Struct usiem::events::SiemLog

pub struct SiemLog { /* fields omitted */ }

This is a simple log event. It contains information about the asset that generated this log, the client if we are working in a multi-client environments aka SOC, some fields to facilitate correlation with SIGMA rules, timestamps and tags to better describe the content inside.

Implementations

impl<'a> SiemLog

pub fn new(message: String, received: i64, origin: SiemIp) -> SiemLog

pub fn message(&'a self) -> &'a str

pub fn origin(&'a self) -> &'a SiemIp

pub fn tenant(&'a self) -> &'a str

pub fn set_tenant(&mut self, tenant: Cow<'static, str>)

pub fn product(&'a self) -> &'a str

pub fn set_product(&mut self, val: Cow<'static, str>)

pub fn service(&'a self) -> &'a str

pub fn set_service(&mut self, val: Cow<'static, str>)

pub fn category(&'a self) -> &'a str

pub fn set_category(&mut self, val: Cow<'static, str>)

pub fn vendor(&'a self) -> &'a str

pub fn set_vendor(&mut self, val: Cow<'static, str>)

pub fn event_received(&'a self) -> i64

pub fn event_created(&'a self) -> i64

pub fn set_event_created(&mut self, date: i64)

pub fn has_tag(&self, tag: &str) -> bool

pub fn add_tag(&mut self, tag: &str)

pub fn tags(&'a self) -> &'a BTreeSet<Cow<'static, str>>

pub fn field(&'a self, field_name: &str) -> Option<&SiemField>

pub fn add_field(&mut self, field_name: &str, field_value: SiemField)

pub fn has_field(&self, field_name: &str) -> bool

pub fn event(&self) -> &SiemEvent

pub fn set_event(&mut self, event: SiemEvent)

Trait Implementations

impl Clone for SiemLog

fn clone(&self) -> SiemLog

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for SiemLog

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Serialize for SiemLog

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error> where
    __S: Serializer, 

Serialize this value into the given Serde serializer.