { | ||
| extensionArray.push(util.format("%s=%s", | ||
| this.filterKey(key), | ||
| this.filterValue(extensions[key]))); | ||
| } else { | ||
| console.error(util.format("Not a valid value for %s: %s", key, value)); | ||
| } | ||
| } else { | ||
| console.error("Not a valid CEF or ArcSight key: " + key); | ||
| } | ||
| }.bind(this)); | ||
@@ -355,8 +370,8 @@ return extensionArray.join(" "); | ||
| return { | ||
| request: req.url, | ||
| requestMethod: req['method'], | ||
| request: req.url, | ||
| dest: req['headers']['host'], | ||
| requestClientApplication: req['headers']['user-agent'], | ||
| host: os.hostname() | ||
| requestContext: req['headers']['user-agent'], | ||
| dhost: req['headers']['host'], | ||
| shost: os.hostname() | ||
| }; | ||
| }; |
| { | ||
| "name": "cef", | ||
| "version": "0.2.1", | ||
| "version": "0.3.0", | ||
| "main" : "lib/cef.js", | ||
@@ -5,0 +5,0 @@ "author": "Jed Parsons <https://github.com/jedp>", |
@@ -55,3 +55,3 @@ # node-cef: A CEF and Syslog Logging Library | ||
| - *Version*: A string identifying the version of your product | ||
| - *Signature*: An arbitrary key identifying the type of event logged. | ||
| - *Signature*: An arbitrary key identifying the type of event logged. | ||
| Typically a four-digit number. | ||
@@ -70,4 +70,12 @@ - *Name*: A human-readable phrase describing the event. | ||
| Additionally, any number of key-value pairs specifying extra data can | ||
| be attached. Such key value pairs are referred to as extensions. | ||
| be attached. Such key value pairs are referred to as extensions. The | ||
| CEF standard declares some 28 extensions, and ArcSight has 462 more. | ||
| The formatter ensures that extension keys belong to the set of CEF | ||
| extensions or a subset of the ArcSight extensions. It also verifies | ||
| their values are of their required type (e.g., `dmac` is a valid MAC | ||
| addr, etc.). If you need more extensions than are permitted here, | ||
| please submit an issue or, better yet, modify `lib/extensions.js` and | ||
| send me a pull request. | ||
| The `node-cef` logger can be instantiated with any number of default | ||
@@ -90,3 +98,3 @@ parameters, with the various logging methods specifying the remaining | ||
| suser: "Milton", | ||
| solution: "Burn it down!" | ||
| msg: "Burn it down!" | ||
| } | ||
@@ -106,3 +114,3 @@ }); | ||
| eight levels (7 to 0, debug to emerg). To align these two, we declare | ||
| CEF 11 to be equivalent to syslog `emerg` (0), CEF 10 = syslog `alert` (1), | ||
| CEF 10 to be equivalent to syslog `emerg` (0), CEF 9 = syslog `alert` (1), | ||
| and so on to CEF 3 = syslog `debug` (7). We do not use CEF levels 2, 1, | ||
@@ -122,5 +130,6 @@ or 0. | ||
| We suggest you decide with your team on a set of meanings and stick | ||
| with them. For example, for logging BrowserID events at Mozilla, we | ||
| use four levels as follows: | ||
| It's up to you to decide with your team on a set of meanings and stick | ||
| with them. For example, for logging | ||
| [BrowserID](https://github.com/mozilla/browserid) events at Mozilla, | ||
| we use four levels as follows: | ||
@@ -165,3 +174,4 @@ - `emerg` (10) Completely out of whack. Someone needs to look at | ||
| ```javascript | ||
| { syslog_address: '192.168.1.42', | ||
| var config = { | ||
| syslog_address: '192.168.1.42', | ||
| syslog_port: 9876, | ||
@@ -176,3 +186,3 @@ syslog_transport: function(message, callback) { | ||
| } | ||
| } | ||
| }; | ||
| ``` | ||
@@ -196,1 +206,4 @@ | ||
| provided the initial basis for the syslog backend. | ||
| - Eric Parker at Mozilla has been very helpfu in answering my | ||
| questions about CEF and ArcSight. |
@@ -181,4 +181,3 @@ var vows = require('vows'); | ||
| extensions: { | ||
| remaining: 32, | ||
| failAt: "15min 42sec" | ||
| rt: "Jun 12 2011 11:22:33" | ||
| } | ||
@@ -192,4 +191,3 @@ }; | ||
| assert(result.indexOf("CEF:0|Initech|Red Stapler|2|17|Low on staples|6|") === 0); | ||
| assert(result.indexOf("remaining=32") !== -1); | ||
| assert(result.indexOf("failAt=15min 42sec") !== -1); | ||
| assert(result.indexOf("rt=Jun 12 2011 11:22:33") !== -1); | ||
| } | ||
@@ -196,0 +194,0 @@ } |
@@ -51,5 +51,5 @@ var assert = require('assert'); | ||
| "contain request url": contains(/request=\S+/), | ||
| "contain destination host": contains(/dest=\w+/), | ||
| "contain client app name": contains(/requestClientApplication=\w+/), | ||
| "contain hostname": contains(/host=\w+/) | ||
| "contain destination host": contains(/dhost=\w+/), | ||
| "contain client app name": contains(/requestContext=\w+/), | ||
| "contain hostname": contains(/shost=\w+/) | ||
| } | ||
@@ -56,0 +56,0 @@ |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by20.13%
37062
- Number of package files
- increased by22.22%
11
- Lines of code
- increased by18.75%
988
- Number of lines in readme file
- increased by6.35%
201
No dependency changes