Commit a063d21c74808a7b274c7c423807b952ab24862b
1 parent
0d86ee79db
Exists in
master
and in
1 other branch
Adding incident messages to Rsyslog report
Showing 2 changed files with 2 additions and 1 deletions
MLTD/src/ReportSyslog.py
View file @
a063d21
| ... | ... | @@ -10,5 +10,5 @@ |
| 10 | 10 | formatter = logging.Formatter(' %(message)s') |
| 11 | 11 | handler.setFormatter(formatter) |
| 12 | 12 | my_logger.addHandler(handler) |
| 13 | - my_logger.critical(f'source_ip: {source_ip} target_ip: {target_ip} asset: {asset_id} risk: {risk} timeframe: {timeframe}') | |
| 13 | + my_logger.critical(f'source_ip: {source_ip} target_ip: {target_ip} asset: {asset_id} risk: {risk} incident: A possible risk is predicted timeframe: {timeframe}') |
OD/src/main/java/edu/auth/od_pcap_mcod/report/RsyslogHandler.java
View file @
a063d21
| ... | ... | @@ -34,6 +34,7 @@ |
| 34 | 34 | + " Target_IP: " + outlier.getPacket().getTargetIP() |
| 35 | 35 | + " Risk: " + outlier.getValues()[0] |
| 36 | 36 | + " IncidentDate: " + outlier.getActualTime() |
| 37 | + + " Incident: Packet loss increased - Possible indication of Dos attack" | |
| 37 | 38 | + " Timeframe: 0 "); |
| 38 | 39 | } catch (Exception e) { |
| 39 | 40 | e.printStackTrace(); |