Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
nsyslog-parser
Advanced tools
nsyslog-parser - npm Package Compare versions
Comparing version 0.8.6 to 0.8.7
@@ -129,3 +129,4 @@ "use strict"; | ||
| cef: true, | ||
| fields: true | ||
| fields: true, | ||
| pid: true | ||
| }; | ||
@@ -314,2 +315,11 @@ | ||
| // PID | ||
| if (opts.pid && entry.appName && entry.appName.endsWith("]")) { | ||
| var _idx = entry.appName.indexOf("["); | ||
| if (_idx >= 0) { | ||
| entry.pid = entry.appName.substring(_idx + 1, entry.appName.length - 1); | ||
| entry.appName = entry.appName.substring(0, _idx); | ||
| } | ||
| } | ||
| return entry; | ||
@@ -316,0 +326,0 @@ } |
@@ -1,3 +0,3 @@ | ||
| /*! nsyslog-parser 2018-09-14 */ | ||
| /*! nsyslog-parser 2018-09-26 */ | ||
| "use strict";!function r(s,n,o){function c(i,e){if(!n[i]){if(!s[i]){var t="function"==typeof require&&require;if(!e&&t)return t(i,!0);if(d)return d(i,!0);var l=new Error("Cannot find module '"+i+"'");throw l.code="MODULE_NOT_FOUND",l}var a=n[i]={exports:{}};s[i][0].call(a.exports,function(e){return c(s[i][1][e]||e)},a,a.exports,r,s,n,o)}return n[i].exports}for(var d="function"==typeof require&&require,e=0;e<o.length;e++)c(o[e]);return c}({1:[function(e,i,t){var l,a;l=window,a=e("./parser.js"),l.NSyslog=l.NSyslog||{},l.NSyslog.parse=a},{"./parser.js":3}],2:[function(e,i,t){var n=/[a-zA-Z][a-zA-Z0-9]+=/,o=["version","deviceVendor","deviceProduct","deviceVersion","deviceEventClassID","name","severity","extension"];i.exports={parse:function(e){var t,l,i,a,r,s=(t=[],i=!(l={}),a=7,r="",e.split("").forEach(function(e){a?"|"==e?i?(i=!1,r+=e):(t.push(r),r="",a--):"\\"==e?(r+=e,i=!i):(i=!1,r+=e):r+=e}),r.length&&t.push(r),o.forEach(function(e,i){return l[e]=t[i]}),l);return{headers:s,fields:function(e){var i=[],t={},l=null;do{if(l=n.exec(e)){var a=l[0],r=l.index;i.length&&(i[i.length-1]+=e.substring(0,r)),i.push(a),e=e.substring(r+a.length)}else e.length&&i.length&&(i[i.length-1]+=e,e="")}while(l&&e.length);return i.map(function(e){return e.trim()}).map(function(e){return{k:(e=e.split("=")).shift(),v:e.join("=")}}).forEach(function(e){t[e.k]=e.v}),t}(s.extension||"")}}}},{}],3:[function(e,i,t){var b=e("./pri.js"),E=e("./cef.js"),x={pri:/^<\d+>/,prinmr:/^\d+ /,prival:/<(\d+)>/,month:/^[A-Za-z][a-z]{2} /,day:/^\d{1,2} /,time:/^\d+:\d+:\d+ /,ts:/^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\S+ /,invalid:/[^a-zA-Z0-9\.\$\-_#%\/\[\]\(\)]/,sdata:/\[(\S+)( [^\=]+\=\"[^\"]+\")+\]/g,cef:/^CEF:\d+/},N={cef:!0,fields:!0};function w(e){do{var i=e.shift();if(void 0===i)return i;i=i.trim()}while(!i);return i}function j(e,i){if(e.host)if(e.appName)if(e.pid){if(e.messageid)return!!e.structuredData||(e.structuredData=i.trim(),!1);e.messageid=i.trim()}else e.pid=i.trim();else e.appName=i.trim();else e.host=i.trim()}i.exports=function(e,i){try{return function(e,i){i=i||N;var t=e.match(x.pri),r={originalMessage:e};if(t){r.pri=t[0],r.prival=parseInt(r.pri.match(x.prival)[1]);var l=b.get(r.prival);r.facilityval=l.facility,r.levelval=l.level,r.facility=b.FACILITY[l.facility].id,r.level=b.LEVEL[l.level].id}else r.pri="",r.prival=NaN;for(var a=e.substring(r.pri.length).split(" "),s=!1;e.length&&!s;){if((u=w(a)+" ").match(x.prinmr))r.version=parseInt(u),r.type="RFC5424",(u=w(a)+" ").match(x.ts)&&(r.ts=new Date(Date.parse(u.match(x.ts)[0].trim())));else if(u.match(x.month)){r.type="BSD";var n=u.trim(),o=w(a),c=w(a),d=(new Date).getYear()+1900;r.ts=new Date(Date.parse(d+" "+n+" "+o+" "+c))}else r.type="UNKNOWN",a.unshift(u.trim());s=!0}if(r.ts||(r.ts=new Date),r.type){var f=function(e){a.unshift(e),r.message=a.join(" "),s=!0};for(s=!1;e.length&&!s;){var u;if(u=w(a))if(u.endsWith(":")){var p=u.replace(/:$/,"").trim();p.match(x.invalid)?f(u):(j(r,p),r.message=a.join(" "),s=!0)}else if(a.length)if(u.match(x.invalid))f(u);else{var m=j(r,u.replace(/: $/,"").trim());!0===m?(a.unshift(u),r.message=a.join(" "),s=!0):!1===m&&(r.message=a.join(" "),s=!0)}else f(u);else s=!0}}else r.message=a.join(" ");if(r.chain=(r.host||"").split("/"),r.host=r.chain.pop(),"RFC5424"==r.type){var g=r.message.match(x.sdata)||[],h=0;r.structuredData=g.map(function(e){var l={},a=null;return h=r.message.indexOf(e)+e.length+1,e.replace(/(^\[)|(\]$)/g,"").split(" ").forEach(function(e,i){if(e.trim())if(0==i)l.$id=e;else{var t=e.split("=");t[0]&&t[1]&&'"'!=t[1]?(a=t.shift(),l[a]=t.join("=").replace(/\"/g,"")):t[0]&&void 0===t[1]?l[a]+=" "+(t[0]||"").replace(/\"/g,""):!t[0]||t[1].length&&'"'!=t[1]||(l[a]+=" "+(t[0]||"").replace(/\"/g,"")+"=")}}),l}),r.message=r.message.substring(h)}if(!1!==i.cef&&x.cef.test(r.message)){r.type="CEF";var y=E.parse(r.message);r.cef=y.headers,r.fields=y.fields}else if(!1!==i.fields&&"UNKNOWN"!=r.type){var v=[];r.message.split(",").forEach(function(e){var i=e.split("=");2==i.length&&(v[i[0]]=i[1])}),r.fields=v}return r.header=e.substring(0,e.length-r.message.length),r}(e,i)}catch(e){return{err:e}}}},{"./cef.js":2,"./pri.js":4}],4:[function(e,i,t){var l=[{id:"kern",label:"kernel messages"},{id:"user",label:"user-level messages"},{id:"mail",label:"mail system"},{id:"daemon",label:"system daemons"},{id:"auth",label:"security/authorization messages"},{id:"syslog",label:"messages generated internally by syslogd"},{id:"lpr",label:"line printer subsystem"},{id:"news",label:"network news subsystem"},{id:"uucp",label:"UUCP subsystem"},{id:"cron",label:"clock daemon"},{id:"authpriv",label:"security/authorization messages"},{id:"ftp",label:"FTP daemon"},{id:"ntp",label:"NTP subsystem"},{id:"security",label:"log audit"},{id:"console",label:"log alert"},{id:"solaris-cron",label:"clock daemon"},{id:"local0",label:"locally used facility 0"},{id:"local1",label:"locally used facility 0"},{id:"local2",label:"locally used facility 0"},{id:"local3",label:"locally used facility 0"},{id:"local4",label:"locally used facility 0"},{id:"local5",label:"locally used facility 0"},{id:"local6",label:"locally used facility 0"},{id:"local7",label:"locally used facility 0"}],a=[{id:"emerg",label:"system is unusable"},{id:"alert",label:"action must be taken immediately"},{id:"crit",label:"critical conditions"},{id:"error",label:"error conditions"},{id:"warn",label:"warning conditions"},{id:"notice",label:"normal but significant condition"},{id:"info",label:"informational messages"},{id:"debug",label:"debug-level messages"}],r=[],s=[];l.forEach(function(e,i){return r[e.id]=i}),a.forEach(function(e,i){return s[e.id]=i}),i.exports.LEVEL=a,i.exports.FACILITY=l,i.exports.LEVELS=s,i.exports.FACILITIES=r,i.exports.get=function(e,i){return"number"==typeof e&&void 0===i?{level:7&e,facility:e>>3}:"number"==typeof e&&"number"==typeof i?8*e+i:"string"==typeof e&&"number"==typeof i?8*(r[e]||0)+i:"number"==typeof e&&"string"==typeof i?8*e+(s[i]||0):"string"==typeof e&&"string"==typeof i?8*(r[e]||0)+(s[i]||0):{level:0,facility:0}}},{}]},{},[1]); | ||
| "use strict";!function r(s,n,o){function c(i,e){if(!n[i]){if(!s[i]){var t="function"==typeof require&&require;if(!e&&t)return t(i,!0);if(d)return d(i,!0);var a=new Error("Cannot find module '"+i+"'");throw a.code="MODULE_NOT_FOUND",a}var l=n[i]={exports:{}};s[i][0].call(l.exports,function(e){return c(s[i][1][e]||e)},l,l.exports,r,s,n,o)}return n[i].exports}for(var d="function"==typeof require&&require,e=0;e<o.length;e++)c(o[e]);return c}({1:[function(e,i,t){var a,l;a=window,l=e("./parser.js"),a.NSyslog=a.NSyslog||{},a.NSyslog.parse=l},{"./parser.js":3}],2:[function(e,i,t){var n=/[a-zA-Z][a-zA-Z0-9]+=/,o=["version","deviceVendor","deviceProduct","deviceVersion","deviceEventClassID","name","severity","extension"];i.exports={parse:function(e){var t,a,i,l,r,s=(t=[],i=!(a={}),l=7,r="",e.split("").forEach(function(e){l?"|"==e?i?(i=!1,r+=e):(t.push(r),r="",l--):"\\"==e?(r+=e,i=!i):(i=!1,r+=e):r+=e}),r.length&&t.push(r),o.forEach(function(e,i){return a[e]=t[i]}),a);return{headers:s,fields:function(e){var i=[],t={},a=null;do{if(a=n.exec(e)){var l=a[0],r=a.index;i.length&&(i[i.length-1]+=e.substring(0,r)),i.push(l),e=e.substring(r+l.length)}else e.length&&i.length&&(i[i.length-1]+=e,e="")}while(a&&e.length);return i.map(function(e){return e.trim()}).map(function(e){return{k:(e=e.split("=")).shift(),v:e.join("=")}}).forEach(function(e){t[e.k]=e.v}),t}(s.extension||"")}}}},{}],3:[function(e,i,t){var N=e("./pri.js"),E=e("./cef.js"),x={pri:/^<\d+>/,prinmr:/^\d+ /,prival:/<(\d+)>/,month:/^[A-Za-z][a-z]{2} /,day:/^\d{1,2} /,time:/^\d+:\d+:\d+ /,ts:/^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\S+ /,invalid:/[^a-zA-Z0-9\.\$\-_#%\/\[\]\(\)]/,sdata:/\[(\S+)( [^\=]+\=\"[^\"]+\")+\]/g,cef:/^CEF:\d+/},w={cef:!0,fields:!0,pid:!0};function j(e){do{var i=e.shift();if(void 0===i)return i;i=i.trim()}while(!i);return i}function D(e,i){if(e.host)if(e.appName)if(e.pid){if(e.messageid)return!!e.structuredData||(e.structuredData=i.trim(),!1);e.messageid=i.trim()}else e.pid=i.trim();else e.appName=i.trim();else e.host=i.trim()}i.exports=function(e,i){try{return function(e,i){i=i||w;var t=e.match(x.pri),r={originalMessage:e};if(t){r.pri=t[0],r.prival=parseInt(r.pri.match(x.prival)[1]);var a=N.get(r.prival);r.facilityval=a.facility,r.levelval=a.level,r.facility=N.FACILITY[a.facility].id,r.level=N.LEVEL[a.level].id}else r.pri="",r.prival=NaN;for(var l=e.substring(r.pri.length).split(" "),s=!1;e.length&&!s;){if((u=j(l)+" ").match(x.prinmr))r.version=parseInt(u),r.type="RFC5424",(u=j(l)+" ").match(x.ts)&&(r.ts=new Date(Date.parse(u.match(x.ts)[0].trim())));else if(u.match(x.month)){r.type="BSD";var n=u.trim(),o=j(l),c=j(l),d=(new Date).getYear()+1900;r.ts=new Date(Date.parse(d+" "+n+" "+o+" "+c))}else r.type="UNKNOWN",l.unshift(u.trim());s=!0}if(r.ts||(r.ts=new Date),r.type){var f=function(e){l.unshift(e),r.message=l.join(" "),s=!0};for(s=!1;e.length&&!s;){var u;if(u=j(l))if(u.endsWith(":")){var p=u.replace(/:$/,"").trim();p.match(x.invalid)?f(u):(D(r,p),r.message=l.join(" "),s=!0)}else if(l.length)if(u.match(x.invalid))f(u);else{var m=D(r,u.replace(/: $/,"").trim());!0===m?(l.unshift(u),r.message=l.join(" "),s=!0):!1===m&&(r.message=l.join(" "),s=!0)}else f(u);else s=!0}}else r.message=l.join(" ");if(r.chain=(r.host||"").split("/"),r.host=r.chain.pop(),"RFC5424"==r.type){var g=r.message.match(x.sdata)||[],h=0;r.structuredData=g.map(function(e){var a={},l=null;return h=r.message.indexOf(e)+e.length+1,e.replace(/(^\[)|(\]$)/g,"").split(" ").forEach(function(e,i){if(e.trim())if(0==i)a.$id=e;else{var t=e.split("=");t[0]&&t[1]&&'"'!=t[1]?(l=t.shift(),a[l]=t.join("=").replace(/\"/g,"")):t[0]&&void 0===t[1]?a[l]+=" "+(t[0]||"").replace(/\"/g,""):!t[0]||t[1].length&&'"'!=t[1]||(a[l]+=" "+(t[0]||"").replace(/\"/g,"")+"=")}}),a}),r.message=r.message.substring(h)}if(!1!==i.cef&&x.cef.test(r.message)){r.type="CEF";var y=E.parse(r.message);r.cef=y.headers,r.fields=y.fields}else if(!1!==i.fields&&"UNKNOWN"!=r.type){var v=[];r.message.split(",").forEach(function(e){var i=e.split("=");2==i.length&&(v[i[0]]=i[1])}),r.fields=v}if(r.header=e.substring(0,e.length-r.message.length),i.pid&&r.appName&&r.appName.endsWith("]")){var b=r.appName.indexOf("[");0<=b&&(r.pid=r.appName.substring(b+1,r.appName.length-1),r.appName=r.appName.substring(0,b))}return r}(e,i)}catch(e){return{err:e}}}},{"./cef.js":2,"./pri.js":4}],4:[function(e,i,t){var a=[{id:"kern",label:"kernel messages"},{id:"user",label:"user-level messages"},{id:"mail",label:"mail system"},{id:"daemon",label:"system daemons"},{id:"auth",label:"security/authorization messages"},{id:"syslog",label:"messages generated internally by syslogd"},{id:"lpr",label:"line printer subsystem"},{id:"news",label:"network news subsystem"},{id:"uucp",label:"UUCP subsystem"},{id:"cron",label:"clock daemon"},{id:"authpriv",label:"security/authorization messages"},{id:"ftp",label:"FTP daemon"},{id:"ntp",label:"NTP subsystem"},{id:"security",label:"log audit"},{id:"console",label:"log alert"},{id:"solaris-cron",label:"clock daemon"},{id:"local0",label:"locally used facility 0"},{id:"local1",label:"locally used facility 0"},{id:"local2",label:"locally used facility 0"},{id:"local3",label:"locally used facility 0"},{id:"local4",label:"locally used facility 0"},{id:"local5",label:"locally used facility 0"},{id:"local6",label:"locally used facility 0"},{id:"local7",label:"locally used facility 0"}],l=[{id:"emerg",label:"system is unusable"},{id:"alert",label:"action must be taken immediately"},{id:"crit",label:"critical conditions"},{id:"error",label:"error conditions"},{id:"warn",label:"warning conditions"},{id:"notice",label:"normal but significant condition"},{id:"info",label:"informational messages"},{id:"debug",label:"debug-level messages"}],r=[],s=[];a.forEach(function(e,i){return r[e.id]=i}),l.forEach(function(e,i){return s[e.id]=i}),i.exports.LEVEL=l,i.exports.FACILITY=a,i.exports.LEVELS=s,i.exports.FACILITIES=r,i.exports.get=function(e,i){return"number"==typeof e&&void 0===i?{level:7&e,facility:e>>3}:"number"==typeof e&&"number"==typeof i?8*e+i:"string"==typeof e&&"number"==typeof i?8*(r[e]||0)+i:"number"==typeof e&&"string"==typeof i?8*e+(s[i]||0):"string"==typeof e&&"string"==typeof i?8*(r[e]||0)+(s[i]||0):{level:0,facility:0}}},{}]},{},[1]); |
| { | ||
| "name": "nsyslog-parser", | ||
| "version": "0.8.6", | ||
| "version": "0.8.7", | ||
| "description": "Syslog Parser. Accepts RFC 3164 (BSD), RFC 5424 and CEF formats", | ||
@@ -5,0 +5,0 @@ "author": "David Gómez Matarrodona <solzimer@gmail.com>", |
@@ -20,3 +20,4 @@ const | ||
| cef : true, | ||
| fields : true | ||
| fields : true, | ||
| pid : true | ||
| } | ||
@@ -221,2 +222,11 @@ | ||
| // PID | ||
| if(opts.pid && entry.appName && entry.appName.endsWith("]")) { | ||
| let idx = entry.appName.indexOf("["); | ||
| if(idx>=0) { | ||
| entry.pid = entry.appName.substring(idx+1,entry.appName.length-1); | ||
| entry.appName = entry.appName.substring(0,idx); | ||
| } | ||
| } | ||
| return entry; | ||
@@ -223,0 +233,0 @@ } |
@@ -21,2 +21,6 @@ # nsyslog-parser | ||
| ``` | ||
| parser(line,options) | ||
| ``` | ||
| ```javascript | ||
@@ -134,1 +138,8 @@ const parser = require("nsyslog-parser"); | ||
| ``` | ||
| ## Options | ||
| Options is a javascript object with the following parameters: | ||
| * cef : Parse CEF strcuture (*true* by default) | ||
| * fields : Parse Syslog structured data (*true* by default) | ||
| * pid : Separate the PID field in case the **app** header field has the **app[pid]** format (true by default) |
@@ -6,3 +6,3 @@ const parser = require("./parser.js"); | ||
| MSGS.map(parser).forEach(e=>console.log(e)); | ||
| MSGS.map(m=>parser(m,null)).forEach(e=>console.log(e)); | ||
@@ -9,0 +9,0 @@ var s = Date.now(); |
| module.exports = [ | ||
| "<34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8", | ||
@@ -28,12 +29,12 @@ "<34>1 2003-10-11T22:14:15.003Z mymachine.example.com su - ID47 - BOM'su root' failed for lonvick on /dev/pts/8", | ||
| '<190>AMP (airwave)[6944]: Your license does not allow you to create or authorize additional APs/Devices\tSystem\tSystem\t\t\t', | ||
| '<189>date=2018-09-13 time=10:12:18 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.67.24.31 srcport=49853 srcintf="WIFI_AESA" dstip=173.194.76.188 dstport=5228 dstintf="FW-310B_HP-8206" sessionid=4732460 proto=6 action=timeout policyid=37 dstcountry="United States" srccountry="Reserved" trandisp=noop service="tcp/5228" duration=39 sentbyte=156 rcvdbyte=0 sentpkt=3 rcvdpkt=0 appcat="unscanned" crscore=5 craction=262144 crlevel=low', | ||
| '<189>date=2018-09-13 time=10:12:18 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.67.24.31 srcport=49853 srcintf="WIFI_XXX" dstip=173.194.76.188 dstport=5228 dstintf="FW-310B_HP-8206" sessionid=4732460 proto=6 action=timeout policyid=37 dstcountry="United States" srccountry="Reserved" trandisp=noop service="tcp/5228" duration=39 sentbyte=156 rcvdbyte=0 sentpkt=3 rcvdpkt=0 appcat="unscanned" crscore=5 craction=262144 crlevel=low', | ||
| '<189>date=2018-09-13 time=10:12:18 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=192.168.134.9 srcport=58335 srcintf="WIFI_INVITADOS" dstip=104.36.251.158 dstport=443 dstintf="port8" sessionid=4733602 proto=6 action=close policyid=40 dstcountry="United States" srccountry="Reserved" trandisp=snat transip=192.168.98.6 transport=58335 service="HTTPS" duration=1 sentbyte=132 rcvdbyte=92 sentpkt=3 rcvdpkt=2 appcat="unscanned"', | ||
| '<189>date=2018-09-13 time=10:12:18 devname=FW-310B-01 devid=FG300B3911601588 logid=0001000014 type=traffic subtype=local level=notice vd=root srcip=10.67.24.31 srcport=137 srcintf="WIFI_AESA" dstip=10.67.24.255 dstport=137 dstintf=unknown-0 sessionid=4733634 proto=17 action=deny policyid=0 dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="SMB1" app="netbios forward" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 appcat="unscanned"', | ||
| '<189>date=2018-09-13 time=10:12:18 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.13.179.169 srcport=55386 srcintf="FW-310B_HP-8206" dstip=10.67.24.16 dstport=7680 dstintf="WIFI_AESA" sessionid=4733609 proto=6 action=close policyid=42 dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="tcp/7680" duration=1 sentbyte=52 rcvdbyte=40 sentpkt=1 rcvdpkt=1 appcat="unscanned"', | ||
| '<189>date=2018-09-13 time=10:12:19 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.67.24.32 srcport=62407 srcintf="WIFI_AESA" dstip=10.67.11.102 dstport=53 dstintf="FW-310B_HP-8206" sessionid=4733388 proto=17 action=accept policyid=37 dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="DNS" duration=10 sentbyte=115 rcvdbyte=190 sentpkt=1 rcvdpkt=1 appcat="unscanned"', | ||
| '<189>date=2018-09-13 time=10:12:19 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000011 type=traffic subtype=forward level=warning vd=root srcip=10.67.24.32 srcport=62407 srcintf="WIFI_AESA" dstip=10.67.11.102 dstport=53 dstintf="FW-310B_HP-8206" sessionid=4733388 proto=17 action=dns policyid=37 appcat="unscanned" crscore=5 craction=262144 crlevel=low', | ||
| '<189>date=2018-09-13 time=10:12:19 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.67.24.5 srcport=52970 srcintf="WIFI_AESA" dstip=10.13.179.156 dstport=7680 dstintf="FW-310B_HP-8206" sessionid=4733612 proto=6 action=close policyid=37 dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="tcp/7680" duration=1 sentbyte=132 rcvdbyte=92 sentpkt=3 rcvdpkt=2 appcat="unscanned"', | ||
| '<189>date=2018-09-13 time=10:12:19 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000011 type=traffic subtype=forward level=warning vd=root srcip=10.67.24.32 srcport=52839 srcintf="WIFI_AESA" dstip=10.67.11.102 dstport=53 dstintf="FW-310B_HP-8206" sessionid=4733389 proto=17 action=dns policyid=37 appcat="unscanned" crscore=5 craction=262144 crlevel=low', | ||
| '<189>date=2018-09-13 time=10:12:19 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.67.24.32 srcport=52839 srcintf="WIFI_AESA" dstip=10.67.11.102 dstport=53 dstintf="FW-310B_HP-8206" sessionid=4733389 proto=17 action=accept policyid=37 dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="DNS" duration=10 sentbyte=90 rcvdbyte=165 sentpkt=1 rcvdpkt=1 appcat="unscanned"', | ||
| '<189>date=2018-09-13 time=10:12:18 devname=FW-310B-01 devid=FG300B3911601588 logid=0001000014 type=traffic subtype=local level=notice vd=root srcip=10.67.24.31 srcport=137 srcintf="WIFI_XXX" dstip=10.67.24.255 dstport=137 dstintf=unknown-0 sessionid=4733634 proto=17 action=deny policyid=0 dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="SMB1" app="netbios forward" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 appcat="unscanned"', | ||
| '<189>date=2018-09-13 time=10:12:18 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.13.179.169 srcport=55386 srcintf="FW-310B_HP-8206" dstip=10.67.24.16 dstport=7680 dstintf="WIFI_XXX" sessionid=4733609 proto=6 action=close policyid=42 dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="tcp/7680" duration=1 sentbyte=52 rcvdbyte=40 sentpkt=1 rcvdpkt=1 appcat="unscanned"', | ||
| '<189>date=2018-09-13 time=10:12:19 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.67.24.32 srcport=62407 srcintf="WIFI_XXX" dstip=10.67.11.102 dstport=53 dstintf="FW-310B_HP-8206" sessionid=4733388 proto=17 action=accept policyid=37 dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="DNS" duration=10 sentbyte=115 rcvdbyte=190 sentpkt=1 rcvdpkt=1 appcat="unscanned"', | ||
| '<189>date=2018-09-13 time=10:12:19 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000011 type=traffic subtype=forward level=warning vd=root srcip=10.67.24.32 srcport=62407 srcintf="WIFI_XXX" dstip=10.67.11.102 dstport=53 dstintf="FW-310B_HP-8206" sessionid=4733388 proto=17 action=dns policyid=37 appcat="unscanned" crscore=5 craction=262144 crlevel=low', | ||
| '<189>date=2018-09-13 time=10:12:19 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.67.24.5 srcport=52970 srcintf="WIFI_XXX" dstip=10.13.179.156 dstport=7680 dstintf="FW-310B_HP-8206" sessionid=4733612 proto=6 action=close policyid=37 dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="tcp/7680" duration=1 sentbyte=132 rcvdbyte=92 sentpkt=3 rcvdpkt=2 appcat="unscanned"', | ||
| '<189>date=2018-09-13 time=10:12:19 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000011 type=traffic subtype=forward level=warning vd=root srcip=10.67.24.32 srcport=52839 srcintf="WIFI_XXX" dstip=10.67.11.102 dstport=53 dstintf="FW-310B_HP-8206" sessionid=4733389 proto=17 action=dns policyid=37 appcat="unscanned" crscore=5 craction=262144 crlevel=low', | ||
| '<189>date=2018-09-13 time=10:12:19 devname=FW-310B-01 devid=FG300B3911601588 logid=0000000013 type=traffic subtype=forward level=notice vd=root srcip=10.67.24.32 srcport=52839 srcintf="WIFI_XXX" dstip=10.67.11.102 dstport=53 dstintf="FW-310B_HP-8206" sessionid=4733389 proto=17 action=accept policyid=37 dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="DNS" duration=10 sentbyte=90 rcvdbyte=165 sentpkt=1 rcvdpkt=1 appcat="unscanned"', | ||
@@ -43,9 +44,10 @@ '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=senasa.jcgp destinationServiceName=Wireless_MAC_USUARIOS dpriv=[Employee], [MAC Caching], [User Authenticated] dmac=b49d0b950026 dst=192.168.135.50 src=192.168.131.1 rt=Sep 12 2018 15:32:11', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=isdefe.coy destinationServiceName=Wireless_MAC_USUARIOS dpriv=[Employee], [MAC Caching], [User Authenticated] dmac=b0e23596f602 dst=192.168.135.33 src=192.168.131.1 rt=Sep 12 2018 15:31:14', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\isdefe.mag destinationServiceName=AESA_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [Other], [User Authenticated] dmac=f48c50ce757f dst=10.67.24.39 src=192.168.131.1 rt=Sep 12 2018 15:31:37', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\senasa.mjtp destinationServiceName=AESA_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [Other], [User Authenticated] dmac=b88a60913683 dst=192.168.133.23 src=192.168.131.1 rt=Sep 12 2018 15:31:44', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\senasa.mjtp destinationServiceName=AESA_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [Other], [User Authenticated] dmac=b88a60913683 dst=192.168.133.23 src=192.168.131.1 rt=Sep 12 2018 15:31:54', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\stroncoso destinationServiceName=AESA_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [User Authenticated] dmac=bc8385e2d4b7 dst=10.67.24.3 src=192.168.131.1 rt=Sep 12 2018 15:30:25', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\senasa.mmin destinationServiceName=AESA_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [Other], [User Authenticated] dmac=1002b54c3088 dst=192.168.133.14 src=192.168.131.1 rt=Sep 12 2018 15:31:50', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\isdefe.mag destinationServiceName=AESA_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [Other], [User Authenticated] dmac=f48c50ce757f dst=10.67.24.39 src=192.168.131.1 rt=Sep 12 2018 15:31:37', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\isdefe.mag destinationServiceName=XXX_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [Other], [User Authenticated] dmac=f48c50ce757f dst=10.67.24.39 src=192.168.131.1 rt=Sep 12 2018 15:31:37', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\senasa.mjtp destinationServiceName=XXX_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [Other], [User Authenticated] dmac=b88a60913683 dst=192.168.133.23 src=192.168.131.1 rt=Sep 12 2018 15:31:44', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\senasa.mjtp destinationServiceName=XXX_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [Other], [User Authenticated] dmac=b88a60913683 dst=192.168.133.23 src=192.168.131.1 rt=Sep 12 2018 15:31:54', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\stroncoso destinationServiceName=XXX_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [User Authenticated] dmac=bc8385e2d4b7 dst=10.67.24.3 src=192.168.131.1 rt=Sep 12 2018 15:30:25', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\senasa.mmin destinationServiceName=XXX_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [Other], [User Authenticated] dmac=1002b54c3088 dst=192.168.133.14 src=192.168.131.1 rt=Sep 12 2018 15:31:50', | ||
| '<143>Sep 12 2018 15:32:19 10.67.3.37 CEF:0|Aruba Networks|ClearPass|6.7.5.108264|2000|Logged in users|1|cat=Session Logs dvc=10.67.3.37 duser=AVIACION\isdefe.mag destinationServiceName=XXX_Wireless_802.1x_Servicio_Corporativo dpriv=Corporate_Machine, [Machine Authenticated], [Other], [User Authenticated] dmac=f48c50ce757f dst=10.67.24.39 src=192.168.131.1 rt=Sep 12 2018 15:31:37', | ||
| '<30>s2413-XXX.aviacion.fomento.es Instancia3[22469]: INFO 17:33:22,521 INFO [stdout] (http--0.0.0.0-8083-299) 2018-09-25 17:33:22,521 INFO - es.XXX.dcta.core.ws.consultas.DctaCoreConsultasPortImpl - Finishing operation obtenerConsentimientos | usuario= sed1 count= 2\n', | ||
| ]; |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.64%
81354
- Lines of code
- increased by2.28%
853
- Number of lines in readme file
- increased by8.27%
144
No dependency changes