Package com.splunk.logging
Class SplunkCimLogEvent
- java.lang.Object
-
- com.splunk.logging.SplunkCimLogEvent
-
public class SplunkCimLogEvent extends Object
SplunkCimLogEvent
encapsulates the best practice logging semantics recommended by Splunk. It produces events of key, value pairs, properly formatted and quoted for logging with any of Java's standard logging libraries (logback, log4j, java.util.logging, etc.) and indexing by Splunk. The class has convenience methods to set the fields defined in the standard Splunk Common Information Model.SplunkCimLogEvent
adds no timestamp to its fields, leaving you free to configure whatever timestamp format you prefer in your logging configuration.Logger logger = LoggerFactory.getLogger("splunk.logger"); SplunkCimLogEvent event = new SplunkCimLogEvent("Failed Login", "sshd:failure"); event.setAuthApp("jane"); event.setAuthUser("jane"); event.addField("somefieldname", "foobar"); logger.info(event.toString());
- See Also:
- Splunk CIM, Splunk Logging Best Practices
-
-
Field Summary
-
Constructor Summary
Constructors Constructor Description SplunkCimLogEvent(String eventName, String eventID)
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
addField(String key, Object value)
Add a key value pair.void
addThrowableWithStacktrace(Throwable throwable)
Logs an exception with its stacktrace nicely formatted for indexing and searching by Splunk.void
addThrowableWithStacktrace(Throwable throwable, int stacktraceDepth)
Logs an exception with the firststacktraceDepth
elements of its stacktrace nicely formatted for indexing and searching by Splunk,void
setAcManagementDestNtDomain(String acManagementDestNtDomain)
The domain containing the user that is affected by the account management event.void
setAcManagementSignature(String acManagementSignature)
Description of the account management change performed.void
setAcManagementSrcNtDomain(String acManagementSrcNtDomain)
The NT source of the destination.void
setAuthAction(String authAction)
The action performed on the resource.void
setAuthApp(String authApp)
The application involved in the event (such as ssh, spunk, win:local).void
setAuthDest(String authDest)
The target involved in the authentication.void
setAuthSrc(String authSrc)
The source involved in the authentication.void
setAuthSrcUser(String authSrcUser)
In privilege escalation events, src_user represents the user who initiated the privilege escalation.void
setAuthUser(String authUser)
The name of the user involved in the event, or who initiated the event.void
setChangeEndpointProtectionAction(String changeEndpointProtectionAction)
The action performed on the resource.void
setChangeEndpointProtectionChangeType(String changeEndpointProtectionChangeType)
The type of change discovered in the change analysis event.void
setChangeEndpointProtectionDest(String changeEndpointProtectionDest)
The host that was affected by the change.void
setChangeEndpointProtectionGid(long changeEndpointProtectionGid)
The group ID of the modified resource.void
setChangeEndpointProtectionHash(String changeEndpointProtectionHash)
The hash signature of the modified resource.void
setChangeEndpointProtectionIsdr(boolean changeEndpointProtectionIsdr)
Indicates whether or not the modified resource is a directory.void
setChangeEndpointProtectionMode(long changeEndpointProtectionMode)
The permissions mode of the modified resource.void
setChangeEndpointProtectionModtime(String changeEndpointProtectionModtime)
The modification time of the modified resource.void
setChangeEndpointProtectionPath(String changeEndpointProtectionPath)
The file path of the modified resource.void
setChangeEndpointProtectionSize(long changeEndpointProtectionSize)
The size of the modified resource.void
setChangeEndpointProtectionUid(long changeEndpointProtectionUid)
The user ID of the modified resource.void
setChangeNetworkProtectionAction(String changeNetworkProtectionAction)
The type of change observed.void
setChangeNetworkProtectionCommand(String changeNetworkProtectionCommand)
The command that initiated the change.void
setChangeNetworkProtectionDvc(String changeNetworkProtectionDvc)
The device that is directly affected by the change.void
setChangeNetworkProtectionUser(String changeNetworkProtectionUser)
The user that initiated the change.void
setCommonCategory(String commonCategory)
A device-specific classification provided as part of the event.void
setCommonCount(String commonCount)
A device-specific classification provided as part of the event.void
setCommonDesc(String commonDesc)
The free-form description of a particular event.void
setCommonDhcpPool(String commonDhcpPool)
The name of a given DHCP pool on a DHCP server.void
setCommonDuration(long commonDuration)
The amount of time the event lasted.void
setCommonDvcHost(String commonDvcHost)
The fully qualified domain name of the device transmitting or recording the log record.void
setCommonDvcIp(String commonDvcIp)
The IPv4 address of the device reporting the event.void
setCommonDvcIp6(String commonDvcIp6)
The IPv6 address of the device reporting the event.void
setCommonDvcLocation(String commonDvcLocation)
The free-form description of the device's physical location.void
setCommonDvcMac(String commonDvcMac)
The MAC (layer 2) address of the device reporting the event.void
setCommonDvcNtDomain(String commonDvcNtDomain)
The Windows NT domain of the device recording or transmitting the event.void
setCommonDvcNtHost(String commonDvcNtHost)
The Windows NT host name of the device recording or transmitting the event.void
setCommonDvcTime(long commonDvcTime)
Time at which the device recorded the event.void
setCommonEndTime(long commonEndTime)
The event's specified end time.void
setCommonEventId(long commonEventId)
A unique identifier that identifies the event.void
setCommonLength(long commonLength)
The length of the datagram, event, message, or packet.void
setCommonLogLevel(String commonLogLevel)
The log-level that was set on the device and recorded in the event.void
setCommonName(String commonName)
The name of the event as reported by the device.void
setCommonPid(long commonPid)
An integer assigned by the device operating system to the process creating the record.void
setCommonPriority(long commonPriority)
An environment-specific assessment of the event's importance, based on elements such as event severity, business function of the affected system, or other locally defined variables.void
setCommonProduct(String commonProduct)
The product that generated the event.void
setCommonProductVersion(long commonProductVersion)
The version of the product that generated the event.void
setCommonReason(String commonReason)
The result root cause, such as connection refused, timeout, crash, and so on.void
setCommonResult(String commonResult)
The action result.void
setCommonSeverity(String commonSeverity)
The severity (or priority) of an event as reported by the originating device.void
setCommonStartTime(long commonStartTime)
The event's specified start time.void
setCommonTransactionId(String commonTransactionId)
The transaction identifier.void
setCommonUrl(String commonUrl)
A uniform record locator (a web address, in other words) included in a record.void
setCommonVendor(String commonVendor)
The vendor who made the product that generated the event.void
setDnsDestDomain(String dnsDestDomain)
The DNS domain that has been queried.void
setDnsDestRecord(String dnsDestRecord)
The remote DNS resource record being acted upon.void
setDnsDestZone(String dnsDestZone)
The DNS zone that is being received by the slave as part of a zone transfer.void
setDnsRecordClass(String dnsRecordClass)
The DNS resource record class.void
setDnsRecordType(String dnsRecordType)
The DNS resource record type.void
setDnsSrcDomain(String dnsSrcDomain)
The local DNS domain that is being queried.void
setDnsSrcRecord(String dnsSrcRecord)
The local DNS resource record being acted upon.void
setDnsSrcZone(String dnsSrcZone)
The DNS zone that is being transferred by the master as part of a zone transfer.void
setEmailRecipient(String emailRecipient)
The person to whom an email is sent.void
setEmailSender(String emailSender)
The person responsible for sending an email.void
setEmailSubject(String emailSubject)
The email subject line.void
setFileAccessTime(long fileAccessTime)
The time the file (the object of the event) was accessed.void
setFileCreateTime(long fileCreateTime)
The time the file (the object of the event) was created.void
setFileHash(String fileHash)
A cryptographic identifier assigned to the file object affected by the event.void
setFileModifyTime(long fileModifyTime)
The time the file (the object of the event) was altered.void
setFileName(String fileName)
The name of the file that is the object of the event (without location information related to local file or directory structure).void
setFilePath(String filePath)
The location of the file that is the object of the event, in terms of local file and directory structure.void
setFilePermission(String filePermission)
Access controls associated with the file affected by the event.void
setFileSize(long fileSize)
The size of the file that is the object of the event.void
setIntrusionDetectionCategory(String intrusionDetectionCategory)
The category of the triggered signature.void
setIntrusionDetectionDest(String intrusionDetectionDest)
The destination of the attack detected by the intrusion detection system (IDS).void
setIntrusionDetectionDvc(String intrusionDetectionDvc)
The device that detected the intrusion event.void
setIntrusionDetectionIdsType(String intrusionDetectionIdsType)
The type of IDS that generated the event.void
setIntrusionDetectionProduct(String intrusionDetectionProduct)
The product name of the vendor technology generating network protection data, such as IDP, Providentia, and ASA.void
setIntrusionDetectionSeverity(String intrusionDetectionSeverity)
The severity of the network protection event (such as critical, high, medium, low, or informational).void
setIntrusionDetectionSignature(String intrusionDetectionSignature)
The name of the intrusion detected on the client (the src), such as PlugAndPlay_BO and JavaScript_Obfuscation_Fre.void
setIntrusionDetectionSrc(String intrusionDetectionSrc)
The source involved in the attack detected by the IDS.void
setIntrusionDetectionUser(String intrusionDetectionUser)
The user involved with the intrusion detection event.void
setIntrusionDetectionVendor(String intrusionDetectionVendor)
The vendor technology used to generate network protection data, such as IDP, Providentia, and ASA.void
setMalwareEndpointProtectionAction(String malwareEndpointProtectionAction)
The outcome of the infectionvoid
setMalwareEndpointProtectionDest(String malwareEndpointProtectionDest)
The target affected or infected by the malware.void
setMalwareEndpointProtectionDestNtDomain(String malwareEndpointProtectionDestNtDomain)
The NT domain of the destination (the dest_bestmatch).void
setMalwareEndpointProtectionFileHash(String malwareEndpointProtectionFileHash)
The cryptographic hash of the file associated with the malware event (such as the malicious or infected file).void
setMalwareEndpointProtectionFileName(String malwareEndpointProtectionFileName)
The name of the file involved in the malware event (such as the infected or malicious file).void
setMalwareEndpointProtectionFilePath(String malwareEndpointProtectionFilePath)
The path of the file involved in the malware event (such as the infected or malicious file).void
setMalwareEndpointProtectionProduct(String malwareEndpointProtectionProduct)
The product name of the vendor technology (the vendor field) that is generating malware data (such as Antivirus or EPO).void
setMalwareEndpointProtectionProductVersion(String malwareEndpointProtectionProductVersion)
The product version number of the vendor technology installed on the client (such as 10.4.3 or 11.0.2).void
setMalwareEndpointProtectionSignature(String malwareEndpointProtectionSignature)
The name of the malware infection detected on the client (the src), such as Trojan.Vundo,Spyware.Gaobot,W32.Nimbda).void
setMalwareEndpointProtectionSignatureVersion(String malwareEndpointProtectionSignatureVersion)
The current signature definition set running on the client, such as 11hsvx)void
setMalwareEndpointProtectionSrcNtDomain(String malwareEndpointProtectionSrcNtDomain)
The NT domain of the source (the src).void
setMalwareEndpointProtectionUser(String malwareEndpointProtectionUser)
The name of the user involved in the malware event.void
setMalwareEndpointProtectionVendor(String malwareEndpointProtectionVendor)
The name of the vendor technology generating malware data, such as Symantec or McAfee.void
setMalwareNetworkProtectionProduct(String malwareNetworkProtectionProduct)
The product name of the vendor technology generating network protection data, such as IDP, Proventia, and ASA.void
setMalwareNetworkProtectionSeverity(String malwareNetworkProtectionSeverity)
The severity of the network protection event (such as critical, high, medium, low, or informational).void
setMalwareNetworkProtectionVendor(String malwareNetworkProtectionVendor)
The vendor technology used to generate network protection data, such as IDP, Proventia, and ASA.void
setNetworkTrafficEssAction(String networkTrafficEssAction)
The action of the network traffic.void
setNetworkTrafficEssDestPort(int networkTrafficEssDestPort)
The destination port of the network traffic.void
setNetworkTrafficEssProduct(String networkTrafficEssProduct)
The product name of the vendor technology generating NetworkProtection data, such as IDP, Proventia, and ASA.void
setNetworkTrafficEssSrcPort(int networkTrafficEssSrcPort)
The source port of the network traffic.void
setNetworkTrafficEssVendor(String networkTrafficEssVendor)
The vendor technology used to generate NetworkProtection data, such as IDP, Proventia, and ASA.void
setNetworkTrafficGenericAppLayer(String networkTrafficGenericAppLayer)
The ISO layer 7 (application layer) protocol, such as HTTP, HTTPS, SSH, and IMAP.void
setNetworkTrafficGenericBytesIn(long networkTrafficGenericBytesIn)
How many bytes this device/interface received.void
setNetworkTrafficGenericBytesOut(long networkTrafficGenericBytesOut)
How many bytes this device/interface transmitted.void
setNetworkTrafficGenericChannel(String networkTrafficGenericChannel)
802.11 channel number used by a wireless network.void
setNetworkTrafficGenericCve(String networkTrafficGenericCve)
The Common Vulnerabilities and Exposures (CVE) reference value.void
setNetworkTrafficGenericDestApp(String networkTrafficGenericDestApp)
The destination application being targeted.void
setNetworkTrafficGenericDestCncChannel(String networkTrafficGenericDestCncChannel)
The destination command and control service channel.void
setNetworkTrafficGenericDestCncName(String networkTrafficGenericDestCncName)
The destination command and control service name.void
setNetworkTrafficGenericDestCncPort(String networkTrafficGenericDestCncPort)
The destination command and control service port.void
setNetworkTrafficGenericDestCountry(String networkTrafficGenericDestCountry)
The country associated with a packet's recipient.void
setNetworkTrafficGenericDestHost(String networkTrafficGenericDestHost)
The fully qualified host name of a packet's recipient.void
setNetworkTrafficGenericDestInt(String networkTrafficGenericDestInt)
The interface that is listening remotely or receiving packets locally.void
setNetworkTrafficGenericDestIp(String networkTrafficGenericDestIp)
The IPv4 address of a packet's recipient.void
setNetworkTrafficGenericDestIpv6(String networkTrafficGenericDestIpv6)
The IPv6 address of a packet's recipient.void
setNetworkTrafficGenericDestLat(int networkTrafficGenericDestLat)
The (physical) latitude of a packet's destination.void
setNetworkTrafficGenericDestLong(int networkTrafficGenericDestLong)
The (physical) longitude of a packet's destination.void
setNetworkTrafficGenericDestMac(String networkTrafficGenericDestMac)
The destination TCP/IP layer 2 Media Access Control (MAC) address of a packet's destination.void
setNetworkTrafficGenericDestNtDomain(String networkTrafficGenericDestNtDomain)
The Windows NT domain containing a packet's destination.void
setNetworkTrafficGenericDestNtHost(String networkTrafficGenericDestNtHost)
The Windows NT host name of a packet's destination.void
setNetworkTrafficGenericDestPort(int networkTrafficGenericDestPort)
TCP/IP port to which a packet is being sent.void
setNetworkTrafficGenericDestTranslatedIp(String networkTrafficGenericDestTranslatedIp)
The NATed IPv4 address to which a packet has been sent.void
setNetworkTrafficGenericDestTranslatedPort(int networkTrafficGenericDestTranslatedPort)
The NATed port to which a packet has been sent.void
setNetworkTrafficGenericIpVersion(int networkTrafficGenericIpVersion)
The numbered Internet Protocol version.void
setNetworkTrafficGenericOutboundInterface(String networkTrafficGenericOutboundInterface)
The network interface through which a packet was transmitted.void
setNetworkTrafficGenericPacketsIn(long networkTrafficGenericPacketsIn)
How many packets this device/interface received.void
setNetworkTrafficGenericPacketsOut(long networkTrafficGenericPacketsOut)
How many packets this device/interface transmitted.void
setNetworkTrafficGenericProto(String networkTrafficGenericProto)
The OSI layer 3 (Network Layer) protocol, such as IPv4/IPv6, ICMP, IPsec, IGMP or RIP.void
setNetworkTrafficGenericSessionId(String networkTrafficGenericSessionId)
The session identifier.void
setNetworkTrafficGenericSrcCountry(String networkTrafficGenericSrcCountry)
The country from which the packet was sent.void
setNetworkTrafficGenericSrcHost(String networkTrafficGenericSrcHost)
The fully qualified host name of the system that transmitted the packet.void
setNetworkTrafficGenericSrcInt(String networkTrafficGenericSrcInt)
The interface that is listening locally or sending packets remotely.void
setNetworkTrafficGenericSrcIp(String networkTrafficGenericSrcIp)
The IPv4 address of the packet's source.void
setNetworkTrafficGenericSrcIpv6(String networkTrafficGenericSrcIpv6)
The IPv6 address of the packet's source.void
setNetworkTrafficGenericSrcLat(int networkTrafficGenericSrcLat)
The (physical) latitude of the packet's source.void
setNetworkTrafficGenericSrcLong(int networkTrafficGenericSrcLong)
The (physical) longitude of the packet's source.void
setNetworkTrafficGenericSrcMac(String networkTrafficGenericSrcMac)
The Media Access Control (MAC) address from which a packet was transmitted.void
setNetworkTrafficGenericSrcNtDomain(String networkTrafficGenericSrcNtDomain)
The Windows NT domain containing the machines that generated the event.void
setNetworkTrafficGenericSrcNtHost(String networkTrafficGenericSrcNtHost)
The Windows NT hostname of the system that generated the event.void
setNetworkTrafficGenericSrcPort(int networkTrafficGenericSrcPort)
The network port from which a packet originated.void
setNetworkTrafficGenericSrcTranslatedIp(String networkTrafficGenericSrcTranslatedIp)
The NATed IPv4 address from which a packet has been sent.void
setNetworkTrafficGenericSrcTranslatedPort(int networkTrafficGenericSrcTranslatedPort)
The NATed network port from which a packet has been sent.void
setNetworkTrafficGenericSsid(String networkTrafficGenericSsid)
The 802.11 service set identifier (ssid) assigned to a wireless session.void
setNetworkTrafficGenericSyslogId(String networkTrafficGenericSyslogId)
The application, process, or OS subsystem that generated the event.void
setNetworkTrafficGenericSyslogPriority(String networkTrafficGenericSyslogPriority)
The criticality of an event, as recorded by UNIX syslog.void
setNetworkTrafficGenericTcpFlag(String networkTrafficGenericTcpFlag)
The TCP flag(s) specified in the event.void
setNetworkTrafficGenericTos(String networkTrafficGenericTos)
The hex bit that specifies TCP 'type of service'void
setNetworkTrafficGenericTransport(String networkTrafficGenericTransport)
The transport protocol.void
setNetworkTrafficGenericTtl(int networkTrafficGenericTtl)
The "time to live" of a packet or datagram.void
setNetworkTrafficGenericVlanId(long networkTrafficGenericVlanId)
The numeric identifier assigned to the virtual local area network (VLAN) specified in the record.void
setNetworkTrafficGenericVlanName(String networkTrafficGenericVlanName)
The name assigned to the virtual local area network (VLAN) specified in the record.void
setPacketFilteringAction(String packetFilteringAction)
The action the filtering device (the dvc_bestmatch field) performed on the communication.void
setPacketFilteringDestPort(int packetFilteringDestPort)
The IP port of the packet's destination, such as 22.void
setPacketFilteringDirection(String packetFilteringDirection)
The direction the packet is traveling.void
setPacketFilteringDvc(String packetFilteringDvc)
The name of the packet filtering device.void
setPacketFilteringRule(String packetFilteringRule)
The rule which took action on the packet, such as 143.void
setPacketFilteringSvcPort(int packetFilteringSvcPort)
The IP port of the packet's source, such as 34541.void
setProxyAction(String proxyAction)
The action taken by the proxy.void
setProxyDest(String proxyDest)
The destination of the network traffic (the remote host).void
setProxyHttpContentType(String proxyHttpContentType)
The content-type of the requested HTTP resource.void
setProxyHttpMethod(String proxyHttpMethod)
The HTTP method used to request the resource.void
setProxyHttpRefer(String proxyHttpRefer)
The HTTP referrer used to request the HTTP resource.void
setProxyHttpResponse(int proxyHttpResponse)
The HTTP response code.void
setProxyHttpUserAgent(String proxyHttpUserAgent)
The user agent used to request the HTTP resource.void
setProxyProduct(String proxyProduct)
The product name of the vendor technology generating Network Protection data, such as IDP, Providentia, and ASA.void
setProxySrc(String proxySrc)
The source of the network traffic (the client requesting the connection).void
setProxyStatus(int proxyStatus)
The HTTP response code indicating the status of the proxy request.void
setProxyUrl(String proxyUrl)
The URL of the requested HTTP resource.void
setProxyUser(String proxyUser)
The user that requested the HTTP resource.void
setProxyVendor(String proxyVendor)
The vendor technology generating Network Protection data, such as IDP, Providentia, and ASA.void
setSystemCenterApp(String systemCenterApp)
The running application or service on the system (the src field), such as explorer.exe or sshd.void
setSystemCenterFreembytes(long systemCenterFreembytes)
The amount of disk space available per drive or mount (the mount field) on the system (the src field).void
setSystemCenterKernelRelease(String systemCenterKernelRelease)
The version of operating system installed on the host (the src field), such as 6.0.1.4 or 2.6.27.30-170.2.82.fc10.x86_64.void
setSystemCenterLabel(String systemCenterLabel)
Human-readable version of the SystemUptime value.void
setSystemCenterMount(String systemCenterMount)
The drive or mount reporting available disk space (the FreeMBytes field) on the system (the src field).void
setSystemCenterOs(String systemCenterOs)
The name of the operating system installed on the host (the src), such as Microsoft Windows Server 2003 or GNU/Linux).void
setSystemCenterPercentprocessortime(int systemCenterPercentprocessortime)
The percentage of processor utilization.void
setSystemCenterSelinux(String systemCenterSelinux)
Values from the SE Linux configuration file.void
setSystemCenterSelinuxtype(String systemCenterSelinuxtype)
The SE Linux type (such as targeted).void
setSystemCenterSetlocaldefs(int systemCenterSetlocaldefs)
The setlocaldefs setting from the SE Linux configuration.void
setSystemCenterShell(String systemCenterShell)
The shell provided to the User Account (the user field) upon logging into the system (the src field).void
setSystemCenterSrcPort(int systemCenterSrcPort)
The TCP/UDP source port on the system (the src field).void
setSystemCenterSshdProtocol(String systemCenterSshdProtocol)
The sshd protocol version.void
setSystemCenterStartmode(String systemCenterStartmode)
The start mode of the given service.void
setSystemCenterSystemuptime(long systemCenterSystemuptime)
The number of seconds since the system (the src) has been "up."void
setSystemCenterTotalmbytes(long systemCenterTotalmbytes)
The total amount of available memory on the system (the src).void
setSystemCenterUpdates(long systemCenterUpdates)
The number of updates the system (the src) is missing.void
setSystemCenterUsedmbytes(long systemCenterUsedmbytes)
The amount of used memory on the system (the src).void
setSystemCenterUser(String systemCenterUser)
The User Account present on the system (the src).void
setTrafficDest(String trafficDest)
The destination of the network traffic.void
setTrafficDvc(String trafficDvc)
The name of the packet filtering device.void
setTrafficSrc(String trafficSrc)
The source of the network traffic.void
setUpdatePackage(String updatePackage)
The name of the installed update.void
setUserInfoUpdatesAffectedUser(String userInfoUpdatesAffectedUser)
A user that has been affected by a change.void
setUserInfoUpdatesAffectedUserGroup(String userInfoUpdatesAffectedUserGroup)
The user group affected by a change.void
setUserInfoUpdatesAffectedUserGroupId(int userInfoUpdatesAffectedUserGroupId)
The identifier of the user group affected by a change.void
setUserInfoUpdatesAffectedUserId(int userInfoUpdatesAffectedUserId)
The identifier of the user affected by a change.void
setUserInfoUpdatesAffectedUserPrivilege(String userInfoUpdatesAffectedUserPrivilege)
The security context associated with the user affected by a change.void
setUserInfoUpdatesUser(String userInfoUpdatesUser)
The name of the user affected by the recorded event.void
setUserInfoUpdatesUserGroup(String userInfoUpdatesUserGroup)
A user group that is the object of an event, expressed in human-readable terms.void
setUserInfoUpdatesUserGroupId(int userInfoUpdatesUserGroupId)
The numeric identifier assigned to the user group event object.void
setUserInfoUpdatesUserId(int userInfoUpdatesUserId)
The system-assigned identifier for the user affected by an event.void
setUserInfoUpdatesUserPrivilege(String userInfoUpdatesUserPrivilege)
The security context associated with the object of an event (the affected user).void
setUserInfoUpdatesUserSubject(String userInfoUpdatesUserSubject)
The name of the user that is the subject of an event--the user executing the action, in other words.void
setUserInfoUpdatesUserSubjectId(int userInfoUpdatesUserSubjectId)
The ID number of the user that is the subject of an event.void
setUserInfoUpdatesUserSubjectPrivilege(String userInfoUpdatesUserSubjectPrivilege)
The security context associated with the subject of an event (the user causing a change).void
setVulnerabilityCategory(String vulnerabilityCategory)
The category of the discovered vulnerability.void
setVulnerabilityDest(String vulnerabilityDest)
The host with the discovered vulnerability.void
setVulnerabilityOs(String vulnerabilityOs)
The operating system of the host containing the vulnerability detected on the client (the src field), such as SuSE Security Update, or cups security update.void
setVulnerabilitySeverity(String vulnerabilitySeverity)
The severity of the discovered vulnerability.void
setVulnerabilitySignature(String vulnerabilitySignature)
The name of the vulnerability detected on the client (the src field), such as SuSE Security Update, or cups security update.void
setWindowsAdminObjectHandle(String windowsAdminObjectHandle)
The object handle (associated only with Windows).void
setWindowsAdminObjectName(String windowsAdminObjectName)
The object name (associated only with Windows).void
setWindowsAdminObjectType(String windowsAdminObjectType)
The object type (associated only with Windows).String
toString()
-
-
-
Field Detail
-
AC_MANAGEMENT_DEST_NT_DOMAIN
public static String AC_MANAGEMENT_DEST_NT_DOMAIN
-
AC_MANAGEMENT_SIGNATURE
public static String AC_MANAGEMENT_SIGNATURE
-
AC_MANAGEMENT_SRC_NT_DOMAIN
public static String AC_MANAGEMENT_SRC_NT_DOMAIN
-
AUTH_ACTION
public static String AUTH_ACTION
-
AUTH_APP
public static String AUTH_APP
-
AUTH_DEST
public static String AUTH_DEST
-
AUTH_SRC
public static String AUTH_SRC
-
AUTH_SRC_USER
public static String AUTH_SRC_USER
-
AUTH_USER
public static String AUTH_USER
-
CHANGE_ENDPOINT_PROTECTION_ACTION
public static String CHANGE_ENDPOINT_PROTECTION_ACTION
-
CHANGE_ENDPOINT_PROTECTION_CHANGE_TYPE
public static String CHANGE_ENDPOINT_PROTECTION_CHANGE_TYPE
-
CHANGE_ENDPOINT_PROTECTION_DEST
public static String CHANGE_ENDPOINT_PROTECTION_DEST
-
CHANGE_ENDPOINT_PROTECTION_HASH
public static String CHANGE_ENDPOINT_PROTECTION_HASH
-
CHANGE_ENDPOINT_PROTECTION_GID
public static String CHANGE_ENDPOINT_PROTECTION_GID
-
CHANGE_ENDPOINT_PROTECTION_ISDR
public static String CHANGE_ENDPOINT_PROTECTION_ISDR
-
CHANGE_ENDPOINT_PROTECTION_MODE
public static String CHANGE_ENDPOINT_PROTECTION_MODE
-
CHANGE_ENDPOINT_PROTECTION_MODTIME
public static String CHANGE_ENDPOINT_PROTECTION_MODTIME
-
CHANGE_ENDPOINT_PROTECTION_PATH
public static String CHANGE_ENDPOINT_PROTECTION_PATH
-
CHANGE_ENDPOINT_PROTECTION_SIZE
public static String CHANGE_ENDPOINT_PROTECTION_SIZE
-
CHANGE_ENDPOINT_PROTECTION_UID
public static String CHANGE_ENDPOINT_PROTECTION_UID
-
CHANGE_NETWORK_PROTECTION_ACTION
public static String CHANGE_NETWORK_PROTECTION_ACTION
-
CHANGE_NETWORK_PROTECTION_COMMAND
public static String CHANGE_NETWORK_PROTECTION_COMMAND
-
CHANGE_NETWORK_PROTECTION_DVC
public static String CHANGE_NETWORK_PROTECTION_DVC
-
CHANGE_NETWORK_PROTECTION_USER
public static String CHANGE_NETWORK_PROTECTION_USER
-
COMMON_CATEGORY
public static String COMMON_CATEGORY
-
COMMON_COUNT
public static String COMMON_COUNT
-
COMMON_DESC
public static String COMMON_DESC
-
COMMON_DHCP_POOL
public static String COMMON_DHCP_POOL
-
COMMON_DURATION
public static String COMMON_DURATION
-
COMMON_DVC_HOST
public static String COMMON_DVC_HOST
-
COMMON_DVC_IP
public static String COMMON_DVC_IP
-
COMMON_DVC_IP6
public static String COMMON_DVC_IP6
-
COMMON_DVC_LOCATION
public static String COMMON_DVC_LOCATION
-
COMMON_DVC_MAC
public static String COMMON_DVC_MAC
-
COMMON_DVC_NT_DOMAIN
public static String COMMON_DVC_NT_DOMAIN
-
COMMON_DVC_NT_HOST
public static String COMMON_DVC_NT_HOST
-
COMMON_DVC_TIME
public static String COMMON_DVC_TIME
-
COMMON_END_TIME
public static String COMMON_END_TIME
-
COMMON_EVENT_ID
public static String COMMON_EVENT_ID
-
COMMON_LENGTH
public static String COMMON_LENGTH
-
COMMON_LOG_LEVEL
public static String COMMON_LOG_LEVEL
-
COMMON_NAME
public static String COMMON_NAME
-
COMMON_PID
public static String COMMON_PID
-
COMMON_PRIORITY
public static String COMMON_PRIORITY
-
COMMON_PRODUCT
public static String COMMON_PRODUCT
-
COMMON_PRODUCT_VERSION
public static String COMMON_PRODUCT_VERSION
-
COMMON_REASON
public static String COMMON_REASON
-
COMMON_RESULT
public static String COMMON_RESULT
-
COMMON_SEVERITY
public static String COMMON_SEVERITY
-
COMMON_START_TIME
public static String COMMON_START_TIME
-
COMMON_TRANSACTION_ID
public static String COMMON_TRANSACTION_ID
-
COMMON_URL
public static String COMMON_URL
-
COMMON_VENDOR
public static String COMMON_VENDOR
-
DNS_DEST_DOMAIN
public static String DNS_DEST_DOMAIN
-
DNS_DEST_RECORD
public static String DNS_DEST_RECORD
-
DNS_DEST_ZONE
public static String DNS_DEST_ZONE
-
DNS_RECORD_CLASS
public static String DNS_RECORD_CLASS
-
DNS_RECORD_TYPE
public static String DNS_RECORD_TYPE
-
DNS_SRC_DOMAIN
public static String DNS_SRC_DOMAIN
-
DNS_SRC_RECORD
public static String DNS_SRC_RECORD
-
DNS_SRC_ZONE
public static String DNS_SRC_ZONE
-
EMAIL_RECIPIENT
public static String EMAIL_RECIPIENT
-
EMAIL_SENDER
public static String EMAIL_SENDER
-
EMAIL_SUBJECT
public static String EMAIL_SUBJECT
-
FILE_ACCESS_TIME
public static String FILE_ACCESS_TIME
-
FILE_CREATE_TIME
public static String FILE_CREATE_TIME
-
FILE_HASH
public static String FILE_HASH
-
FILE_MODIFY_TIME
public static String FILE_MODIFY_TIME
-
FILE_NAME
public static String FILE_NAME
-
FILE_PATH
public static String FILE_PATH
-
FILE_PERMISSION
public static String FILE_PERMISSION
-
FILE_SIZE
public static String FILE_SIZE
-
INTRUSION_DETECTION_CATEGORY
public static String INTRUSION_DETECTION_CATEGORY
-
INTRUSION_DETECTION_DEST
public static String INTRUSION_DETECTION_DEST
-
INTRUSION_DETECTION_DVC
public static String INTRUSION_DETECTION_DVC
-
INTRUSION_DETECTION_IDS_TYPE
public static String INTRUSION_DETECTION_IDS_TYPE
-
INTRUSION_DETECTION_PRODUCT
public static String INTRUSION_DETECTION_PRODUCT
-
INTRUSION_DETECTION_SEVERITY
public static String INTRUSION_DETECTION_SEVERITY
-
INTRUSION_DETECTION_SIGNATURE
public static String INTRUSION_DETECTION_SIGNATURE
-
INTRUSION_DETECTION_SRC
public static String INTRUSION_DETECTION_SRC
-
INTRUSION_DETECTION_USER
public static String INTRUSION_DETECTION_USER
-
INTRUSION_DETECTION_VENDOR
public static String INTRUSION_DETECTION_VENDOR
-
MALWARE_ENDPOINT_PROTECTION_ACTION
public static String MALWARE_ENDPOINT_PROTECTION_ACTION
-
MALWARE_ENDPOINT_PROTECTION_DEST_NT_DOMAIN
public static String MALWARE_ENDPOINT_PROTECTION_DEST_NT_DOMAIN
-
MALWARE_ENDPOINT_PROTECTION_FILE_HASH
public static String MALWARE_ENDPOINT_PROTECTION_FILE_HASH
-
MALWARE_ENDPOINT_PROTECTION_FILE_NAME
public static String MALWARE_ENDPOINT_PROTECTION_FILE_NAME
-
MALWARE_ENDPOINT_PROTECTION_FILE_PATH
public static String MALWARE_ENDPOINT_PROTECTION_FILE_PATH
-
MALWARE_ENDPOINT_PROTECTION_PRODUCT
public static String MALWARE_ENDPOINT_PROTECTION_PRODUCT
-
MALWARE_ENDPOINT_PROTECTION_PRODUCT_VERSION
public static String MALWARE_ENDPOINT_PROTECTION_PRODUCT_VERSION
-
MALWARE_ENDPOINT_PROTECTION_SIGNATURE
public static String MALWARE_ENDPOINT_PROTECTION_SIGNATURE
-
MALWARE_ENDPOINT_PROTECTION_SIGNATURE_VERSION
public static String MALWARE_ENDPOINT_PROTECTION_SIGNATURE_VERSION
-
MALWARE_ENDPOINT_PROTECTION_DEST
public static String MALWARE_ENDPOINT_PROTECTION_DEST
-
MALWARE_ENDPOINT_PROTECTION_SRC_NT_DOMAIN
public static String MALWARE_ENDPOINT_PROTECTION_SRC_NT_DOMAIN
-
MALWARE_ENDPOINT_PROTECTION_USER
public static String MALWARE_ENDPOINT_PROTECTION_USER
-
MALWARE_ENDPOINT_PROTECTION_VENDOR
public static String MALWARE_ENDPOINT_PROTECTION_VENDOR
-
MALWARE_NETWORK_PROTECTION_PRODUCT
public static String MALWARE_NETWORK_PROTECTION_PRODUCT
-
MALWARE_NETWORK_PROTECTION_SEVERITY
public static String MALWARE_NETWORK_PROTECTION_SEVERITY
-
MALWARE_NETWORK_PROTECTION_VENDOR
public static String MALWARE_NETWORK_PROTECTION_VENDOR
-
NETWORK_TRAFFIC_ESS_ACTION
public static String NETWORK_TRAFFIC_ESS_ACTION
-
NETWORK_TRAFFIC_ESS_DEST_PORT
public static String NETWORK_TRAFFIC_ESS_DEST_PORT
-
NETWORK_TRAFFIC_ESS_PRODUCT
public static String NETWORK_TRAFFIC_ESS_PRODUCT
-
NETWORK_TRAFFIC_ESS_SRC_PORT
public static String NETWORK_TRAFFIC_ESS_SRC_PORT
-
NETWORK_TRAFFIC_ESS_VENDOR
public static String NETWORK_TRAFFIC_ESS_VENDOR
-
NETWORK_TRAFFIC_GENERIC_APP_LAYER
public static String NETWORK_TRAFFIC_GENERIC_APP_LAYER
-
NETWORK_TRAFFIC_GENERIC_BYTES_IN
public static String NETWORK_TRAFFIC_GENERIC_BYTES_IN
-
NETWORK_TRAFFIC_GENERIC_BYTES_OUT
public static String NETWORK_TRAFFIC_GENERIC_BYTES_OUT
-
NETWORK_TRAFFIC_GENERIC_CHANNEL
public static String NETWORK_TRAFFIC_GENERIC_CHANNEL
-
NETWORK_TRAFFIC_GENERIC_CVE
public static String NETWORK_TRAFFIC_GENERIC_CVE
-
NETWORK_TRAFFIC_GENERIC_DEST_APP
public static String NETWORK_TRAFFIC_GENERIC_DEST_APP
-
NETWORK_TRAFFIC_GENERIC_DEST_CNC_CHANNEL
public static String NETWORK_TRAFFIC_GENERIC_DEST_CNC_CHANNEL
-
NETWORK_TRAFFIC_GENERIC_DEST_CNC_NAME
public static String NETWORK_TRAFFIC_GENERIC_DEST_CNC_NAME
-
NETWORK_TRAFFIC_GENERIC_DEST_CNC_PORT
public static String NETWORK_TRAFFIC_GENERIC_DEST_CNC_PORT
-
NETWORK_TRAFFIC_GENERIC_DEST_COUNTRY
public static String NETWORK_TRAFFIC_GENERIC_DEST_COUNTRY
-
NETWORK_TRAFFIC_GENERIC_DEST_HOST
public static String NETWORK_TRAFFIC_GENERIC_DEST_HOST
-
NETWORK_TRAFFIC_GENERIC_DEST_INT
public static String NETWORK_TRAFFIC_GENERIC_DEST_INT
-
NETWORK_TRAFFIC_GENERIC_DEST_IP
public static String NETWORK_TRAFFIC_GENERIC_DEST_IP
-
NETWORK_TRAFFIC_GENERIC_DEST_IPV6
public static String NETWORK_TRAFFIC_GENERIC_DEST_IPV6
-
NETWORK_TRAFFIC_GENERIC_DEST_LAT
public static String NETWORK_TRAFFIC_GENERIC_DEST_LAT
-
NETWORK_TRAFFIC_GENERIC_DEST_LONG
public static String NETWORK_TRAFFIC_GENERIC_DEST_LONG
-
NETWORK_TRAFFIC_GENERIC_DEST_MAC
public static String NETWORK_TRAFFIC_GENERIC_DEST_MAC
-
NETWORK_TRAFFIC_GENERIC_DEST_NT_DOMAIN
public static String NETWORK_TRAFFIC_GENERIC_DEST_NT_DOMAIN
-
NETWORK_TRAFFIC_GENERIC_DEST_NT_HOST
public static String NETWORK_TRAFFIC_GENERIC_DEST_NT_HOST
-
NETWORK_TRAFFIC_GENERIC_DEST_PORT
public static String NETWORK_TRAFFIC_GENERIC_DEST_PORT
-
NETWORK_TRAFFIC_GENERIC_DEST_TRANSLATED_IP
public static String NETWORK_TRAFFIC_GENERIC_DEST_TRANSLATED_IP
-
NETWORK_TRAFFIC_GENERIC_DEST_TRANSLATED_PORT
public static String NETWORK_TRAFFIC_GENERIC_DEST_TRANSLATED_PORT
-
NETWORK_TRAFFIC_GENERIC_IP_VERSION
public static String NETWORK_TRAFFIC_GENERIC_IP_VERSION
-
NETWORK_TRAFFIC_GENERIC_OUTBOUND_INTERFACE
public static String NETWORK_TRAFFIC_GENERIC_OUTBOUND_INTERFACE
-
NETWORK_TRAFFIC_GENERIC_PACKETS_IN
public static String NETWORK_TRAFFIC_GENERIC_PACKETS_IN
-
NETWORK_TRAFFIC_GENERIC_PACKETS_OUT
public static String NETWORK_TRAFFIC_GENERIC_PACKETS_OUT
-
NETWORK_TRAFFIC_GENERIC_PROTO
public static String NETWORK_TRAFFIC_GENERIC_PROTO
-
NETWORK_TRAFFIC_GENERIC_SESSION_ID
public static String NETWORK_TRAFFIC_GENERIC_SESSION_ID
-
NETWORK_TRAFFIC_GENERIC_SSID
public static String NETWORK_TRAFFIC_GENERIC_SSID
-
NETWORK_TRAFFIC_GENERIC_SRC_COUNTRY
public static String NETWORK_TRAFFIC_GENERIC_SRC_COUNTRY
-
NETWORK_TRAFFIC_GENERIC_SRC_HOST
public static String NETWORK_TRAFFIC_GENERIC_SRC_HOST
-
NETWORK_TRAFFIC_GENERIC_SRC_INT
public static String NETWORK_TRAFFIC_GENERIC_SRC_INT
-
NETWORK_TRAFFIC_GENERIC_SRC_IP
public static String NETWORK_TRAFFIC_GENERIC_SRC_IP
-
NETWORK_TRAFFIC_GENERIC_SRC_IPV6
public static String NETWORK_TRAFFIC_GENERIC_SRC_IPV6
-
NETWORK_TRAFFIC_GENERIC_SRC_LAT
public static String NETWORK_TRAFFIC_GENERIC_SRC_LAT
-
NETWORK_TRAFFIC_GENERIC_SRC_LONG
public static String NETWORK_TRAFFIC_GENERIC_SRC_LONG
-
NETWORK_TRAFFIC_GENERIC_SRC_MAC
public static String NETWORK_TRAFFIC_GENERIC_SRC_MAC
-
NETWORK_TRAFFIC_GENERIC_SRC_NT_DOMAIN
public static String NETWORK_TRAFFIC_GENERIC_SRC_NT_DOMAIN
-
NETWORK_TRAFFIC_GENERIC_SRC_NT_HOST
public static String NETWORK_TRAFFIC_GENERIC_SRC_NT_HOST
-
NETWORK_TRAFFIC_GENERIC_SRC_PORT
public static String NETWORK_TRAFFIC_GENERIC_SRC_PORT
-
NETWORK_TRAFFIC_GENERIC_SRC_TRANSLATED_IP
public static String NETWORK_TRAFFIC_GENERIC_SRC_TRANSLATED_IP
-
NETWORK_TRAFFIC_GENERIC_SRC_TRANSLATED_PORT
public static String NETWORK_TRAFFIC_GENERIC_SRC_TRANSLATED_PORT
-
NETWORK_TRAFFIC_GENERIC_SYSLOG_ID
public static String NETWORK_TRAFFIC_GENERIC_SYSLOG_ID
-
NETWORK_TRAFFIC_GENERIC_SYSLOG_PRIORITY
public static String NETWORK_TRAFFIC_GENERIC_SYSLOG_PRIORITY
-
NETWORK_TRAFFIC_GENERIC_TCP_FLAG
public static String NETWORK_TRAFFIC_GENERIC_TCP_FLAG
-
NETWORK_TRAFFIC_GENERIC_TOS
public static String NETWORK_TRAFFIC_GENERIC_TOS
-
NETWORK_TRAFFIC_GENERIC_TRANSPORT
public static String NETWORK_TRAFFIC_GENERIC_TRANSPORT
-
NETWORK_TRAFFIC_GENERIC_TTL
public static String NETWORK_TRAFFIC_GENERIC_TTL
-
NETWORK_TRAFFIC_GENERIC_VLAN_ID
public static String NETWORK_TRAFFIC_GENERIC_VLAN_ID
-
NETWORK_TRAFFIC_GENERIC_VLAN_NAME
public static String NETWORK_TRAFFIC_GENERIC_VLAN_NAME
-
PACKET_FILTERING_ACTION
public static String PACKET_FILTERING_ACTION
-
PACKET_FILTERING_DEST_PORT
public static String PACKET_FILTERING_DEST_PORT
-
PACKET_FILTERING_DIRECTION
public static String PACKET_FILTERING_DIRECTION
-
PACKET_FILTERING_DVC
public static String PACKET_FILTERING_DVC
-
PACKET_FILTERING_RULE
public static String PACKET_FILTERING_RULE
-
PACKET_FILTERING_SVC_PORT
public static String PACKET_FILTERING_SVC_PORT
-
PROXY_ACTION
public static String PROXY_ACTION
-
PROXY_DEST
public static String PROXY_DEST
-
PROXY_HTTP_CONTENT_TYPE
public static String PROXY_HTTP_CONTENT_TYPE
-
PROXY_HTTP_METHOD
public static String PROXY_HTTP_METHOD
-
PROXY_HTTP_REFER
public static String PROXY_HTTP_REFER
-
PROXY_HTTP_RESPONSE
public static String PROXY_HTTP_RESPONSE
-
PROXY_HTTP_USER_AGENT
public static String PROXY_HTTP_USER_AGENT
-
PROXY_PRODUCT
public static String PROXY_PRODUCT
-
PROXY_SRC
public static String PROXY_SRC
-
PROXY_STATUS
public static String PROXY_STATUS
-
PROXY_USER
public static String PROXY_USER
-
PROXY_URL
public static String PROXY_URL
-
PROXY_VENDOR
public static String PROXY_VENDOR
-
SYSTEM_CENTER_APP
public static String SYSTEM_CENTER_APP
-
SYSTEM_CENTER_FREEMBYTES
public static String SYSTEM_CENTER_FREEMBYTES
-
SYSTEM_CENTER_KERNEL_RELEASE
public static String SYSTEM_CENTER_KERNEL_RELEASE
-
SYSTEM_CENTER_LABEL
public static String SYSTEM_CENTER_LABEL
-
SYSTEM_CENTER_MOUNT
public static String SYSTEM_CENTER_MOUNT
-
SYSTEM_CENTER_OS
public static String SYSTEM_CENTER_OS
-
SYSTEM_CENTER_PERCENTPROCESSORTIME
public static String SYSTEM_CENTER_PERCENTPROCESSORTIME
-
SYSTEM_CENTER_SETLOCALDEFS
public static String SYSTEM_CENTER_SETLOCALDEFS
-
SYSTEM_CENTER_SELINUX
public static String SYSTEM_CENTER_SELINUX
-
SYSTEM_CENTER_SELINUXTYPE
public static String SYSTEM_CENTER_SELINUXTYPE
-
SYSTEM_CENTER_SHELL
public static String SYSTEM_CENTER_SHELL
-
SYSTEM_CENTER_SRC_PORT
public static String SYSTEM_CENTER_SRC_PORT
-
SYSTEM_CENTER_SSHD_PROTOCOL
public static String SYSTEM_CENTER_SSHD_PROTOCOL
-
SYSTEM_CENTER_STARTMODE
public static String SYSTEM_CENTER_STARTMODE
-
SYSTEM_CENTER_SYSTEMUPTIME
public static String SYSTEM_CENTER_SYSTEMUPTIME
-
SYSTEM_CENTER_TOTALMBYTES
public static String SYSTEM_CENTER_TOTALMBYTES
-
SYSTEM_CENTER_USEDMBYTES
public static String SYSTEM_CENTER_USEDMBYTES
-
SYSTEM_CENTER_USER
public static String SYSTEM_CENTER_USER
-
SYSTEM_CENTER_UPDATES
public static String SYSTEM_CENTER_UPDATES
-
TRAFFIC_DEST
public static String TRAFFIC_DEST
-
TRAFFIC_DVC
public static String TRAFFIC_DVC
-
TRAFFIC_SRC
public static String TRAFFIC_SRC
-
UPDATE_PACKAGE
public static String UPDATE_PACKAGE
-
USER_INFO_UPDATES_AFFECTED_USER
public static String USER_INFO_UPDATES_AFFECTED_USER
-
USER_INFO_UPDATES_AFFECTED_USER_GROUP
public static String USER_INFO_UPDATES_AFFECTED_USER_GROUP
-
USER_INFO_UPDATES_AFFECTED_USER_GROUP_ID
public static String USER_INFO_UPDATES_AFFECTED_USER_GROUP_ID
-
USER_INFO_UPDATES_AFFECTED_USER_ID
public static String USER_INFO_UPDATES_AFFECTED_USER_ID
-
USER_INFO_UPDATES_AFFECTED_USER_PRIVILEGE
public static String USER_INFO_UPDATES_AFFECTED_USER_PRIVILEGE
-
USER_INFO_UPDATES_USER
public static String USER_INFO_UPDATES_USER
-
USER_INFO_UPDATES_USER_GROUP
public static String USER_INFO_UPDATES_USER_GROUP
-
USER_INFO_UPDATES_USER_GROUP_ID
public static String USER_INFO_UPDATES_USER_GROUP_ID
-
USER_INFO_UPDATES_USER_ID
public static String USER_INFO_UPDATES_USER_ID
-
USER_INFO_UPDATES_USER_PRIVILEGE
public static String USER_INFO_UPDATES_USER_PRIVILEGE
-
USER_INFO_UPDATES_USER_SUBJECT
public static String USER_INFO_UPDATES_USER_SUBJECT
-
USER_INFO_UPDATES_USER_SUBJECT_ID
public static String USER_INFO_UPDATES_USER_SUBJECT_ID
-
USER_INFO_UPDATES_USER_SUBJECT_PRIVILEGE
public static String USER_INFO_UPDATES_USER_SUBJECT_PRIVILEGE
-
VULNERABILITY_CATEGORY
public static String VULNERABILITY_CATEGORY
-
VULNERABILITY_DEST
public static String VULNERABILITY_DEST
-
VULNERABILITY_OS
public static String VULNERABILITY_OS
-
VULNERABILITY_SEVERITY
public static String VULNERABILITY_SEVERITY
-
VULNERABILITY_SIGNATURE
public static String VULNERABILITY_SIGNATURE
-
WINDOWS_ADMIN_OBJECT_NAME
public static String WINDOWS_ADMIN_OBJECT_NAME
-
WINDOWS_ADMIN_OBJECT_TYPE
public static String WINDOWS_ADMIN_OBJECT_TYPE
-
WINDOWS_ADMIN_OBJECT_HANDLE
public static String WINDOWS_ADMIN_OBJECT_HANDLE
-
-
Method Detail
-
addField
public void addField(String key, Object value)
Add a key value pair. The value may be any Java object which returns a sensible result from itstoString
method. For logging exceptions, consider usingaddThrowableWithStacktrace
instead.- Parameters:
key
- keyvalue
- value
-
addThrowableWithStacktrace
public void addThrowableWithStacktrace(Throwable throwable)
Logs an exception with its stacktrace nicely formatted for indexing and searching by Splunk.- Parameters:
throwable
- the Throwable object to add to the event
-
addThrowableWithStacktrace
public void addThrowableWithStacktrace(Throwable throwable, int stacktraceDepth)
Logs an exception with the firststacktraceDepth
elements of its stacktrace nicely formatted for indexing and searching by Splunk,- Parameters:
throwable
- the Throwable object to add to the eventstacktraceDepth
- maximum number of stacktrace elements to log
-
setAcManagementDestNtDomain
public void setAcManagementDestNtDomain(String acManagementDestNtDomain)
The domain containing the user that is affected by the account management event.
-
setAcManagementSignature
public void setAcManagementSignature(String acManagementSignature)
Description of the account management change performed.
-
setAcManagementSrcNtDomain
public void setAcManagementSrcNtDomain(String acManagementSrcNtDomain)
The NT source of the destination. In the case of an account management event, this is the domain that contains the user that generated the event.
-
setAuthAction
public void setAuthAction(String authAction)
The action performed on the resource. success, failure
-
setAuthApp
public void setAuthApp(String authApp)
The application involved in the event (such as ssh, spunk, win:local).
-
setAuthDest
public void setAuthDest(String authDest)
The target involved in the authentication. If your field is named dest_host, dest_ip, dest_ipv6, or dest_nt_host you can alias it as dest to make it CIM-compliant.
-
setAuthSrc
public void setAuthSrc(String authSrc)
The source involved in the authentication. In the case of endpoint protection authentication the src is the client. If your field is named src_host, src_ip, src_ipv6, or src_nt_host you can alias it as src to make it CIM-compliant.. It is required for all events dealing with endpoint protection (Authentication, change analysis, malware, system center, and update). Note: Do not confuse this with the event source or sourcetype fields.
-
setAuthSrcUser
public void setAuthSrcUser(String authSrcUser)
In privilege escalation events, src_user represents the user who initiated the privilege escalation.
-
setAuthUser
public void setAuthUser(String authUser)
The name of the user involved in the event, or who initiated the event. For authentication privilege escalation events this should represent the user targeted by the escalation.
-
setChangeEndpointProtectionAction
public void setChangeEndpointProtectionAction(String changeEndpointProtectionAction)
The action performed on the resource.
-
setChangeEndpointProtectionChangeType
public void setChangeEndpointProtectionChangeType(String changeEndpointProtectionChangeType)
The type of change discovered in the change analysis event.
-
setChangeEndpointProtectionDest
public void setChangeEndpointProtectionDest(String changeEndpointProtectionDest)
The host that was affected by the change. If your field is named dest_host,dest_ip,dest_ipv6, or dest_nt_host you can alias it as dest to make it CIM-compliant.
-
setChangeEndpointProtectionHash
public void setChangeEndpointProtectionHash(String changeEndpointProtectionHash)
The hash signature of the modified resource.
-
setChangeEndpointProtectionGid
public void setChangeEndpointProtectionGid(long changeEndpointProtectionGid)
The group ID of the modified resource.
-
setChangeEndpointProtectionIsdr
public void setChangeEndpointProtectionIsdr(boolean changeEndpointProtectionIsdr)
Indicates whether or not the modified resource is a directory.
-
setChangeEndpointProtectionMode
public void setChangeEndpointProtectionMode(long changeEndpointProtectionMode)
The permissions mode of the modified resource.
-
setChangeEndpointProtectionModtime
public void setChangeEndpointProtectionModtime(String changeEndpointProtectionModtime)
The modification time of the modified resource.
-
setChangeEndpointProtectionPath
public void setChangeEndpointProtectionPath(String changeEndpointProtectionPath)
The file path of the modified resource.
-
setChangeEndpointProtectionSize
public void setChangeEndpointProtectionSize(long changeEndpointProtectionSize)
The size of the modified resource.
-
setChangeEndpointProtectionUid
public void setChangeEndpointProtectionUid(long changeEndpointProtectionUid)
The user ID of the modified resource.
-
setChangeNetworkProtectionAction
public void setChangeNetworkProtectionAction(String changeNetworkProtectionAction)
The type of change observed.
-
setChangeNetworkProtectionCommand
public void setChangeNetworkProtectionCommand(String changeNetworkProtectionCommand)
The command that initiated the change.
-
setChangeNetworkProtectionDvc
public void setChangeNetworkProtectionDvc(String changeNetworkProtectionDvc)
The device that is directly affected by the change.
-
setChangeNetworkProtectionUser
public void setChangeNetworkProtectionUser(String changeNetworkProtectionUser)
The user that initiated the change.
-
setCommonCategory
public void setCommonCategory(String commonCategory)
A device-specific classification provided as part of the event.
-
setCommonCount
public void setCommonCount(String commonCount)
A device-specific classification provided as part of the event.
-
setCommonDesc
public void setCommonDesc(String commonDesc)
The free-form description of a particular event.
-
setCommonDhcpPool
public void setCommonDhcpPool(String commonDhcpPool)
The name of a given DHCP pool on a DHCP server.
-
setCommonDuration
public void setCommonDuration(long commonDuration)
The amount of time the event lasted.
-
setCommonDvcHost
public void setCommonDvcHost(String commonDvcHost)
The fully qualified domain name of the device transmitting or recording the log record.
-
setCommonDvcIp
public void setCommonDvcIp(String commonDvcIp)
The IPv4 address of the device reporting the event.
-
setCommonDvcIp6
public void setCommonDvcIp6(String commonDvcIp6)
The IPv6 address of the device reporting the event.
-
setCommonDvcLocation
public void setCommonDvcLocation(String commonDvcLocation)
The free-form description of the device's physical location.
-
setCommonDvcMac
public void setCommonDvcMac(String commonDvcMac)
The MAC (layer 2) address of the device reporting the event.
-
setCommonDvcNtDomain
public void setCommonDvcNtDomain(String commonDvcNtDomain)
The Windows NT domain of the device recording or transmitting the event.
-
setCommonDvcNtHost
public void setCommonDvcNtHost(String commonDvcNtHost)
The Windows NT host name of the device recording or transmitting the event.
-
setCommonDvcTime
public void setCommonDvcTime(long commonDvcTime)
Time at which the device recorded the event.
-
setCommonEndTime
public void setCommonEndTime(long commonEndTime)
The event's specified end time.
-
setCommonEventId
public void setCommonEventId(long commonEventId)
A unique identifier that identifies the event. This is unique to the reporting device.
-
setCommonLength
public void setCommonLength(long commonLength)
The length of the datagram, event, message, or packet.
-
setCommonLogLevel
public void setCommonLogLevel(String commonLogLevel)
The log-level that was set on the device and recorded in the event.
-
setCommonName
public void setCommonName(String commonName)
The name of the event as reported by the device. The name should not contain information that's already being parsed into other fields from the event, such as IP addresses.
-
setCommonPid
public void setCommonPid(long commonPid)
An integer assigned by the device operating system to the process creating the record.
-
setCommonPriority
public void setCommonPriority(long commonPriority)
An environment-specific assessment of the event's importance, based on elements such as event severity, business function of the affected system, or other locally defined variables.
-
setCommonProduct
public void setCommonProduct(String commonProduct)
The product that generated the event.
-
setCommonProductVersion
public void setCommonProductVersion(long commonProductVersion)
The version of the product that generated the event.
-
setCommonReason
public void setCommonReason(String commonReason)
The result root cause, such as connection refused, timeout, crash, and so on.
-
setCommonResult
public void setCommonResult(String commonResult)
The action result. Often is a binary choice: succeeded and failed, allowed and denied, and so on.
-
setCommonSeverity
public void setCommonSeverity(String commonSeverity)
The severity (or priority) of an event as reported by the originating device.
-
setCommonStartTime
public void setCommonStartTime(long commonStartTime)
The event's specified start time.
-
setCommonTransactionId
public void setCommonTransactionId(String commonTransactionId)
The transaction identifier.
-
setCommonUrl
public void setCommonUrl(String commonUrl)
A uniform record locator (a web address, in other words) included in a record.
-
setCommonVendor
public void setCommonVendor(String commonVendor)
The vendor who made the product that generated the event.
-
setDnsDestDomain
public void setDnsDestDomain(String dnsDestDomain)
The DNS domain that has been queried.
-
setDnsDestRecord
public void setDnsDestRecord(String dnsDestRecord)
The remote DNS resource record being acted upon.
-
setDnsDestZone
public void setDnsDestZone(String dnsDestZone)
The DNS zone that is being received by the slave as part of a zone transfer.
-
setDnsRecordClass
public void setDnsRecordClass(String dnsRecordClass)
The DNS resource record class.
-
setDnsRecordType
public void setDnsRecordType(String dnsRecordType)
The DNS resource record type.
-
setDnsSrcDomain
public void setDnsSrcDomain(String dnsSrcDomain)
The local DNS domain that is being queried.
-
setDnsSrcRecord
public void setDnsSrcRecord(String dnsSrcRecord)
The local DNS resource record being acted upon.
-
setDnsSrcZone
public void setDnsSrcZone(String dnsSrcZone)
The DNS zone that is being transferred by the master as part of a zone transfer.
-
setEmailRecipient
public void setEmailRecipient(String emailRecipient)
The person to whom an email is sent.
-
setEmailSender
public void setEmailSender(String emailSender)
The person responsible for sending an email.
-
setEmailSubject
public void setEmailSubject(String emailSubject)
The email subject line.
-
setFileAccessTime
public void setFileAccessTime(long fileAccessTime)
The time the file (the object of the event) was accessed.
-
setFileCreateTime
public void setFileCreateTime(long fileCreateTime)
The time the file (the object of the event) was created.
-
setFileHash
public void setFileHash(String fileHash)
A cryptographic identifier assigned to the file object affected by the event.
-
setFileModifyTime
public void setFileModifyTime(long fileModifyTime)
The time the file (the object of the event) was altered.
-
setFileName
public void setFileName(String fileName)
The name of the file that is the object of the event (without location information related to local file or directory structure).
-
setFilePath
public void setFilePath(String filePath)
The location of the file that is the object of the event, in terms of local file and directory structure.
-
setFilePermission
public void setFilePermission(String filePermission)
Access controls associated with the file affected by the event.
-
setFileSize
public void setFileSize(long fileSize)
The size of the file that is the object of the event. Indicate whether Bytes, KB, MB, GB.
-
setIntrusionDetectionCategory
public void setIntrusionDetectionCategory(String intrusionDetectionCategory)
The category of the triggered signature.
-
setIntrusionDetectionDest
public void setIntrusionDetectionDest(String intrusionDetectionDest)
The destination of the attack detected by the intrusion detection system (IDS). If your field is named dest_host, dest_ip, dest_ipv6, or dest_nt_host you can alias it as dest to make it CIM-compliant.
-
setIntrusionDetectionDvc
public void setIntrusionDetectionDvc(String intrusionDetectionDvc)
The device that detected the intrusion event.
-
setIntrusionDetectionIdsType
public void setIntrusionDetectionIdsType(String intrusionDetectionIdsType)
The type of IDS that generated the event.
-
setIntrusionDetectionProduct
public void setIntrusionDetectionProduct(String intrusionDetectionProduct)
The product name of the vendor technology generating network protection data, such as IDP, Providentia, and ASA. Note: Required for all events dealing with network protection (Change analysis, proxy, malware, intrusion detection, packet filtering, and vulnerability).
-
setIntrusionDetectionSeverity
public void setIntrusionDetectionSeverity(String intrusionDetectionSeverity)
The severity of the network protection event (such as critical, high, medium, low, or informational). Note: This field is a string. Please use a severity_id field for severity ID fields that are integer data types.
-
setIntrusionDetectionSignature
public void setIntrusionDetectionSignature(String intrusionDetectionSignature)
The name of the intrusion detected on the client (the src), such as PlugAndPlay_BO and JavaScript_Obfuscation_Fre.
-
setIntrusionDetectionSrc
public void setIntrusionDetectionSrc(String intrusionDetectionSrc)
The source involved in the attack detected by the IDS. If your field is named src_host, src_ip, src_ipv6, or src_nt_host you can alias it as src to make it CIM-compliant.
-
setIntrusionDetectionUser
public void setIntrusionDetectionUser(String intrusionDetectionUser)
The user involved with the intrusion detection event.
-
setIntrusionDetectionVendor
public void setIntrusionDetectionVendor(String intrusionDetectionVendor)
The vendor technology used to generate network protection data, such as IDP, Providentia, and ASA. Note: Required for all events dealing with network protection (Change analysis, proxy, malware, intrusion detection, packet filtering, and vulnerability).
-
setMalwareEndpointProtectionAction
public void setMalwareEndpointProtectionAction(String malwareEndpointProtectionAction)
The outcome of the infection
-
setMalwareEndpointProtectionDestNtDomain
public void setMalwareEndpointProtectionDestNtDomain(String malwareEndpointProtectionDestNtDomain)
The NT domain of the destination (the dest_bestmatch).
-
setMalwareEndpointProtectionFileHash
public void setMalwareEndpointProtectionFileHash(String malwareEndpointProtectionFileHash)
The cryptographic hash of the file associated with the malware event (such as the malicious or infected file).
-
setMalwareEndpointProtectionFileName
public void setMalwareEndpointProtectionFileName(String malwareEndpointProtectionFileName)
The name of the file involved in the malware event (such as the infected or malicious file).
-
setMalwareEndpointProtectionFilePath
public void setMalwareEndpointProtectionFilePath(String malwareEndpointProtectionFilePath)
The path of the file involved in the malware event (such as the infected or malicious file).
-
setMalwareEndpointProtectionProduct
public void setMalwareEndpointProtectionProduct(String malwareEndpointProtectionProduct)
The product name of the vendor technology (the vendor field) that is generating malware data (such as Antivirus or EPO).
-
setMalwareEndpointProtectionProductVersion
public void setMalwareEndpointProtectionProductVersion(String malwareEndpointProtectionProductVersion)
The product version number of the vendor technology installed on the client (such as 10.4.3 or 11.0.2).
-
setMalwareEndpointProtectionSignature
public void setMalwareEndpointProtectionSignature(String malwareEndpointProtectionSignature)
The name of the malware infection detected on the client (the src), such as Trojan.Vundo,Spyware.Gaobot,W32.Nimbda). Note: This field is a string. Please use a signature_id field for signature ID fields that are integer data types.
-
setMalwareEndpointProtectionSignatureVersion
public void setMalwareEndpointProtectionSignatureVersion(String malwareEndpointProtectionSignatureVersion)
The current signature definition set running on the client, such as 11hsvx)
-
setMalwareEndpointProtectionDest
public void setMalwareEndpointProtectionDest(String malwareEndpointProtectionDest)
The target affected or infected by the malware. If your field is named dest_host, dest_ip, dest_ipv6, or dest_nt_host you can alias it as dest to make it CIM-compliant.
-
setMalwareEndpointProtectionSrcNtDomain
public void setMalwareEndpointProtectionSrcNtDomain(String malwareEndpointProtectionSrcNtDomain)
The NT domain of the source (the src).
-
setMalwareEndpointProtectionUser
public void setMalwareEndpointProtectionUser(String malwareEndpointProtectionUser)
The name of the user involved in the malware event.
-
setMalwareEndpointProtectionVendor
public void setMalwareEndpointProtectionVendor(String malwareEndpointProtectionVendor)
The name of the vendor technology generating malware data, such as Symantec or McAfee.
-
setMalwareNetworkProtectionProduct
public void setMalwareNetworkProtectionProduct(String malwareNetworkProtectionProduct)
The product name of the vendor technology generating network protection data, such as IDP, Proventia, and ASA. Note: Required for all events dealing with network protection (Change analysis, proxy, malware, intrusion detection, packet filtering, and vulnerability).
-
setMalwareNetworkProtectionSeverity
public void setMalwareNetworkProtectionSeverity(String malwareNetworkProtectionSeverity)
The severity of the network protection event (such as critical, high, medium, low, or informational). Note: This field is a string. Please use a severity_id field for severity ID fields that are integer data types.
-
setMalwareNetworkProtectionVendor
public void setMalwareNetworkProtectionVendor(String malwareNetworkProtectionVendor)
The vendor technology used to generate network protection data, such as IDP, Proventia, and ASA. Note: Required for all events dealing with network protection (Change analysis, proxy, malware, intrusion detection, packet filtering, and vulnerability).
-
setNetworkTrafficEssAction
public void setNetworkTrafficEssAction(String networkTrafficEssAction)
The action of the network traffic.
-
setNetworkTrafficEssDestPort
public void setNetworkTrafficEssDestPort(int networkTrafficEssDestPort)
The destination port of the network traffic.
-
setNetworkTrafficEssProduct
public void setNetworkTrafficEssProduct(String networkTrafficEssProduct)
The product name of the vendor technology generating NetworkProtection data, such as IDP, Proventia, and ASA. Note: Required for all events dealing with network protection (Change analysis, proxy, malware, intrusion detection, packet filtering, and vulnerability).
-
setNetworkTrafficEssSrcPort
public void setNetworkTrafficEssSrcPort(int networkTrafficEssSrcPort)
The source port of the network traffic.
-
setNetworkTrafficEssVendor
public void setNetworkTrafficEssVendor(String networkTrafficEssVendor)
The vendor technology used to generate NetworkProtection data, such as IDP, Proventia, and ASA. Note: Required for all events dealing with network protection (Change analysis, proxy, malware, intrusion detection, packet filtering, and vulnerability).
-
setNetworkTrafficGenericAppLayer
public void setNetworkTrafficGenericAppLayer(String networkTrafficGenericAppLayer)
The ISO layer 7 (application layer) protocol, such as HTTP, HTTPS, SSH, and IMAP.
-
setNetworkTrafficGenericBytesIn
public void setNetworkTrafficGenericBytesIn(long networkTrafficGenericBytesIn)
How many bytes this device/interface received.
-
setNetworkTrafficGenericBytesOut
public void setNetworkTrafficGenericBytesOut(long networkTrafficGenericBytesOut)
How many bytes this device/interface transmitted.
-
setNetworkTrafficGenericChannel
public void setNetworkTrafficGenericChannel(String networkTrafficGenericChannel)
802.11 channel number used by a wireless network.
-
setNetworkTrafficGenericCve
public void setNetworkTrafficGenericCve(String networkTrafficGenericCve)
The Common Vulnerabilities and Exposures (CVE) reference value.
-
setNetworkTrafficGenericDestApp
public void setNetworkTrafficGenericDestApp(String networkTrafficGenericDestApp)
The destination application being targeted.
-
setNetworkTrafficGenericDestCncChannel
public void setNetworkTrafficGenericDestCncChannel(String networkTrafficGenericDestCncChannel)
The destination command and control service channel.
-
setNetworkTrafficGenericDestCncName
public void setNetworkTrafficGenericDestCncName(String networkTrafficGenericDestCncName)
The destination command and control service name.
-
setNetworkTrafficGenericDestCncPort
public void setNetworkTrafficGenericDestCncPort(String networkTrafficGenericDestCncPort)
The destination command and control service port.
-
setNetworkTrafficGenericDestCountry
public void setNetworkTrafficGenericDestCountry(String networkTrafficGenericDestCountry)
The country associated with a packet's recipient.
-
setNetworkTrafficGenericDestHost
public void setNetworkTrafficGenericDestHost(String networkTrafficGenericDestHost)
The fully qualified host name of a packet's recipient. For HTTP sessions, this is the host header.
-
setNetworkTrafficGenericDestInt
public void setNetworkTrafficGenericDestInt(String networkTrafficGenericDestInt)
The interface that is listening remotely or receiving packets locally.
-
setNetworkTrafficGenericDestIp
public void setNetworkTrafficGenericDestIp(String networkTrafficGenericDestIp)
The IPv4 address of a packet's recipient.
-
setNetworkTrafficGenericDestIpv6
public void setNetworkTrafficGenericDestIpv6(String networkTrafficGenericDestIpv6)
The IPv6 address of a packet's recipient.
-
setNetworkTrafficGenericDestLat
public void setNetworkTrafficGenericDestLat(int networkTrafficGenericDestLat)
The (physical) latitude of a packet's destination.
-
setNetworkTrafficGenericDestLong
public void setNetworkTrafficGenericDestLong(int networkTrafficGenericDestLong)
The (physical) longitude of a packet's destination.
-
setNetworkTrafficGenericDestMac
public void setNetworkTrafficGenericDestMac(String networkTrafficGenericDestMac)
The destination TCP/IP layer 2 Media Access Control (MAC) address of a packet's destination.
-
setNetworkTrafficGenericDestNtDomain
public void setNetworkTrafficGenericDestNtDomain(String networkTrafficGenericDestNtDomain)
The Windows NT domain containing a packet's destination.
-
setNetworkTrafficGenericDestNtHost
public void setNetworkTrafficGenericDestNtHost(String networkTrafficGenericDestNtHost)
The Windows NT host name of a packet's destination.
-
setNetworkTrafficGenericDestPort
public void setNetworkTrafficGenericDestPort(int networkTrafficGenericDestPort)
TCP/IP port to which a packet is being sent.
-
setNetworkTrafficGenericDestTranslatedIp
public void setNetworkTrafficGenericDestTranslatedIp(String networkTrafficGenericDestTranslatedIp)
The NATed IPv4 address to which a packet has been sent.
-
setNetworkTrafficGenericDestTranslatedPort
public void setNetworkTrafficGenericDestTranslatedPort(int networkTrafficGenericDestTranslatedPort)
The NATed port to which a packet has been sent.
-
setNetworkTrafficGenericIpVersion
public void setNetworkTrafficGenericIpVersion(int networkTrafficGenericIpVersion)
The numbered Internet Protocol version.
-
setNetworkTrafficGenericOutboundInterface
public void setNetworkTrafficGenericOutboundInterface(String networkTrafficGenericOutboundInterface)
The network interface through which a packet was transmitted.
-
setNetworkTrafficGenericPacketsIn
public void setNetworkTrafficGenericPacketsIn(long networkTrafficGenericPacketsIn)
How many packets this device/interface received.
-
setNetworkTrafficGenericPacketsOut
public void setNetworkTrafficGenericPacketsOut(long networkTrafficGenericPacketsOut)
How many packets this device/interface transmitted.
-
setNetworkTrafficGenericProto
public void setNetworkTrafficGenericProto(String networkTrafficGenericProto)
The OSI layer 3 (Network Layer) protocol, such as IPv4/IPv6, ICMP, IPsec, IGMP or RIP.
-
setNetworkTrafficGenericSessionId
public void setNetworkTrafficGenericSessionId(String networkTrafficGenericSessionId)
The session identifier. Multiple transactions build a session.
-
setNetworkTrafficGenericSsid
public void setNetworkTrafficGenericSsid(String networkTrafficGenericSsid)
The 802.11 service set identifier (ssid) assigned to a wireless session.
-
setNetworkTrafficGenericSrcCountry
public void setNetworkTrafficGenericSrcCountry(String networkTrafficGenericSrcCountry)
The country from which the packet was sent.
-
setNetworkTrafficGenericSrcHost
public void setNetworkTrafficGenericSrcHost(String networkTrafficGenericSrcHost)
The fully qualified host name of the system that transmitted the packet. For Web logs, this is the HTTP client.
-
setNetworkTrafficGenericSrcInt
public void setNetworkTrafficGenericSrcInt(String networkTrafficGenericSrcInt)
The interface that is listening locally or sending packets remotely.
-
setNetworkTrafficGenericSrcIp
public void setNetworkTrafficGenericSrcIp(String networkTrafficGenericSrcIp)
The IPv4 address of the packet's source. For Web logs, this is the http client.
-
setNetworkTrafficGenericSrcIpv6
public void setNetworkTrafficGenericSrcIpv6(String networkTrafficGenericSrcIpv6)
The IPv6 address of the packet's source.
-
setNetworkTrafficGenericSrcLat
public void setNetworkTrafficGenericSrcLat(int networkTrafficGenericSrcLat)
The (physical) latitude of the packet's source.
-
setNetworkTrafficGenericSrcLong
public void setNetworkTrafficGenericSrcLong(int networkTrafficGenericSrcLong)
The (physical) longitude of the packet's source.
-
setNetworkTrafficGenericSrcMac
public void setNetworkTrafficGenericSrcMac(String networkTrafficGenericSrcMac)
The Media Access Control (MAC) address from which a packet was transmitted.
-
setNetworkTrafficGenericSrcNtDomain
public void setNetworkTrafficGenericSrcNtDomain(String networkTrafficGenericSrcNtDomain)
The Windows NT domain containing the machines that generated the event.
-
setNetworkTrafficGenericSrcNtHost
public void setNetworkTrafficGenericSrcNtHost(String networkTrafficGenericSrcNtHost)
The Windows NT hostname of the system that generated the event.
-
setNetworkTrafficGenericSrcPort
public void setNetworkTrafficGenericSrcPort(int networkTrafficGenericSrcPort)
The network port from which a packet originated.
-
setNetworkTrafficGenericSrcTranslatedIp
public void setNetworkTrafficGenericSrcTranslatedIp(String networkTrafficGenericSrcTranslatedIp)
The NATed IPv4 address from which a packet has been sent.
-
setNetworkTrafficGenericSrcTranslatedPort
public void setNetworkTrafficGenericSrcTranslatedPort(int networkTrafficGenericSrcTranslatedPort)
The NATed network port from which a packet has been sent.
-
setNetworkTrafficGenericSyslogId
public void setNetworkTrafficGenericSyslogId(String networkTrafficGenericSyslogId)
The application, process, or OS subsystem that generated the event.
-
setNetworkTrafficGenericSyslogPriority
public void setNetworkTrafficGenericSyslogPriority(String networkTrafficGenericSyslogPriority)
The criticality of an event, as recorded by UNIX syslog.
-
setNetworkTrafficGenericTcpFlag
public void setNetworkTrafficGenericTcpFlag(String networkTrafficGenericTcpFlag)
The TCP flag(s) specified in the event.
-
setNetworkTrafficGenericTos
public void setNetworkTrafficGenericTos(String networkTrafficGenericTos)
The hex bit that specifies TCP 'type of service'- See Also:
- Type of Service
-
setNetworkTrafficGenericTransport
public void setNetworkTrafficGenericTransport(String networkTrafficGenericTransport)
The transport protocol.
-
setNetworkTrafficGenericTtl
public void setNetworkTrafficGenericTtl(int networkTrafficGenericTtl)
The "time to live" of a packet or datagram.
-
setNetworkTrafficGenericVlanId
public void setNetworkTrafficGenericVlanId(long networkTrafficGenericVlanId)
The numeric identifier assigned to the virtual local area network (VLAN) specified in the record.
-
setNetworkTrafficGenericVlanName
public void setNetworkTrafficGenericVlanName(String networkTrafficGenericVlanName)
The name assigned to the virtual local area network (VLAN) specified in the record.
-
setPacketFilteringAction
public void setPacketFilteringAction(String packetFilteringAction)
The action the filtering device (the dvc_bestmatch field) performed on the communication.
-
setPacketFilteringDestPort
public void setPacketFilteringDestPort(int packetFilteringDestPort)
The IP port of the packet's destination, such as 22.
-
setPacketFilteringDirection
public void setPacketFilteringDirection(String packetFilteringDirection)
The direction the packet is traveling.
-
setPacketFilteringDvc
public void setPacketFilteringDvc(String packetFilteringDvc)
The name of the packet filtering device. If your field is named dvc_host, dvc_ip, or dvc_nt_host you can alias it as dvc to make it CIM-compliant.
-
setPacketFilteringRule
public void setPacketFilteringRule(String packetFilteringRule)
The rule which took action on the packet, such as 143.
-
setPacketFilteringSvcPort
public void setPacketFilteringSvcPort(int packetFilteringSvcPort)
The IP port of the packet's source, such as 34541.
-
setProxyAction
public void setProxyAction(String proxyAction)
The action taken by the proxy.
-
setProxyDest
public void setProxyDest(String proxyDest)
The destination of the network traffic (the remote host).
-
setProxyHttpContentType
public void setProxyHttpContentType(String proxyHttpContentType)
The content-type of the requested HTTP resource.
-
setProxyHttpMethod
public void setProxyHttpMethod(String proxyHttpMethod)
The HTTP method used to request the resource.
-
setProxyHttpRefer
public void setProxyHttpRefer(String proxyHttpRefer)
The HTTP referrer used to request the HTTP resource.
-
setProxyHttpResponse
public void setProxyHttpResponse(int proxyHttpResponse)
The HTTP response code.
-
setProxyHttpUserAgent
public void setProxyHttpUserAgent(String proxyHttpUserAgent)
The user agent used to request the HTTP resource.
-
setProxyProduct
public void setProxyProduct(String proxyProduct)
The product name of the vendor technology generating Network Protection data, such as IDP, Providentia, and ASA.
-
setProxySrc
public void setProxySrc(String proxySrc)
The source of the network traffic (the client requesting the connection).
-
setProxyStatus
public void setProxyStatus(int proxyStatus)
The HTTP response code indicating the status of the proxy request.
-
setProxyUser
public void setProxyUser(String proxyUser)
The user that requested the HTTP resource.
-
setProxyUrl
public void setProxyUrl(String proxyUrl)
The URL of the requested HTTP resource.
-
setProxyVendor
public void setProxyVendor(String proxyVendor)
The vendor technology generating Network Protection data, such as IDP, Providentia, and ASA.
-
setSystemCenterApp
public void setSystemCenterApp(String systemCenterApp)
The running application or service on the system (the src field), such as explorer.exe or sshd.
-
setSystemCenterFreembytes
public void setSystemCenterFreembytes(long systemCenterFreembytes)
The amount of disk space available per drive or mount (the mount field) on the system (the src field).
-
setSystemCenterKernelRelease
public void setSystemCenterKernelRelease(String systemCenterKernelRelease)
The version of operating system installed on the host (the src field), such as 6.0.1.4 or 2.6.27.30-170.2.82.fc10.x86_64.
-
setSystemCenterLabel
public void setSystemCenterLabel(String systemCenterLabel)
Human-readable version of the SystemUptime value.
-
setSystemCenterMount
public void setSystemCenterMount(String systemCenterMount)
The drive or mount reporting available disk space (the FreeMBytes field) on the system (the src field).
-
setSystemCenterOs
public void setSystemCenterOs(String systemCenterOs)
The name of the operating system installed on the host (the src), such as Microsoft Windows Server 2003 or GNU/Linux).
-
setSystemCenterPercentprocessortime
public void setSystemCenterPercentprocessortime(int systemCenterPercentprocessortime)
The percentage of processor utilization.
-
setSystemCenterSetlocaldefs
public void setSystemCenterSetlocaldefs(int systemCenterSetlocaldefs)
The setlocaldefs setting from the SE Linux configuration.
-
setSystemCenterSelinux
public void setSystemCenterSelinux(String systemCenterSelinux)
Values from the SE Linux configuration file.
-
setSystemCenterSelinuxtype
public void setSystemCenterSelinuxtype(String systemCenterSelinuxtype)
The SE Linux type (such as targeted).
-
setSystemCenterShell
public void setSystemCenterShell(String systemCenterShell)
The shell provided to the User Account (the user field) upon logging into the system (the src field).
-
setSystemCenterSrcPort
public void setSystemCenterSrcPort(int systemCenterSrcPort)
The TCP/UDP source port on the system (the src field).
-
setSystemCenterSshdProtocol
public void setSystemCenterSshdProtocol(String systemCenterSshdProtocol)
The sshd protocol version.
-
setSystemCenterStartmode
public void setSystemCenterStartmode(String systemCenterStartmode)
The start mode of the given service.
-
setSystemCenterSystemuptime
public void setSystemCenterSystemuptime(long systemCenterSystemuptime)
The number of seconds since the system (the src) has been "up."
-
setSystemCenterTotalmbytes
public void setSystemCenterTotalmbytes(long systemCenterTotalmbytes)
The total amount of available memory on the system (the src).
-
setSystemCenterUsedmbytes
public void setSystemCenterUsedmbytes(long systemCenterUsedmbytes)
The amount of used memory on the system (the src).
-
setSystemCenterUser
public void setSystemCenterUser(String systemCenterUser)
The User Account present on the system (the src).
-
setSystemCenterUpdates
public void setSystemCenterUpdates(long systemCenterUpdates)
The number of updates the system (the src) is missing.
-
setTrafficDest
public void setTrafficDest(String trafficDest)
The destination of the network traffic. If your field is named dest_host, dest_ip, dest_ipv6, or dest_nt_host you can alias it as dest to make it CIM-compliant.
-
setTrafficDvc
public void setTrafficDvc(String trafficDvc)
The name of the packet filtering device. If your field is named dvc_host, dvc_ip, or dvc_nt_host you can alias it as dvc to make it CIM-compliant.
-
setTrafficSrc
public void setTrafficSrc(String trafficSrc)
The source of the network traffic. If your field is named src_host, src_ip, src_ipv6, or src_nt_host you can alias it as src to make it CIM-compliant.
-
setUpdatePackage
public void setUpdatePackage(String updatePackage)
The name of the installed update.
-
setUserInfoUpdatesAffectedUser
public void setUserInfoUpdatesAffectedUser(String userInfoUpdatesAffectedUser)
A user that has been affected by a change. For example, user fflanda changed the name of user rhallen, so affected_user=rhallen.
-
setUserInfoUpdatesAffectedUserGroup
public void setUserInfoUpdatesAffectedUserGroup(String userInfoUpdatesAffectedUserGroup)
The user group affected by a change.
-
setUserInfoUpdatesAffectedUserGroupId
public void setUserInfoUpdatesAffectedUserGroupId(int userInfoUpdatesAffectedUserGroupId)
The identifier of the user group affected by a change.
-
setUserInfoUpdatesAffectedUserId
public void setUserInfoUpdatesAffectedUserId(int userInfoUpdatesAffectedUserId)
The identifier of the user affected by a change.
-
setUserInfoUpdatesAffectedUserPrivilege
public void setUserInfoUpdatesAffectedUserPrivilege(String userInfoUpdatesAffectedUserPrivilege)
The security context associated with the user affected by a change.
-
setUserInfoUpdatesUser
public void setUserInfoUpdatesUser(String userInfoUpdatesUser)
The name of the user affected by the recorded event.
-
setUserInfoUpdatesUserGroup
public void setUserInfoUpdatesUserGroup(String userInfoUpdatesUserGroup)
A user group that is the object of an event, expressed in human-readable terms.
-
setUserInfoUpdatesUserGroupId
public void setUserInfoUpdatesUserGroupId(int userInfoUpdatesUserGroupId)
The numeric identifier assigned to the user group event object.
-
setUserInfoUpdatesUserId
public void setUserInfoUpdatesUserId(int userInfoUpdatesUserId)
The system-assigned identifier for the user affected by an event.
-
setUserInfoUpdatesUserPrivilege
public void setUserInfoUpdatesUserPrivilege(String userInfoUpdatesUserPrivilege)
The security context associated with the object of an event (the affected user).
-
setUserInfoUpdatesUserSubject
public void setUserInfoUpdatesUserSubject(String userInfoUpdatesUserSubject)
The name of the user that is the subject of an event--the user executing the action, in other words.
-
setUserInfoUpdatesUserSubjectId
public void setUserInfoUpdatesUserSubjectId(int userInfoUpdatesUserSubjectId)
The ID number of the user that is the subject of an event.
-
setUserInfoUpdatesUserSubjectPrivilege
public void setUserInfoUpdatesUserSubjectPrivilege(String userInfoUpdatesUserSubjectPrivilege)
The security context associated with the subject of an event (the user causing a change).
-
setVulnerabilityCategory
public void setVulnerabilityCategory(String vulnerabilityCategory)
The category of the discovered vulnerability.
-
setVulnerabilityDest
public void setVulnerabilityDest(String vulnerabilityDest)
The host with the discovered vulnerability. If your field is named dest_host, dest_ip, dest_ipv6, or dest_nt_host you can alias it as dest to make it CIM-compliant.
-
setVulnerabilityOs
public void setVulnerabilityOs(String vulnerabilityOs)
The operating system of the host containing the vulnerability detected on the client (the src field), such as SuSE Security Update, or cups security update.
-
setVulnerabilitySeverity
public void setVulnerabilitySeverity(String vulnerabilitySeverity)
The severity of the discovered vulnerability.
-
setVulnerabilitySignature
public void setVulnerabilitySignature(String vulnerabilitySignature)
The name of the vulnerability detected on the client (the src field), such as SuSE Security Update, or cups security update.
-
setWindowsAdminObjectName
public void setWindowsAdminObjectName(String windowsAdminObjectName)
The object name (associated only with Windows).
-
setWindowsAdminObjectType
public void setWindowsAdminObjectType(String windowsAdminObjectType)
The object type (associated only with Windows).
-
setWindowsAdminObjectHandle
public void setWindowsAdminObjectHandle(String windowsAdminObjectHandle)
The object handle (associated only with Windows).
-
-