mirror of
https://github.com/zeek/zeek.git
synced 2025-10-08 01:28:20 +00:00
7e9d48f532
The broxygen-generated files now live in the git repo, have tests that check that they are up-to-date, and a script to re-generate them on-demand.
47 lines
1.1 KiB
ReStructuredText
47 lines
1.1 KiB
ReStructuredText
:tocdepth: 3
|
|
|
|
base/bif/plugins/Bro_Syslog.events.bif.bro
|
|
==========================================
|
|
.. bro:namespace:: GLOBAL
|
|
|
|
|
|
:Namespace: GLOBAL
|
|
|
|
Summary
|
|
~~~~~~~
|
|
Events
|
|
######
|
|
=========================================== ========================================
|
|
:bro:id:`syslog_message`: :bro:type:`event` Generated for monitored Syslog messages.
|
|
=========================================== ========================================
|
|
|
|
|
|
Detailed Interface
|
|
~~~~~~~~~~~~~~~~~~
|
|
Events
|
|
######
|
|
.. bro:id:: syslog_message
|
|
|
|
:Type: :bro:type:`event` (c: :bro:type:`connection`, facility: :bro:type:`count`, severity: :bro:type:`count`, msg: :bro:type:`string`)
|
|
|
|
Generated for monitored Syslog messages.
|
|
|
|
See `Wikipedia <http://en.wikipedia.org/wiki/Syslog>`__ for more
|
|
information about the Syslog protocol.
|
|
|
|
|
|
:c: The connection record for the underlying transport-layer session/flow.
|
|
|
|
|
|
:facility: The "facility" included in the message.
|
|
|
|
|
|
:severity: The "severity" included in the message.
|
|
|
|
|
|
:msg: The message logged.
|
|
|
|
.. note:: Bro currently parses only UDP syslog traffic. Support for TCP
|
|
syslog will be added soon.
|
|
|
|
|