mirror of
https://github.com/zeek/zeek.git
synced 2025-10-07 09:08:20 +00:00
ded98cd373
This is based on commit 2731def9159247e6da8a3191783c89683363689c from the zeek-docs repo.
46 lines
1.2 KiB
ReStructuredText
46 lines
1.2 KiB
ReStructuredText
:tocdepth: 3
|
|
|
|
base/protocols/syslog/spicy-events.zeek
|
|
=======================================
|
|
|
|
Events generated by the Syslog analyzer.
|
|
|
|
|
|
Summary
|
|
~~~~~~~
|
|
Events
|
|
######
|
|
============================================= ========================================
|
|
:zeek:id:`syslog_message`: :zeek:type:`event` Generated for monitored Syslog messages.
|
|
============================================= ========================================
|
|
|
|
|
|
Detailed Interface
|
|
~~~~~~~~~~~~~~~~~~
|
|
Events
|
|
######
|
|
.. zeek:id:: syslog_message
|
|
:source-code: base/protocols/syslog/spicy-events.zeek 19 19
|
|
|
|
:Type: :zeek:type:`event` (c: :zeek:type:`connection`, facility: :zeek:type:`count`, severity: :zeek:type:`count`, msg: :zeek:type:`string`)
|
|
|
|
Generated for monitored Syslog messages.
|
|
|
|
See `Wikipedia <http://en.wikipedia.org/wiki/Syslog>`__ for more
|
|
information about the Syslog protocol.
|
|
|
|
|
|
:param c: The connection record for the underlying transport-layer session/flow.
|
|
|
|
|
|
:param facility: The "facility" included in the message.
|
|
|
|
|
|
:param severity: The "severity" included in the message.
|
|
|
|
|
|
:param msg: The message logged.
|
|
|
|
.. note:: Zeek currently parses only UDP syslog traffic.
|
|
|
|
|