LEEF

SyslogPro~ LEEF

A class to work with IBM LEEF (Log Event Extended Format) messages this form of system messages are designed to work with security systems. Messages can be saved to file (Saving to file if not part of this module but a LEEF formatted message produced by this module can be saved externally to it) or sent via Syslog. Most APIs will return a promise. These APIs can be used using `then(...)/catch(...)` A Syslog class with a configured Syslog server target can also be used as the input into the formatting classes so that it may run independently. The LEEF format is designed to send event data to a SIEM system and should not be as a logging stream. This class is meant to be used once per message.

Constructor

new LEEF(optionsopt)

Source:

index.js, line 1716

Version:

0.0.0

Since:

0.0.0

Construct a new LEEF formatting object with user options

Parameters:

Name Type Attributes Description

options

object

<optional>

Options object

Properties

Name	Type	Attributes	Default	Description
`vendor`	string	<optional>	`'unknown'`	The vendor of the system that generated the event being reported
`product`	string	<optional>	`'unknown'`	The product name of the system that genrated the event being reported
`version`	string	<optional>	`'unknown'`	The version name of the system that genrated the event being reported
`eventId`	string	<optional>	`'unknown'`	The eventId of the system that genrated the event being reported
`attributes`	object	<optional>		LEEF message attributes which defaults to all base attributes with null values, new attributes should be added as new elements to this object
`syslogHeader`	boolean	<optional>	`'true'`	Should the LEEF message include a Syslog header with Timestamp and source
`server`	Syslog	<optional>	`false`	A Syslog server connection that should be used to send messages directly from this class. @see SyslogPro~Syslog

Requires:

module:moment

Requires

module:moment

Members

attributes :object

Source:

index.js, line 1754

Type:

object

(private) constructor__

Source:

index.js, line 1740

eventId :string

Source:

index.js, line 1749

Type:

string

product :string

Source:

index.js, line 1745

Type:

string

(private) server

Source:

index.js, line 1805

syslogHeader :boolean

Source:

index.js, line 1751

Type:

boolean

vendor :string

Source:

index.js, line 1743

Type:

string

version :string

Source:

index.js, line 1747

Type:

string

Methods

buildMessage() → {Promise}

Source:

index.js, line 1816

Build a formatted message

Returns:

- string with formatted message

Type: Promise

send(optionsopt)

Source:

index.js, line 1844

Parameters:

Name	Type	Attributes	Default	Description
`options`	Syslog	<optional>	`false`	A Syslog server connection that should be used to send messages directly from this class. @see SyslogPro~Syslog