Syslog

integrations.syslog.integration module

Honeycomb Syslog integration.

class integrations.syslog.integration.CEFCustomString(field_name: str, field_label: str, field_label_text: str)

Bases: integrations.syslog.integration.CEFField

Custom CEF Field.

class integrations.syslog.integration.CEFField(field_name: str)

Bases: object

Generic CEF Field.

integrations.syslog.integration.IntegrationActionsClass

alias of integrations.syslog.integration.SyslogIntegration

class integrations.syslog.integration.MySysLogHandler(address, facility=1, socktype=<SocketKind.SOCK_DGRAM: 2>, ssl_enabled=False)

Bases: logging.handlers.SysLogHandler

Custom Syslog logging handler that includes CEFEvent.

For some reason python SysLogHandler appends x00 byte to every record sent, This fixes it and replaces it with n.

close()

Close the socket.

emit(record)

Emit a record.

The record is formatted, and then sent to the syslog server. If exception information is present, it is NOT sent to the server.

class integrations.syslog.integration.SyslogIntegration(integration_data)

Bases: integrationmanager.integration_utils.BaseIntegration

Honeycomb Syslog integration.

format_output_data(output_data)

No special formatting required.

get_formatted_alert_as_cef(result_fields)

Format message as CEFEvent.

get_formatted_alert_as_syslog(result_fields)

Convert alert to syslog record.

send_event(required_alert_fields)

Send syslog event.