Struct usiem::events::SiemLog[][src]

pub struct SiemLog { /* fields omitted */ }

This is a simple log event. It contains information about the asset that generated this log, the client if we are working in a multi-client environments aka SOC, some fields to facilitate correlation with SIGMA rules, timestamps and tags to better describe the content inside.


impl<'a> SiemLog[src]

pub fn new(message: String, received: i64, origin: SiemIp) -> SiemLog[src]

pub fn message(&'a self) -> &'a str[src]

pub fn origin(&'a self) -> &'a SiemIp[src]

pub fn tenant(&'a self) -> &'a str[src]

pub fn set_tenant(&mut self, tenant: Cow<'static, str>)[src]

pub fn product(&'a self) -> &'a str[src]

pub fn set_product(&mut self, val: Cow<'static, str>)[src]

pub fn service(&'a self) -> &'a str[src]

pub fn set_service(&mut self, val: Cow<'static, str>)[src]

pub fn category(&'a self) -> &'a str[src]

pub fn set_category(&mut self, val: Cow<'static, str>)[src]

pub fn vendor(&'a self) -> &'a str[src]

pub fn set_vendor(&mut self, val: Cow<'static, str>)[src]

pub fn event_received(&'a self) -> i64[src]

pub fn event_created(&'a self) -> i64[src]

pub fn set_event_created(&mut self, date: i64)[src]

pub fn has_tag(&self, tag: &str) -> bool[src]

pub fn add_tag(&mut self, tag: &str)[src]

pub fn tags(&'a self) -> &'a BTreeSet<Cow<'static, str>>[src]

pub fn field(&'a self, field_name: &str) -> Option<&SiemField>[src]

pub fn add_field(&mut self, field_name: &str, field_value: SiemField)[src]

pub fn has_field(&self, field_name: &str) -> bool[src]

pub fn event(&self) -> &SiemEvent[src]

pub fn set_event(&mut self, event: SiemEvent)[src]

Trait Implementations

impl Debug for SiemLog[src]

impl Serialize for SiemLog[src]

Auto Trait Implementations

impl RefUnwindSafe for SiemLog

impl Send for SiemLog

impl Sync for SiemLog

impl Unpin for SiemLog

impl UnwindSafe for SiemLog

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized

impl<T> Borrow<T> for T where
    T: ?Sized

impl<T> BorrowMut<T> for T where
    T: ?Sized

impl<T> From<T> for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, 

impl<T, U> TryFrom<U> for T where
    U: Into<T>, 

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, 

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.