Blame view
OD/src/main/java/edu/auth/od_pcap_mcod/report/RsyslogHandler.java
1.8 KB
f7581a436 Implementing an r... |
1 2 3 4 5 6 7 |
package edu.auth.od_pcap_mcod.report; import com.cloudbees.syslog.Facility; import com.cloudbees.syslog.MessageFormat; import com.cloudbees.syslog.Severity; import com.cloudbees.syslog.sender.TcpSyslogMessageSender; import edu.auth.od_pcap_mcod.model.Data; |
850b58c41 Update OD to dete... |
8 |
public class RsyslogHandler implements IReporter { |
f7581a436 Implementing an r... |
9 10 |
private String rsyslogServer; |
850b58c41 Update OD to dete... |
11 12 13 |
private int rsyslogPort; public RsyslogHandler(String server, int port) { |
f7581a436 Implementing an r... |
14 |
|
f7581a436 Implementing an r... |
15 |
this.rsyslogServer = server; |
850b58c41 Update OD to dete... |
16 |
this.rsyslogPort = port; |
f7581a436 Implementing an r... |
17 |
} |
850b58c41 Update OD to dete... |
18 |
|
f7581a436 Implementing an r... |
19 20 21 |
@Override public void reportOutlier(Data outlier, String label) { TcpSyslogMessageSender messageSender = new TcpSyslogMessageSender(); |
850b58c41 Update OD to dete... |
22 |
try { |
470b51243 further bug fixes... |
23 24 25 26 27 |
messageSender.setDefaultMessageHostname("KEA"); messageSender.setDefaultAppName("KEA-OD"); messageSender.setDefaultFacility(Facility.USER); messageSender.setDefaultSeverity(Severity.CRITICAL); messageSender.setSyslogServerHostname(this.rsyslogServer); |
850b58c41 Update OD to dete... |
28 |
messageSender.setSyslogServerPort(this.rsyslogPort); |
470b51243 further bug fixes... |
29 30 |
messageSender.setMessageFormat(MessageFormat.RFC_3164); // optional, default is RFC 3164 messageSender.setSsl(false); |
850b58c41 Update OD to dete... |
31 32 33 34 35 |
messageSender.sendMessage( "Asset: " + label + " Target_IP: " + outlier.getPacket().getTargetIP() + " Risk: " + outlier.getValues()[0] + " IncidentDate: " + outlier.getActualTime() |
a063d21c7 Adding incident m... |
36 |
+ " Incident: Packet loss increased - Possible indication of Dos attack" |
850b58c41 Update OD to dete... |
37 |
+ " Timeframe: 0 "); |
470b51243 further bug fixes... |
38 |
} catch (Exception e) { |
f7581a436 Implementing an r... |
39 |
e.printStackTrace(); |
470b51243 further bug fixes... |
40 41 42 |
} finally { try { messageSender.close(); |
850b58c41 Update OD to dete... |
43 |
} catch (Exception e) { |
470b51243 further bug fixes... |
44 45 |
e.printStackTrace(); } |
f7581a436 Implementing an r... |
46 47 48 |
} } } |