diff options
Diffstat (limited to 'framework/src/suricata/contrib/file_processor/Action')
3 files changed, 36 insertions, 0 deletions
diff --git a/framework/src/suricata/contrib/file_processor/Action/Log.pm b/framework/src/suricata/contrib/file_processor/Action/Log.pm new file mode 100644 index 00000000..f47fedbe --- /dev/null +++ b/framework/src/suricata/contrib/file_processor/Action/Log.pm @@ -0,0 +1,15 @@ +package Action::Log; +use Moose; +extends 'Processor'; + +has 'data' => (is => 'rw', isa => 'HashRef', required => 1); + +sub name { 'log' } +sub description { 'Log to file' } + +sub perform { + my $self = shift; + $self->log->info($self->json->encode($self->data)); +} + +1
\ No newline at end of file diff --git a/framework/src/suricata/contrib/file_processor/Action/Makefile.am b/framework/src/suricata/contrib/file_processor/Action/Makefile.am new file mode 100644 index 00000000..ddf7321a --- /dev/null +++ b/framework/src/suricata/contrib/file_processor/Action/Makefile.am @@ -0,0 +1 @@ +EXTRA_DIST=Log.pm Syslog.pm diff --git a/framework/src/suricata/contrib/file_processor/Action/Syslog.pm b/framework/src/suricata/contrib/file_processor/Action/Syslog.pm new file mode 100644 index 00000000..6b7c31a1 --- /dev/null +++ b/framework/src/suricata/contrib/file_processor/Action/Syslog.pm @@ -0,0 +1,20 @@ +package Action::Syslog; +use Moose; +extends 'Processor'; +use Sys::Syslog qw(:standard :macros); + +our $Program = 'suricata_file'; +our $Facility = LOG_LOCAL0; +has 'data' => (is => 'rw', isa => 'HashRef', required => 1); + +sub name { 'syslog' } +sub description { 'Log to local syslog' } + +sub perform { + my $self = shift; + openlog($Program, undef, $Facility); + syslog(LOG_INFO, $self->json->encode($self->data)); + closelog; +} + +1 |