base/protocols/syslog/main.zeek¶
- Syslog¶
Core script support for logging syslog messages. This script represents one syslog message as one logged record.
- Namespace
Syslog
- Imports
Summary¶
Types¶
The record type which contains the fields of the syslog log. |
Redefinitions¶
|
|
Hooks¶
Detailed Interface¶
Types¶
- Syslog::Info¶
- Type
-
- ts:
time
&log
Timestamp when the syslog message was seen.
- uid:
string
&log
Unique ID for the connection.
- id:
conn_id
&log
The connection’s 4-tuple of endpoint addresses/ports.
- proto:
transport_proto
&log
Protocol over which the message was seen.
- facility:
string
&log
Syslog facility for the message.
- severity:
string
&log
Syslog severity for the message.
- message:
string
&log
The plain text message.
- ts:
The record type which contains the fields of the syslog log.