Thanasis Naskos / CUREX - Knowledge Extraction Analytics - KEA

Blame view

OD/src/main/java/edu/auth/od_pcap_mcod/report/RsyslogHandler.java 1.8 KB

f7581a436 Thanasis Naskos Implementing an r...	1 2 3 4 5 6 7	package edu.auth.od_pcap_mcod.report; import com.cloudbees.syslog.Facility; import com.cloudbees.syslog.MessageFormat; import com.cloudbees.syslog.Severity; import com.cloudbees.syslog.sender.TcpSyslogMessageSender; import edu.auth.od_pcap_mcod.model.Data;
850b58c41 Thanasis Naskos Update OD to dete...	8	public class RsyslogHandler implements IReporter {
f7581a436 Thanasis Naskos Implementing an r...	9 10	private String rsyslogServer;
850b58c41 Thanasis Naskos Update OD to dete...	11 12 13	private int rsyslogPort; public RsyslogHandler(String server, int port) {
f7581a436 Thanasis Naskos Implementing an r...	14
f7581a436 Thanasis Naskos Implementing an r...	15	this.rsyslogServer = server;
850b58c41 Thanasis Naskos Update OD to dete...	16	this.rsyslogPort = port;
f7581a436 Thanasis Naskos Implementing an r...	17	}
850b58c41 Thanasis Naskos Update OD to dete...	18
f7581a436 Thanasis Naskos Implementing an r...	19 20 21	@Override public void reportOutlier(Data outlier, String label) { TcpSyslogMessageSender messageSender = new TcpSyslogMessageSender();
850b58c41 Thanasis Naskos Update OD to dete...	22	try {
470b51243 Thanasis Naskos further bug fixes...	23 24 25 26 27	messageSender.setDefaultMessageHostname("KEA"); messageSender.setDefaultAppName("KEA-OD"); messageSender.setDefaultFacility(Facility.USER); messageSender.setDefaultSeverity(Severity.CRITICAL); messageSender.setSyslogServerHostname(this.rsyslogServer);
850b58c41 Thanasis Naskos Update OD to dete...	28	messageSender.setSyslogServerPort(this.rsyslogPort);
470b51243 Thanasis Naskos further bug fixes...	29 30	messageSender.setMessageFormat(MessageFormat.RFC_3164); // optional, default is RFC 3164 messageSender.setSsl(false);
850b58c41 Thanasis Naskos Update OD to dete...	31 32 33 34 35	messageSender.sendMessage( "Asset: " + label + " Target_IP: " + outlier.getPacket().getTargetIP() + " Risk: " + outlier.getValues()[0] + " IncidentDate: " + outlier.getActualTime()
a063d21c7 Thanasis Naskos Adding incident m...	36	+ " Incident: Packet loss increased - Possible indication of Dos attack"
850b58c41 Thanasis Naskos Update OD to dete...	37	+ " Timeframe: 0 ");
470b51243 Thanasis Naskos further bug fixes...	38	} catch (Exception e) {
f7581a436 Thanasis Naskos Implementing an r...	39	e.printStackTrace();
470b51243 Thanasis Naskos further bug fixes...	40 41 42	} finally { try { messageSender.close();
850b58c41 Thanasis Naskos Update OD to dete...	43	} catch (Exception e) {
470b51243 Thanasis Naskos further bug fixes...	44 45	e.printStackTrace(); }
f7581a436 Thanasis Naskos Implementing an r...	46 47 48	} } }