From d029fa6506838ebfd6097b3626c2c0322103a748 Mon Sep 17 00:00:00 2001 From: Dimitri B Date: Mon, 15 Aug 2022 16:43:23 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=A4=96=20Merge=20PR=20#61729=20[syslog-pr?= =?UTF-8?q?o]=20Add=20definitions=20by=20@BendingBender?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- types/syslog-pro/index.d.ts | 1316 ++++++++++++++++++++++++++ types/syslog-pro/syslog-pro-tests.ts | 611 ++++++++++++ types/syslog-pro/tsconfig.json | 23 + types/syslog-pro/tslint.json | 1 + 4 files changed, 1951 insertions(+) create mode 100644 types/syslog-pro/index.d.ts create mode 100644 types/syslog-pro/syslog-pro-tests.ts create mode 100644 types/syslog-pro/tsconfig.json create mode 100644 types/syslog-pro/tslint.json diff --git a/types/syslog-pro/index.d.ts b/types/syslog-pro/index.d.ts new file mode 100644 index 0000000000..6302672f6f --- /dev/null +++ b/types/syslog-pro/index.d.ts @@ -0,0 +1,1316 @@ +// Type definitions for syslog-pro 1.0 +// Project: https://github.com/cyamato/SyslogPro +// Definitions by: BendingBender +// Definitions: https://github.com/DefinitelyTyped/DefinitelyTyped + +/** + * Format the ANSI foreground color code from a RGB hex code or ANSI color code. + * + * @param hex The color hex code in the form of `'#FFFFFF'` or `number` of the ANSI color code + * (30-37 Standard & 0-255 Extended). + * @param extendedColor Whether to use ANSI extended color color codes. + * @return The formatted ANSI color code. + * @throws A Format Error. + */ +export function RgbToAnsi(hex: string | number, extendedColor?: boolean): number; + +/** + * A class to work with syslog messages using UDP, TCP, or TLS transport. + * There is support for Syslog message formatting RFC-3164, RFC-5424 including + * Structured Data, IBM LEEF (Log Event Extended Format), and HP CEF (Common + * Event Format). + * Syslog formatting classes can be used as input into a Syslog class to be used + * simultaneously to the same Syslog server. + */ +export class Syslog implements Syslog.Options { + /** + * Construct a new Syslog transport object with user options. + */ + constructor(options?: Syslog.Options); + + readonly target: string; + readonly protocol: Syslog.Protocol; + readonly port: number; + readonly tcpTimeout: number; + readonly tlsServerCerts: readonly string[]; + readonly tlsClientCert?: string; + readonly tlsClientKey?: string; + readonly format: Syslog.Format; + readonly rfc3164?: RFC3164; + readonly rfc5424?: RFC5424; + readonly leef?: LEEF; + readonly cef?: CEF; +} + +export namespace Syslog { + interface Options { + /** + * The IP Address|FQDN of the Syslog Server, this option if set will take precedence over any target + * set in a formatting object. + * + * @default 'localhost' + */ + target?: string | undefined; + + /** + * L4 transport protocol, this option if set will take precedence over any + * transport set in a formatting object. + * + * @default 'udp' + */ + protocol?: Protocol | undefined; + + /** + * IP port, this option if set will take precedence over any IP Port set in a formatting object. + * + * @default 514 + */ + port?: number | undefined; + + /** + * Ignored for all other transports, this option if set will take precedence over any timeout + * set in a formatting object. + * + * @default 10000 + */ + tcpTimeout?: number | undefined; + + /** + * Authorized TLS server certificates file locations, this option if set will take precedence + * over any certificates set in a formatting object. + */ + tlsServerCerts?: string | readonly string[] | undefined; + + /** + * Client TLS certificate file location that this client should use, this option if set will take + * precedence over any certificates set in a formatting object. + */ + tlsClientCert?: string | undefined; + + /** + * Client TLS key file location that this client should use, this option if set will take + * precedence over any certificates set in a formatting object. + */ + tlsClientKey?: string | undefined; + + /** + * Syslog format. + * + * @default 'none' + */ + format?: Format | undefined; + + /** + * RFC3164 related settings. + */ + rfc3164?: RFC3164.Options | undefined; + + /** + * RFC5424 related settings. + */ + rfc5424?: RFC5424.Options | undefined; + + /** + * IBM LEEF (Log Event Extended Format) settings. + */ + leef?: LEEF.Options | undefined; + + /** + * HP CEF (Common Event Format) settings. + */ + cef?: CEF.Options | undefined; + } + + type Protocol = 'udp' | 'tcp' | 'tls'; + type Format = 'none' | 'rfc3164' | 'rfc5424' | 'leef' | 'cef'; +} + +export interface RFC { + readonly extendedColor: boolean; + + /** + * Send a Syslog message with a severity level of 0 (Emergency). + * + * @param msg The emergency message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + emergency(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 0 (Emergency). + * + * @param msg The emergency message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + emer(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 1 (Alert). + * + * @param msg The alert message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + alert(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 2 (Critical). + * + * @param msg The critical message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + critical(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 2 (Critical). + * + * @param msg The critical message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + crit(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 3 (Error). + * + * @param msg The error message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + error(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 3 (Error). + * + * @param msg The error message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + err(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 4 (Warning). + * + * @param msg The warning message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + warning(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 4 (Warning). + * + * @param msg The warning message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + warn(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 5 (Notice). + * + * @param msg The notice message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + notice(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 5 (Notice). + * + * @param msg The notice message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + note(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 6 (Informational). + * + * @param msg The informational message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + informational(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 6 (Informational). + * + * @param msg The informational message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + info(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 6 (Informational). + * + * @param msg The informational message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + log(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 7 (Debug). + * + * @param msg The debug message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + debug(msg: string): Promise; + + /** + * Sets the color to be used for messages at a set priority. + * + * @throws A standard error object. + */ + setColor(colors: Colors, extendedColor?: boolean): true; +} + +export interface Colors { + /** + * A RGB Hex coded color in the form of #FFFFFF or as the ANSI color code number + * (30-37 Standard & 0-255 Extended). + */ + emergencyColor?: string | number; + /** + * A RGB Hex coded color in the form of #FFFFFF or as the ANSI color code number + * (30-37 Standard & 0-255 Extended). + */ + alertColor?: string | number; + /** + * A RGB Hex coded color in the form of #FFFFFF or as the ANSI color code number + * (30-37 Standard & 0-255 Extended). + */ + criticalColor?: string | number; + /** + * A RGB Hex coded color in the form of #FFFFFF or as the ANSI color code number + * (30-37 Standard & 0-255 Extended). + */ + errorColor?: string | number; + /** + * A RGB Hex coded color in the form of #FFFFFF or as the ANSI color code number + * (30-37 Standard & 0-255 Extended). + */ + warningColor?: string | number; + /** + * A RGB Hex coded color in the form of #FFFFFF or as the ANSI color code number + * (30-37 Standard & 0-255 Extended). + */ + noticeColor?: string | number; + /** + * A RGB Hex coded color in the form of #FFFFFF or as the ANSI color code number + * (30-37 Standard & 0-255 Extended). + */ + informationalColor?: string | number; + /** + * A RGB Hex coded color in the form of #FFFFFF or as the ANSI color code number + * (30-37 Standard & 0-255 Extended). + */ + debugColor?: string | number; +} + +/** + * A class to work with RFC3164 formatted syslog messages. The messaging is + * fully configurable and ANSI foreground colors can be added. Both ANSI 8 and + * ANSI 256 color are fully supported. + * + * A Syslog class with a configured + * Syslog server target can also be used as the input into the formatting + * classes so that it may run independently. + * + * The RFC3164 Syslog logging format is meant to be used as a stream of log data + * from a service or application. This class is designed to be used in this + * fashion where new messages are written to the class as needed. + */ +export class RFC3164 implements RFC, RFC3164.Options { + /** + * Construct a new RFC3164 formatted Syslog object with user options. + */ + constructor(options?: RFC3164.Options); + + readonly applicationName: string; + readonly hostname: string; + readonly facility: number; + readonly color: boolean; + readonly extendedColor: boolean; + readonly server?: Syslog; + + /** + * Build a formatted message. + * + * @param msg The unformatted Syslog message to format. + * @return A Syslog formatted string according to the selected RFC. + * @throws A standard error object. + */ + buildMessage(msg: string, options?: RFC3164.MessageOptions): string; + + /** + * Send a RFC3164 formatted message. + * + * @param msg The unformatted Syslog message to send. + * @returns Returns the formatted message that was sent. If no server connection was defined when the + * class was created a default Syslog connector will be used. + * @throws A standard error object. + */ + send(msg: string, options?: RFC3164.MessageOptions): Promise; + + /** + * Send a Syslog message with a severity level of 0 (Emergency). + * + * @param msg The emergency message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + emergency(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 0 (Emergency). + * + * @param msg The emergency message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + emer(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 1 (Alert). + * + * @param msg The alert message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + alert(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 2 (Critical). + * + * @param msg The critical message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + critical(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 2 (Critical). + * + * @param msg The critical message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + crit(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 3 (Error). + * + * @param msg The error message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + error(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 3 (Error). + * + * @param msg The error message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + err(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 4 (Warning). + * + * @param msg The warning message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + warning(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 4 (Warning). + * + * @param msg The warning message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + warn(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 5 (Notice). + * + * @param msg The notice message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + notice(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 5 (Notice). + * + * @param msg The notice message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + note(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 6 (Informational). + * + * @param msg The informational message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + informational(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 6 (Informational). + * + * @param msg The informational message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + info(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 6 (Informational). + * + * @param msg The informational message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + log(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 7 (Debug). + * + * @param msg The debug message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + debug(msg: string): Promise; + + /** + * Sets the color to be used for messages at a set priority. + * + * @throws {Error} A standard error object. + */ + setColor(colors: Colors, extendedColor?: boolean): true; +} + +export namespace RFC3164 { + interface Options { + /** + * Application name. + * + * @default '' + */ + applicationName?: string | undefined; + + /** + * The name of this server. + * + * @default os.hostname + */ + hostname?: string | undefined; + + /** + * Facility code to use sending this message. + * + * @default 23 + */ + facility?: number | undefined; + + /** + * Apply color coding encoding tag with syslog message text. + * + * @default false + */ + color?: boolean | undefined; + + /** + * Use the extended ANSI color set encoding tag with syslog message text. + * + * @default false + */ + extendedColor?: boolean | undefined; + + /** + * User defined colors for severities. + */ + colors?: Colors | undefined; + + /** + * A Syslog server connection that should be used to send messages directly from this class. + * + * @default false + */ + server?: Syslog.Options | false | undefined; + } + + interface MessageOptions { + /** + * The message severity (0-7). + * + * @default 6 + */ + severity?: Severity | undefined; + + /** + * The ANSI color code to use if message coloration is selected. + * + * @default 36 + */ + msgColor?: number | undefined; + } + + type Severity = 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7; +} + +/** + * A class to work with RFC5424 formatted syslog messages. The messaging is + * fully configurable and ANSI foreground colors can be added. Both ANSI 8 + * and ANSI 256 color are fully supported. + * + * A Syslog class with a configured + * Syslog server target can also be used as the input into the formatting + * classes so that it may run independently. + * + * The RFC5424 Syslog logging format is meant to be used as a stream of log data + * from a service or application. This class is designed to be used in this + * fashion where new messages are written to the class as needed. + */ +export class RFC5424 implements RFC, RFC5424.Options { + /** + * Construct a new RFC5424 formatted Syslog object with user options. + */ + constructor(options?: RFC5424.Options); + + readonly applicationName: string; + readonly hostname: string; + readonly timestamp: boolean; + readonly timestampUTC: boolean; + readonly timestampTZ: boolean; + readonly timestampMS: boolean; + readonly includeStructuredData: boolean; + readonly utf8BOM: boolean; + readonly color: boolean; + readonly extendedColor: boolean; + readonly server?: Syslog; + + /** + * Build a formatted message. + * + * @param msg The unformatted Syslog message to format. + * @return A Syslog formatted string according to the selected RFC. + * @throws A standard error object. + */ + buildMessage(msg: string, options?: RFC5424.MessageOptions): string; + + /** + * Send a RFC5424 formatted message. + * + * @param msg The unformatted Syslog message to send. + * @returns Returns the formatted message that was sent. If no server connection was defined when the + * class was created a default Syslog connector will be used. + * @throws A standard error object. + */ + send(msg: string, options?: RFC5424.MessageOptions): Promise; + + /** + * Send a Syslog message with a severity level of 0 (Emergency). + * + * @param msg The emergency message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + emergency(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 0 (Emergency). + * + * @param msg The emergency message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + emer(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 1 (Alert). + * + * @param msg The alert message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + alert(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 2 (Critical). + * + * @param msg The critical message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + critical(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 2 (Critical). + * + * @param msg The critical message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + crit(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 3 (Error). + * + * @param msg The error message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + error(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 3 (Error). + * + * @param msg The error message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + err(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 4 (Warning). + * + * @param msg The warning message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + warning(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 4 (Warning). + * + * @param msg The warning message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + warn(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 5 (Notice). + * + * @param msg The notice message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + notice(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 5 (Notice). + * + * @param msg The notice message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + note(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 6 (Informational). + * + * @param msg The informational message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + informational(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 6 (Informational). + * + * @param msg The informational message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + info(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 6 (Informational). + * + * @param msg The informational message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + log(msg: string): Promise; + + /** + * Send a Syslog message with a severity level of 7 (Debug). + * + * @param msg The debug message to send to the Syslog server. + * @returns The formatted syslog message sent to the Syslog server. + * @throws Any bubbled-up error. + */ + debug(msg: string): Promise; + + /** + * Sets the color to be used for messages at a set priority. + * + * @throws {Error} A standard error object. + */ + setColor(colors: Colors, extendedColor?: boolean): true; +} + +export namespace RFC5424 { + interface Options { + /** + * Application name. + * + * @default '' + */ + applicationName?: string | undefined; + + /** + * The name of this server. + * + * @default os.hostname + */ + hostname?: string | undefined; + + /** + * Include a timestamp. + * + * @default true + */ + timestamp?: boolean | undefined; + + /** + * Whether timestamp should be relative to UTC timezone instead of local timezone. + * + * @default false + */ + timestampUTC?: boolean | undefined; + + /** + * Timestamp with ms resolution. + * + * @default false + */ + timestampMS?: boolean | undefined; + + /** + * Should the timestamp include time zone. + * + * @default true + */ + timestampTZ?: boolean | undefined; + + /** + * Include any provided structured data. + * + * @default false + */ + includeStructuredData?: boolean | undefined; + + /** + * Include the UTF8 encoding tag with syslog message text. + * + * @default true + */ + utf8BOM?: boolean | undefined; + + /** + * Apply color coding encoding tag with syslog message text. + * + * @default false + */ + color?: boolean | undefined; + + /** + * Use the extended ANSI color set encoding tag with syslog message text. + * + * @default false + */ + extendedColor?: boolean | undefined; + + /** + * User defined colors for severities. + */ + colors?: Colors | undefined; + + /** + * A Syslog server connection that should be used to send messages directly from this class. + * + * @default false + */ + server?: Syslog.Options | false | undefined; + } + + interface MessageOptions { + /** + * The message severity (0-7). + * + * @default 6 + */ + severity?: Severity | undefined; + + /** + * Facility code to use sending this message. + * + * @default 23 + */ + facility?: number | undefined; + + /** + * The process id of the service sending this message. + * + * @default '-' + */ + pid?: number | '-' | undefined; + + /** + * @default '-' + */ + id?: number | '-' | undefined; + + /** + * An array of structured data strings conforming to the IETF/IANA defined SD-IDs or IANA + * registered SMI Network Management Private Enterprise Code SD-ID conforming to the format + * `[name@ parameter=value]`. + */ + msgStructuredData?: readonly string[] | undefined; + + /** + * The ANSI color code to use if message coloration is selected. + * + * @default 36 + */ + msgColor?: number | undefined; + } + + type Severity = 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7; +} + +/** + * A class to work with IBM LEEF (Log Event Extended Format) messages. This form + * of system messages is designed to work with security systems. Messages can + * be saved to file (Saving to file is not part of this module but a LEEF + * formatted message produced by this module can be saved externally to it) or + * sent via Syslog. + * + * A Syslog class with a configured Syslog server target can also be used as + * the input into the formatting classes so that it may run independently. The + * LEEF format is designed to send event data to a SIEM system and should not + * be used as a logging stream. This class is meant to be used once per message. + */ +export class LEEF implements LEEF.Options { + /** + * Construct a new LEEF formatting object with user options. + */ + constructor(options?: LEEF.Options); + + readonly vendor: string; + readonly product: string; + readonly version: string; + readonly eventId: string; + readonly syslogHeader: boolean; + readonly attributes: LEEF.Attributes; + readonly server?: Syslog; + + /** + * Build a formatted message. + * + * @return The formatted message. + */ + buildMessage(): string; + + /** + * Send a LEEF formatted message. + * + * @param syslogOptions Syslog server options that should be used to send messages directly from this class. + */ + send(syslogOptions?: Syslog.Options | false): Promise; +} + +export namespace LEEF { + interface Options { + /** + * The vendor of the system that generated the event being reported. + * + * @default 'unknown' + */ + vendor?: string | undefined; + + /** + * The product name of the system that generated the event being reported. + * + * @default 'unknown' + */ + product?: string | undefined; + + /** + * The version name of the system that generated the event being reported. + * + * @default 'unknown' + */ + version?: string | undefined; + + /** + * The eventId of the system that generated the event being reported. + * + * @default 'unknown' + */ + eventId?: string | undefined; + + /** + * LEEF message attributes which defaults to all base attributes with null values, + * new attributes should be added as new elements to this object. + */ + attributes?: Attributes | undefined; + + /** + * Should the LEEF message include a Syslog header with Timestamp and source. + * + * @default true + */ + syslogHeader?: boolean | undefined; + + /** + * A Syslog server connection that should be used to send messages directly from this class. + * + * @default false + */ + server?: Syslog.Options | false | undefined; + } + + interface Attributes { + cat?: string | null; + devTime?: string | null; + devTimeFormat?: string | null; + proto?: string | null; + sev?: string | null; + src?: string | null; + dst?: string | null; + srcPort?: string | null; + dstPort?: string | null; + srcPreNAT?: string | null; + dstPreNAT?: string | null; + srcPostNAT?: string | null; + dstPostNAT?: string | null; + usrName?: string | null; + srcMAC?: string | null; + dstMAC?: string | null; + srcPreNATPort?: string | null; + dstPreNATPort?: string | null; + srcPostNATPort?: string | null; + dstPostNATPort?: string | null; + identSrc?: string | null; + identHostName?: string | null; + identNetBios?: string | null; + identGrpName?: string | null; + identMAC?: string | null; + vSrc?: string | null; + vSrcName?: string | null; + accountName?: string | null; + srcBytes?: string | null; + dstBytes?: string | null; + srcPackets?: string | null; + dstPackets?: string | null; + totalPackets?: string | null; + role?: string | null; + realm?: string | null; + policy?: string | null; + resource?: string | null; + url?: string | null; + groupID?: string | null; + domain?: string | null; + isLoginEvent?: string | null; + isLogoutEvent?: string | null; + identSecondlp?: string | null; + calLanguage?: string | null; + AttributeLimits?: string | null; + calCountryOrRegion?: string | null; + + [attrName: string]: string | null | undefined; + } +} + +/** + * A class to work with HP CEF (Common Event Format) messages. This form + * of system messages is designed to work with security systems. Messages can + * be saved to file (Saving to file is not part of this module but a CEF + * formatted message produced by this module can be saved externally to it) or + * sent via Syslog. + * + * A Syslog class with a configured Syslog server target can also be used as + * the input into the formatting classes so that it may run independently. The + * CEF format is designed to send event data to a SIEM system and should not be + * used as a logging stream. This class is meant to be used once per message. + */ +export class CEF implements CEF.Options { + /** + * Construct a new CEF formatting object with user options. + */ + constructor(options?: CEF.Options); + + readonly deviceVendor: string; + readonly deviceProduct: string; + readonly deviceVersion: string; + readonly deviceEventClassId: string; + readonly name: string; + readonly severity: CEF.Severity; + readonly extensions: CEF.Extensions; + readonly server?: Syslog; + + /** + * Validate this CEF object. + * + * @throws First element to fail validation. + */ + validate(): true; + + /** + * Build a CEF formatted string. + * + * @return String with formatted message. + */ + buildMessage(): string; + + /** + * Send a CEF formatted message. + * + * @param syslogOptions Syslog server options that should be used to send messages directly from this class. + */ + send(syslogOptions?: Syslog.Options | false): Promise; +} + +export namespace CEF { + interface Options { + /** + * The vendor of the system that generated the event being reported. + * + * @default 'Unknown' + */ + deviceVendor?: string | undefined; + + /** + * The product name of the system that generated the event being reported. + * + * @default 'Unknown' + */ + deviceProduct?: string | undefined; + + /** + * The version name of the system that generated the event being reported. + * + * @default 'Unknown' + */ + deviceVersion?: string | undefined; + + /** + * The eventId of the system that generated the event being reported. + * + * @default 'Unknown' + */ + deviceEventClassId?: string | undefined; + + /** + * Name of the service generating the notice. + * + * @default 'Unknown' + */ + name?: string | undefined; + + /** + * Severity of the notification. + * + * @default 'Unknown' + */ + severity?: Severity | undefined; + + /** + * Any CEF Key=Value extensions. + * + * @default {} + */ + extensions?: Extensions | undefined; + + /** + * A Syslog server connection that should be used to send messages directly from this class. + * + * @default false + */ + server?: Syslog.Options | false | undefined; + } + + type Severity = SeverityString | SeverityNumber; + type SeverityString = 'Unknown' | 'Low' | 'Medium' | 'High' | 'Very-High'; + type SeverityNumber = 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10; + + interface Extensions { + deviceAction?: string | null; + applicationProtocol?: string | null; + deviceCustomIPv6Address1?: string | null; + 'deviceCustomIPv6 Address1Label'?: string | null; + deviceCustomIPv6Address3?: string | null; + 'deviceCustomIPv6Address3 Label'?: string | null; + 'deviceCustomIPv6 Address4'?: string | null; + 'deviceCustomIPv6 Address4Label'?: string | null; + deviceEventCategory?: string | null; + deviceCustomFloatingPoint1?: number | null; + 'deviceCustom FloatingPoint1Label'?: string | null; + deviceCustomFloatingPoint2?: number | null; + 'deviceCustomFloatingPoint2 Label'?: string | null; + deviceCustomFloatingPoint3?: number | null; + 'deviceCustom FloatingPoint3Label'?: string | null; + deviceCustomFloatingPoint4?: number | null; + 'deviceCustom FloatingPoint4Label'?: string | null; + deviceCustomNumber1?: number | null; + deviceCustomNumber1Label?: string | null; + DeviceCustomNumber2?: number | null; + deviceCustomNumber2Label?: string | null; + deviceCustomNumber3?: number | null; + deviceCustomNumber3Label?: string | null; + baseEventCount?: number | null; + deviceCustomString1?: string | null; + deviceCustomString1Label?: string | null; + deviceCustomString2?: string | null; + deviceCustomString2Label?: string | null; + deviceCustomString3?: string | null; + deviceCustomString3Label?: string | null; + deviceCustomString4?: string | null; + deviceCustomString4Label?: string | null; + deviceCustomString5?: string | null; + deviceCustomString5Label?: string | null; + deviceCustomString6?: string | null; + deviceCustomString6Label?: string | null; + destinationDnsDomain?: string | null; + destinationServiceName?: string | null; + 'destinationTranslated Address'?: string | null; + destinationTranslatedPort?: string | null; + deviceCustomDate1?: string | null; + deviceCustomDate1Label?: string | null; + deviceCustomDate2?: string | null; + deviceCustomDate2Label?: string | null; + deviceDirection?: number | null; + deviceDnsDomain?: string | null; + deviceExternalId?: string | null; + deviceFacility?: string | null; + deviceInboundInterface?: string | null; + deviceNtDomain?: string | null; + deviceOutboundInterface?: string | null; + devicePayloadId?: string | null; + deviceProcessName?: string | null; + deviceTranslatedAddress?: string | null; + destinationHostName?: string | null; + destinationMacAddress?: string | null; + destinationNtDomain?: string | null; + destinationProcessId?: number | null; + destinationUserPrivileges?: string | null; + destinationProcessName?: string | null; + destinationPort?: number | null; + destinationAddress?: string | null; + deviceTimeZone?: string | null; + destinationUserId?: string | null; + destinationUserName?: string | null; + deviceAddress?: string | null; + deviceHostName?: string | null; + deviceMacAddress?: string | null; + deviceProcessId?: number | null; + endTime?: string | null; + externalId?: string | null; + fileCreateTime?: string | null; + fileHash?: string | null; + fileId?: string | null; + fileModificationTime?: string | null; + filePath?: string | null; + filePermission?: string | null; + fileType?: string | null; + flexDate1?: string | null; + flexDate1Label?: string | null; + flexString1?: string | null; + flexString1Label?: string | null; + flexString2?: string | null; + flexString2Label?: string | null; + filename?: string | null; + fileSize?: number | null; + bytesIn?: number | null; + message?: string | null; + oldFileCreateTime?: string | null; + oldFileHash?: string | null; + oldFileId?: string | null; + oldFileModificationTime?: string | null; + oldFileName?: string | null; + oldFilePath?: string | null; + oldFileSize?: number | null; + oldFileType?: string | null; + bytesOut?: number | null; + eventOutcome?: string | null; + transportProtocol?: string | null; + Reason?: string | null; + requestUrl?: string | null; + requestClientApplication?: string | null; + requestContext?: string | null; + requestCookies?: string | null; + requestMethod?: string | null; + deviceReceiptTime?: string | null; + sourceHostName?: string | null; + sourceMacAddress?: string | null; + sourceNtDomain?: string | null; + sourceDnsDomain?: string | null; + sourceServiceName?: string | null; + sourceTranslatedAddress?: string | null; + sourceTranslatedPort?: number | null; + sourceProcessId?: number | null; + sourceUserPrivileges?: string | null; + sourceProcessName?: string | null; + sourcePort?: number | null; + sourceAddress?: string | null; + startTime?: string | null; + sourceUserId?: string | null; + sourceUserName?: string | null; + type?: ExtensionType | null; + agentDnsDomain?: string | null; + agentNtDomain?: string | null; + agentTranslatedAddress?: string | null; + 'agentTranslatedZone ExternalID'?: string | null; + agentTranslatedZoneURI?: string | null; + agentZoneExternalID?: string | null; + agentZoneURI?: string | null; + agentAddress?: string | null; + agentHostName?: string | null; + agentId?: string | null; + agentMacAddress?: string | null; + agentReceiptTime?: string | null; + agentType?: string | null; + agentTimeZone?: string | null; + agentVersion?: string | null; + customerExternalID?: string | null; + customerURI?: string | null; + 'destinationTranslated ZoneExternalID'?: string | null; + 'destinationTranslated ZoneURI'?: string | null; + destinationZoneExternalID?: string | null; + destinationZoneURI?: string | null; + 'deviceTranslatedZone ExternalID'?: string | null; + deviceTranslatedZoneURI?: string | null; + deviceZoneExternalID?: string | null; + deviceZoneURI?: string | null; + destinationGeoLatitude?: number | null; + destinationGeoLongitude?: number | null; + eventId?: number | null; + rawEvent?: string | null; + sourceGeoLatitude?: number | null; + sourceGeoLongitude?: number | null; + 'sourceTranslatedZone ExternalID'?: string | null; + sourceTranslatedZoneURI?: string | null; + sourceZoneExternalID?: string | null; + sourceZoneURI?: string | null; + + [extension: string]: string | number | null | undefined; + } + + type ExtensionType = 0 | 1 | 2 | 3; +} diff --git a/types/syslog-pro/syslog-pro-tests.ts b/types/syslog-pro/syslog-pro-tests.ts new file mode 100644 index 0000000000..da2533b809 --- /dev/null +++ b/types/syslog-pro/syslog-pro-tests.ts @@ -0,0 +1,611 @@ +import { CEF, Colors, LEEF, RFC, RFC3164, RFC5424, RgbToAnsi, Syslog } from 'syslog-pro'; + +// test type exports +type SL = Syslog; +type SLO = Syslog.Options; +type SLF = Syslog.Format; +type SLP = Syslog.Protocol; +type RFc = RFC; +type Col = Colors; +type R3164 = RFC3164; +type R3164O = RFC3164.Options; +type R3164MO = RFC3164.MessageOptions; +type R3164S = RFC3164.Severity; +type R5424 = RFC5424; +type R5424O = RFC5424.Options; +type R5424MO = RFC5424.MessageOptions; +type R5424S = RFC5424.Severity; +type LF = LEEF; +type LFO = LEEF.Options; +type LFA = LEEF.Attributes; +type C = CEF; +type CO = CEF.Options; +type CS = CEF.Severity; +type CSN = CEF.SeverityNumber; +type CSS = CEF.SeverityString; +type CE = CEF.Extensions; +type CET = CEF.ExtensionType; + +RgbToAnsi('#fffff'); // $ExpectType number +RgbToAnsi('#fffff', true); // $ExpectType number +RgbToAnsi(30); // $ExpectType number +RgbToAnsi(30, true); // $ExpectType number + +declare let syslogOptions: Syslog.Options; +declare let syslog: Syslog; +declare let rfc3164Options: RFC3164.Options; +declare let rfc3164: RFC3164; +declare let rfc5424Options: RFC5424.Options; +declare let rfc5424: RFC5424; +declare let rfc: RFC; +declare let leefOptions: LEEF.Options; +declare let leef: LEEF; +declare let cefOptions: CEF.Options; +declare let cef: CEF; +declare const colors: Colors; +declare const leefAttributes: LEEF.Attributes; +declare const cefExtensions: CEF.Extensions; + +syslog = new Syslog(); +syslogOptions = syslog; +// @ts-expect-error +syslog = syslogOptions; +new Syslog({ target: 'foo' }); +new Syslog({ protocol: 'udp' }); +new Syslog({ protocol: 'tcp' }); +new Syslog({ protocol: 'tls' }); +// @ts-expect-error +new Syslog({ protocol: 'foo' }); +new Syslog({ port: 123 }); +new Syslog({ tcpTimeout: 123 }); +new Syslog({ tlsServerCerts: 'foo.cert' }); +new Syslog({ tlsServerCerts: ['foo.cert'] }); +new Syslog({ tlsServerCerts: ['foo.cert'] as const }); +new Syslog({ tlsClientCert: 'foo.cert' }); +new Syslog({ tlsClientKey: 'foo.key' }); +new Syslog({ format: 'none' }); +new Syslog({ format: 'rfc3164' }); +new Syslog({ format: 'rfc5424' }); +new Syslog({ format: 'leef' }); +new Syslog({ format: 'cef' }); +// @ts-expect-error +new Syslog({ format: 'foo' }); +new Syslog({ rfc3164 }); +new Syslog({ rfc3164: rfc3164Options }); +// @ts-expect-error +new Syslog({ rfc3164: { foo: 'bar' } }); +new Syslog({ rfc5424 }); +new Syslog({ rfc5424: rfc5424Options }); +// @ts-expect-error +new Syslog({ rfc5424: { foo: 'bar' } }); +new Syslog({ leef }); +new Syslog({ leef: leefOptions }); +// @ts-expect-error +new Syslog({ leef: { foo: 'bar' } }); +new Syslog({ cef }); +new Syslog({ cef: cefOptions }); +// @ts-expect-error +new Syslog({ cef: { foo: 'bar' } }); + +syslog.target; // $ExpectType string +syslog.protocol; // $ExpectType Protocol +syslog.port; // $ExpectType number +syslog.tcpTimeout; // $ExpectType number +syslog.tlsServerCerts; // $ExpectType readonly string[] +syslog.tlsClientCert; // $ExpectType string | undefined +syslog.tlsClientKey; // $ExpectType string | undefined +syslog.format; // $ExpectType Format +syslog.rfc3164; // $ExpectType RFC3164 | undefined +syslog.rfc5424; // $ExpectType RFC5424 | undefined +syslog.leef; // $ExpectType LEEF | undefined +syslog.cef; // $ExpectType CEF | undefined + +rfc = rfc3164; +// @ts-expect-error +rfc = rfc3164Options; +rfc = rfc5424; +// @ts-expect-error +rfc = rfc5424Options; + +rfc.extendedColor; // $ExpectType boolean +rfc.emergency('foo'); // $ExpectType Promise +rfc.emer('foo'); // $ExpectType Promise +rfc.alert('foo'); // $ExpectType Promise +rfc.critical('foo'); // $ExpectType Promise +rfc.crit('foo'); // $ExpectType Promise +rfc.error('foo'); // $ExpectType Promise +rfc.err('foo'); // $ExpectType Promise +rfc.warning('foo'); // $ExpectType Promise +rfc.warn('foo'); // $ExpectType Promise +rfc.notice('foo'); // $ExpectType Promise +rfc.note('foo'); // $ExpectType Promise +rfc.informational('foo'); // $ExpectType Promise +rfc.info('foo'); // $ExpectType Promise +rfc.log('foo'); // $ExpectType Promise +rfc.debug('foo'); // $ExpectType Promise +rfc.setColor({ emergencyColor: '#ffffff' }); // $ExpectType true +rfc.setColor({ emergencyColor: 30 }); // $ExpectType true +rfc.setColor({ alertColor: '#ffffff' }); // $ExpectType true +rfc.setColor({ alertColor: 30 }); // $ExpectType true +rfc.setColor({ criticalColor: '#ffffff' }); // $ExpectType true +rfc.setColor({ criticalColor: 30 }); // $ExpectType true +rfc.setColor({ errorColor: '#ffffff' }); // $ExpectType true +rfc.setColor({ errorColor: 30 }); // $ExpectType true +rfc.setColor({ warningColor: '#ffffff' }); // $ExpectType true +rfc.setColor({ warningColor: 30 }); // $ExpectType true +rfc.setColor({ noticeColor: '#ffffff' }); // $ExpectType true +rfc.setColor({ noticeColor: 30 }); // $ExpectType true +rfc.setColor({ informationalColor: '#ffffff' }); // $ExpectType true +rfc.setColor({ informationalColor: 30 }); // $ExpectType true +rfc.setColor({ debugColor: '#ffffff' }); // $ExpectType true +rfc.setColor({ debugColor: 30 }); // $ExpectType true + +rfc3164Options = rfc3164; +// @ts-expect-error +rfc3164 = rfc3164Options; +rfc3164 = new RFC3164(); +new RFC3164({ applicationName: 'foo' }); +new RFC3164({ hostname: 'bar' }); +new RFC3164({ facility: 2 }); +new RFC3164({ color: true }); +new RFC3164({ extendedColor: true }); +new RFC3164({ colors }); +new RFC3164({ server: syslog }); +new RFC3164({ server: syslogOptions }); +new RFC3164({ server: false }); + +rfc3164.applicationName; // $ExpectType string +rfc3164.hostname; // $ExpectType string +rfc3164.facility; // $ExpectType number +rfc3164.color; // $ExpectType boolean +rfc3164.extendedColor; // $ExpectType boolean +rfc3164.server; // $ExpectType Syslog | undefined + +rfc3164.buildMessage('foo'); // $ExpectType string +rfc3164.buildMessage('foo', { severity: 0 }); // $ExpectType string +rfc3164.buildMessage('foo', { severity: 1 }); // $ExpectType string +rfc3164.buildMessage('foo', { severity: 2 }); // $ExpectType string +rfc3164.buildMessage('foo', { severity: 3 }); // $ExpectType string +rfc3164.buildMessage('foo', { severity: 4 }); // $ExpectType string +rfc3164.buildMessage('foo', { severity: 5 }); // $ExpectType string +rfc3164.buildMessage('foo', { severity: 6 }); // $ExpectType string +rfc3164.buildMessage('foo', { severity: 7 }); // $ExpectType string +// @ts-expect-error +rfc3164.buildMessage('foo', { severity: 8 }); +rfc3164.buildMessage('foo', { msgColor: 30 }); // $ExpectType string +rfc3164.send('foo', { severity: 1 }); // $ExpectType Promise +rfc3164.send('foo', { msgColor: 30 }); // $ExpectType Promise +rfc3164.emergency('foo'); // $ExpectType Promise +rfc3164.emer('foo'); // $ExpectType Promise +rfc3164.alert('foo'); // $ExpectType Promise +rfc3164.critical('foo'); // $ExpectType Promise +rfc3164.crit('foo'); // $ExpectType Promise +rfc3164.error('foo'); // $ExpectType Promise +rfc3164.err('foo'); // $ExpectType Promise +rfc3164.warning('foo'); // $ExpectType Promise +rfc3164.warn('foo'); // $ExpectType Promise +rfc3164.notice('foo'); // $ExpectType Promise +rfc3164.note('foo'); // $ExpectType Promise +rfc3164.informational('foo'); // $ExpectType Promise +rfc3164.info('foo'); // $ExpectType Promise +rfc3164.log('foo'); // $ExpectType Promise +rfc3164.debug('foo'); // $ExpectType Promise +rfc3164.setColor(colors); // $ExpectType true + +rfc5424Options = rfc5424; +// @ts-expect-error +rfc5424 = rfc5424Options; +rfc5424 = new RFC5424(); +new RFC5424({ applicationName: 'foo' }); +new RFC5424({ hostname: 'bar' }); +new RFC5424({ timestamp: true }); +new RFC5424({ timestampUTC: true }); +new RFC5424({ timestampMS: true }); +new RFC5424({ timestampTZ: true }); +new RFC5424({ includeStructuredData: true }); +new RFC5424({ utf8BOM: true }); +new RFC5424({ color: true }); +new RFC5424({ extendedColor: true }); +new RFC5424({ colors }); +new RFC5424({ server: syslog }); +new RFC5424({ server: syslogOptions }); +new RFC5424({ server: false }); + +rfc5424.applicationName; // $ExpectType string +rfc5424.hostname; // $ExpectType string +rfc5424.timestamp; // $ExpectType boolean +rfc5424.timestampUTC; // $ExpectType boolean +rfc5424.timestampTZ; // $ExpectType boolean +rfc5424.timestampMS; // $ExpectType boolean +rfc5424.includeStructuredData; // $ExpectType boolean +rfc5424.utf8BOM; // $ExpectType boolean +rfc5424.color; // $ExpectType boolean +rfc5424.extendedColor; // $ExpectType boolean +rfc5424.server; // $ExpectType Syslog | undefined + +rfc5424.buildMessage('foo'); // $ExpectType string +rfc5424.buildMessage('foo', { severity: 0 }); // $ExpectType string +rfc5424.buildMessage('foo', { severity: 1 }); // $ExpectType string +rfc5424.buildMessage('foo', { severity: 2 }); // $ExpectType string +rfc5424.buildMessage('foo', { severity: 3 }); // $ExpectType string +rfc5424.buildMessage('foo', { severity: 4 }); // $ExpectType string +rfc5424.buildMessage('foo', { severity: 5 }); // $ExpectType string +rfc5424.buildMessage('foo', { severity: 6 }); // $ExpectType string +rfc5424.buildMessage('foo', { severity: 7 }); // $ExpectType string +// @ts-expect-error +rfc5424.buildMessage('foo', { severity: 8 }); +rfc5424.buildMessage('foo', { facility: 30 }); // $ExpectType string +rfc5424.buildMessage('foo', { pid: 1 }); // $ExpectType string +rfc5424.buildMessage('foo', { id: 1 }); // $ExpectType string +rfc5424.buildMessage('foo', { id: 1 }); // $ExpectType string +rfc5424.buildMessage('foo', { msgStructuredData: ['foo'] }); // $ExpectType string +rfc5424.buildMessage('foo', { msgStructuredData: ['foo'] as const }); // $ExpectType string +rfc5424.buildMessage('foo', { msgColor: 30 }); // $ExpectType string +rfc5424.send('foo', { severity: 1 }); // $ExpectType Promise +rfc5424.send('foo', { facility: 30 }); // $ExpectType Promise +rfc5424.send('foo', { pid: 1 }); // $ExpectType Promise +rfc5424.send('foo', { id: 1 }); // $ExpectType Promise +rfc5424.send('foo', { id: 1 }); // $ExpectType Promise +rfc5424.send('foo', { msgStructuredData: ['foo'] }); // $ExpectType Promise +rfc5424.send('foo', { msgStructuredData: ['foo'] as const }); // $ExpectType Promise +rfc5424.send('foo', { msgColor: 30 }); // $ExpectType Promise +rfc5424.emergency('foo'); // $ExpectType Promise +rfc5424.emer('foo'); // $ExpectType Promise +rfc5424.alert('foo'); // $ExpectType Promise +rfc5424.critical('foo'); // $ExpectType Promise +rfc5424.crit('foo'); // $ExpectType Promise +rfc5424.error('foo'); // $ExpectType Promise +rfc5424.err('foo'); // $ExpectType Promise +rfc5424.warning('foo'); // $ExpectType Promise +rfc5424.warn('foo'); // $ExpectType Promise +rfc5424.notice('foo'); // $ExpectType Promise +rfc5424.note('foo'); // $ExpectType Promise +rfc5424.informational('foo'); // $ExpectType Promise +rfc5424.info('foo'); // $ExpectType Promise +rfc5424.log('foo'); // $ExpectType Promise +rfc5424.debug('foo'); // $ExpectType Promise +rfc5424.setColor(colors); // $ExpectType true + +leefOptions = leef; +// @ts-expect-error +leef = leefOptions; +leef = new LEEF(); +new LEEF({ vendor: 'foo' }); +new LEEF({ product: 'foo' }); +new LEEF({ version: 'foo' }); +new LEEF({ eventId: 'foo' }); +new LEEF({ attributes: leefAttributes }); +new LEEF({ syslogHeader: true }); +new LEEF({ server: syslog }); +new LEEF({ server: syslogOptions }); +new LEEF({ server: false }); + +leef.vendor; // $ExpectType string +leef.product; // $ExpectType string +leef.version; // $ExpectType string +leef.eventId; // $ExpectType string +leef.syslogHeader; // $ExpectType boolean +leef.attributes; // $ExpectType Attributes +leef.server; // $ExpectType Syslog | undefined + +leef.buildMessage(); // $ExpectType string +leef.send(); // $ExpectType Promise +leef.send(false); // $ExpectType Promise +leef.send(syslog); // $ExpectType Promise +leef.send(syslogOptions); // $ExpectType Promise + +leefAttributes.cat; // $ExpectType string | null | undefined +leefAttributes.devTime; // $ExpectType string | null | undefined +leefAttributes.devTimeFormat; // $ExpectType string | null | undefined +leefAttributes.proto; // $ExpectType string | null | undefined +leefAttributes.sev; // $ExpectType string | null | undefined +leefAttributes.src; // $ExpectType string | null | undefined +leefAttributes.dst; // $ExpectType string | null | undefined +leefAttributes.srcPort; // $ExpectType string | null | undefined +leefAttributes.dstPort; // $ExpectType string | null | undefined +leefAttributes.srcPreNAT; // $ExpectType string | null | undefined +leefAttributes.dstPreNAT; // $ExpectType string | null | undefined +leefAttributes.srcPostNAT; // $ExpectType string | null | undefined +leefAttributes.dstPostNAT; // $ExpectType string | null | undefined +leefAttributes.usrName; // $ExpectType string | null | undefined +leefAttributes.srcMAC; // $ExpectType string | null | undefined +leefAttributes.dstMAC; // $ExpectType string | null | undefined +leefAttributes.srcPreNATPort; // $ExpectType string | null | undefined +leefAttributes.dstPreNATPort; // $ExpectType string | null | undefined +leefAttributes.srcPostNATPort; // $ExpectType string | null | undefined +leefAttributes.dstPostNATPort; // $ExpectType string | null | undefined +leefAttributes.identSrc; // $ExpectType string | null | undefined +leefAttributes.identHostName; // $ExpectType string | null | undefined +leefAttributes.identNetBios; // $ExpectType string | null | undefined +leefAttributes.identGrpName; // $ExpectType string | null | undefined +leefAttributes.identMAC; // $ExpectType string | null | undefined +leefAttributes.vSrc; // $ExpectType string | null | undefined +leefAttributes.vSrcName; // $ExpectType string | null | undefined +leefAttributes.accountName; // $ExpectType string | null | undefined +leefAttributes.srcBytes; // $ExpectType string | null | undefined +leefAttributes.dstBytes; // $ExpectType string | null | undefined +leefAttributes.srcPackets; // $ExpectType string | null | undefined +leefAttributes.dstPackets; // $ExpectType string | null | undefined +leefAttributes.totalPackets; // $ExpectType string | null | undefined +leefAttributes.role; // $ExpectType string | null | undefined +leefAttributes.realm; // $ExpectType string | null | undefined +leefAttributes.policy; // $ExpectType string | null | undefined +leefAttributes.resource; // $ExpectType string | null | undefined +leefAttributes.url; // $ExpectType string | null | undefined +leefAttributes.groupID; // $ExpectType string | null | undefined +leefAttributes.domain; // $ExpectType string | null | undefined +leefAttributes.isLoginEvent; // $ExpectType string | null | undefined +leefAttributes.isLogoutEvent; // $ExpectType string | null | undefined +leefAttributes.identSecondlp; // $ExpectType string | null | undefined +leefAttributes.calLanguage; // $ExpectType string | null | undefined +leefAttributes.AttributeLimits; // $ExpectType string | null | undefined +leefAttributes.calCountryOrRegion; // $ExpectType string | null | undefined +leefAttributes.foo; // $ExpectType string | null | undefined + +cefOptions = cef; +// @ts-expect-error +cef = cefOptions; +cef = new CEF(); +new CEF({ deviceVendor: 'foo' }); +new CEF({ deviceProduct: 'foo' }); +new CEF({ deviceVersion: 'foo' }); +new CEF({ deviceEventClassId: 'foo' }); +new CEF({ name: 'foo' }); +new CEF({ severity: 'Unknown' }); +new CEF({ severity: 'Low' }); +new CEF({ severity: 'Medium' }); +new CEF({ severity: 'High' }); +new CEF({ severity: 'Very-High' }); +new CEF({ severity: 0 }); +new CEF({ severity: 1 }); +new CEF({ severity: 2 }); +new CEF({ severity: 3 }); +new CEF({ severity: 4 }); +new CEF({ severity: 5 }); +new CEF({ severity: 6 }); +new CEF({ severity: 7 }); +new CEF({ severity: 8 }); +new CEF({ severity: 9 }); +new CEF({ severity: 10 }); +// @ts-expect-error +new CEF({ severity: 11 }); +// @ts-expect-error +new CEF({ severity: 'foo' }); +new CEF({ extensions: cefExtensions }); +new CEF({ server: syslog }); +new CEF({ server: syslogOptions }); +new CEF({ server: false }); + +cef.deviceVendor; // $ExpectType string +cef.deviceProduct; // $ExpectType string +cef.deviceVersion; // $ExpectType string +cef.deviceEventClassId; // $ExpectType string +cef.name; // $ExpectType string +cef.severity; // $ExpectType Severity +cef.extensions; // $ExpectType Extensions +cef.server; // $ExpectType Syslog | undefined + +cef.validate(); // $ExpectType true +cef.buildMessage(); // $ExpectType string +cef.send(); // $ExpectType Promise +cef.send(false); // $ExpectType Promise +cef.send(syslog); // $ExpectType Promise +cef.send(syslogOptions); // $ExpectType Promise + +cefExtensions.deviceAction; // $ExpectType string | null | undefined +cefExtensions.applicationProtocol; // $ExpectType string | null | undefined +cefExtensions.deviceCustomIPv6Address1; // $ExpectType string | null | undefined +cefExtensions['deviceCustomIPv6 Address1Label']; // $ExpectType string | null | undefined +cefExtensions.deviceCustomIPv6Address3; // $ExpectType string | null | undefined +cefExtensions['deviceCustomIPv6Address3 Label']; // $ExpectType string | null | undefined +cefExtensions['deviceCustomIPv6 Address4']; // $ExpectType string | null | undefined +cefExtensions['deviceCustomIPv6 Address4Label']; // $ExpectType string | null | undefined +cefExtensions.deviceEventCategory; // $ExpectType string | null | undefined +cefExtensions.deviceCustomFloatingPoint1; // $ExpectType number | null | undefined +cefExtensions['deviceCustom FloatingPoint1Label']; // $ExpectType string | null | undefined +cefExtensions.deviceCustomFloatingPoint2; // $ExpectType number | null | undefined +cefExtensions['deviceCustomFloatingPoint2 Label']; // $ExpectType string | null | undefined +cefExtensions.deviceCustomFloatingPoint3; // $ExpectType number | null | undefined +cefExtensions['deviceCustom FloatingPoint3Label']; // $ExpectType string | null | undefined +cefExtensions.deviceCustomFloatingPoint4; // $ExpectType number | null | undefined +cefExtensions['deviceCustom FloatingPoint4Label']; // $ExpectType string | null | undefined +cefExtensions.deviceCustomNumber1; // $ExpectType number | null | undefined +cefExtensions.deviceCustomNumber1Label; // $ExpectType string | null | undefined +cefExtensions.DeviceCustomNumber2; // $ExpectType number | null | undefined +cefExtensions.deviceCustomNumber2Label; // $ExpectType string | null | undefined +cefExtensions.deviceCustomNumber3; // $ExpectType number | null | undefined +cefExtensions.deviceCustomNumber3Label; // $ExpectType string | null | undefined +cefExtensions.baseEventCount; // $ExpectType number | null | undefined +cefExtensions.deviceCustomString1; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString1Label; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString2; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString2Label; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString3; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString3Label; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString4; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString4Label; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString5; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString5Label; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString6; // $ExpectType string | null | undefined +cefExtensions.deviceCustomString6Label; // $ExpectType string | null | undefined +cefExtensions.destinationDnsDomain; // $ExpectType string | null | undefined +cefExtensions.destinationServiceName; // $ExpectType string | null | undefined +cefExtensions['destinationTranslated Address']; // $ExpectType string | null | undefined +cefExtensions.destinationTranslatedPort; // $ExpectType string | null | undefined +cefExtensions.deviceCustomDate1; // $ExpectType string | null | undefined +cefExtensions.deviceCustomDate1Label; // $ExpectType string | null | undefined +cefExtensions.deviceCustomDate2; // $ExpectType string | null | undefined +cefExtensions.deviceCustomDate2Label; // $ExpectType string | null | undefined +cefExtensions.deviceDirection; // $ExpectType number | null | undefined +cefExtensions.deviceDnsDomain; // $ExpectType string | null | undefined +cefExtensions.deviceExternalId; // $ExpectType string | null | undefined +cefExtensions.deviceFacility; // $ExpectType string | null | undefined +cefExtensions.deviceInboundInterface; // $ExpectType string | null | undefined +cefExtensions.deviceNtDomain; // $ExpectType string | null | undefined +cefExtensions.deviceOutboundInterface; // $ExpectType string | null | undefined +cefExtensions.devicePayloadId; // $ExpectType string | null | undefined +cefExtensions.deviceProcessName; // $ExpectType string | null | undefined +cefExtensions.deviceTranslatedAddress; // $ExpectType string | null | undefined +cefExtensions.destinationHostName; // $ExpectType string | null | undefined +cefExtensions.destinationMacAddress; // $ExpectType string | null | undefined +cefExtensions.destinationNtDomain; // $ExpectType string | null | undefined +cefExtensions.destinationProcessId; // $ExpectType number | null | undefined +cefExtensions.destinationUserPrivileges; // $ExpectType string | null | undefined +cefExtensions.destinationProcessName; // $ExpectType string | null | undefined +cefExtensions.destinationPort; // $ExpectType number | null | undefined +cefExtensions.destinationAddress; // $ExpectType string | null | undefined +cefExtensions.deviceTimeZone; // $ExpectType string | null | undefined +cefExtensions.destinationUserId; // $ExpectType string | null | undefined +cefExtensions.destinationUserName; // $ExpectType string | null | undefined +cefExtensions.deviceAddress; // $ExpectType string | null | undefined +cefExtensions.deviceHostName; // $ExpectType string | null | undefined +cefExtensions.deviceMacAddress; // $ExpectType string | null | undefined +cefExtensions.deviceProcessId; // $ExpectType number | null | undefined +cefExtensions.endTime; // $ExpectType string | null | undefined +cefExtensions.externalId; // $ExpectType string | null | undefined +cefExtensions.fileCreateTime; // $ExpectType string | null | undefined +cefExtensions.fileHash; // $ExpectType string | null | undefined +cefExtensions.fileId; // $ExpectType string | null | undefined +cefExtensions.fileModificationTime; // $ExpectType string | null | undefined +cefExtensions.filePath; // $ExpectType string | null | undefined +cefExtensions.filePermission; // $ExpectType string | null | undefined +cefExtensions.fileType; // $ExpectType string | null | undefined +cefExtensions.flexDate1; // $ExpectType string | null | undefined +cefExtensions.flexDate1Label; // $ExpectType string | null | undefined +cefExtensions.flexString1; // $ExpectType string | null | undefined +cefExtensions.flexString1Label; // $ExpectType string | null | undefined +cefExtensions.flexString2; // $ExpectType string | null | undefined +cefExtensions.flexString2Label; // $ExpectType string | null | undefined +cefExtensions.filename; // $ExpectType string | null | undefined +cefExtensions.fileSize; // $ExpectType number | null | undefined +cefExtensions.bytesIn; // $ExpectType number | null | undefined +cefExtensions.message; // $ExpectType string | null | undefined +cefExtensions.oldFileCreateTime; // $ExpectType string | null | undefined +cefExtensions.oldFileHash; // $ExpectType string | null | undefined +cefExtensions.oldFileId; // $ExpectType string | null | undefined +cefExtensions.oldFileModificationTime; // $ExpectType string | null | undefined +cefExtensions.oldFileName; // $ExpectType string | null | undefined +cefExtensions.oldFilePath; // $ExpectType string | null | undefined +cefExtensions.oldFileSize; // $ExpectType number | null | undefined +cefExtensions.oldFileType; // $ExpectType string | null | undefined +cefExtensions.bytesOut; // $ExpectType number | null | undefined +cefExtensions.eventOutcome; // $ExpectType string | null | undefined +cefExtensions.transportProtocol; // $ExpectType string | null | undefined +cefExtensions.Reason; // $ExpectType string | null | undefined +cefExtensions.requestUrl; // $ExpectType string | null | undefined +cefExtensions.requestClientApplication; // $ExpectType string | null | undefined +cefExtensions.requestContext; // $ExpectType string | null | undefined +cefExtensions.requestCookies; // $ExpectType string | null | undefined +cefExtensions.requestMethod; // $ExpectType string | null | undefined +cefExtensions.deviceReceiptTime; // $ExpectType string | null | undefined +cefExtensions.sourceHostName; // $ExpectType string | null | undefined +cefExtensions.sourceMacAddress; // $ExpectType string | null | undefined +cefExtensions.sourceNtDomain; // $ExpectType string | null | undefined +cefExtensions.sourceDnsDomain; // $ExpectType string | null | undefined +cefExtensions.sourceServiceName; // $ExpectType string | null | undefined +cefExtensions.sourceTranslatedAddress; // $ExpectType string | null | undefined +cefExtensions.sourceTranslatedPort; // $ExpectType number | null | undefined +cefExtensions.sourceProcessId; // $ExpectType number | null | undefined +cefExtensions.sourceUserPrivileges; // $ExpectType string | null | undefined +cefExtensions.sourceProcessName; // $ExpectType string | null | undefined +cefExtensions.sourcePort; // $ExpectType number | null | undefined +cefExtensions.sourceAddress; // $ExpectType string | null | undefined +cefExtensions.startTime; // $ExpectType string | null | undefined +cefExtensions.sourceUserId; // $ExpectType string | null | undefined +cefExtensions.sourceUserName; // $ExpectType string | null | undefined +const extType: CEF.ExtensionType | null | undefined = cefExtensions.type; +// @ts-expect-error +const extType1: CEF.ExtensionType | null = cefExtensions.type; +// @ts-expect-error +const extType2: CEF.ExtensionType | undefined = cefExtensions.type; +// @ts-expect-error +const extType3: CEF.ExtensionType = cefExtensions.type; +cefExtensions.agentDnsDomain; // $ExpectType string | null | undefined +cefExtensions.agentNtDomain; // $ExpectType string | null | undefined +cefExtensions.agentTranslatedAddress; // $ExpectType string | null | undefined +cefExtensions['agentTranslatedZone ExternalID']; // $ExpectType string | null | undefined +cefExtensions.agentTranslatedZoneURI; // $ExpectType string | null | undefined +cefExtensions.agentZoneExternalID; // $ExpectType string | null | undefined +cefExtensions.agentZoneURI; // $ExpectType string | null | undefined +cefExtensions.agentAddress; // $ExpectType string | null | undefined +cefExtensions.agentHostName; // $ExpectType string | null | undefined +cefExtensions.agentId; // $ExpectType string | null | undefined +cefExtensions.agentMacAddress; // $ExpectType string | null | undefined +cefExtensions.agentReceiptTime; // $ExpectType string | null | undefined +cefExtensions.agentType; // $ExpectType string | null | undefined +cefExtensions.agentTimeZone; // $ExpectType string | null | undefined +cefExtensions.agentVersion; // $ExpectType string | null | undefined +cefExtensions.customerExternalID; // $ExpectType string | null | undefined +cefExtensions.customerURI; // $ExpectType string | null | undefined +cefExtensions['destinationTranslated ZoneExternalID']; // $ExpectType string | null | undefined +cefExtensions['destinationTranslated ZoneURI']; // $ExpectType string | null | undefined +cefExtensions.destinationZoneExternalID; // $ExpectType string | null | undefined +cefExtensions.destinationZoneURI; // $ExpectType string | null | undefined +cefExtensions['deviceTranslatedZone ExternalID']; // $ExpectType string | null | undefined +cefExtensions.deviceTranslatedZoneURI; // $ExpectType string | null | undefined +cefExtensions.deviceZoneExternalID; // $ExpectType string | null | undefined +cefExtensions.deviceZoneURI; // $ExpectType string | null | undefined +cefExtensions.destinationGeoLatitude; // $ExpectType number | null | undefined +cefExtensions.destinationGeoLongitude; // $ExpectType number | null | undefined +cefExtensions.eventId; // $ExpectType number | null | undefined +cefExtensions.rawEvent; // $ExpectType string | null | undefined +cefExtensions.sourceGeoLatitude; // $ExpectType number | null | undefined +cefExtensions.sourceGeoLongitude; // $ExpectType number | null | undefined +cefExtensions['sourceTranslatedZone ExternalID']; // $ExpectType string | null | undefined +cefExtensions.sourceTranslatedZoneURI; // $ExpectType string | null | undefined +cefExtensions.sourceZoneExternalID; // $ExpectType string | null | undefined +cefExtensions.sourceZoneURI; // $ExpectType string | null | undefined + +new Syslog({ + target: 'localhost', + protocol: 'udp', + format: 'rfc5424', +}).rfc5424!.info('My Message'); + +new RFC3164({ + applicationName: 'MyApp', + color: true, + extendedColor: true, + server: { + target: 'myServer.fqdn', + }, +}).info('My Message'); + +new RFC5424({ + applicationName: 'MyApp', + timestamp: true, + includeStructuredData: true, + color: true, + extendedColor: true, + server: { + target: 'myServer.fqdn', + }, +}).info('My Message'); + +new LEEF({ + vendor: 'acme', + product: 'doohickey1000', + version: 'alpha', + eventId: 'hack', + attributes: { + cat: 'CC Databreach', + }, + server: { + target: 'myServer.fqdn', + }, +}).send(); + +new CEF({ + deviceVendor: 'acme', + deviceProduct: 'doohickey1000', + deviceVersion: 'alpha', + deviceEventClassId: 'hack', + name: 'My Reporting Service', + severity: 'High', + extensions: { + rawEvent: 'CC Databreach', + }, + server: { + target: 'myServer.fqdn', + }, +}).send(); diff --git a/types/syslog-pro/tsconfig.json b/types/syslog-pro/tsconfig.json new file mode 100644 index 0000000000..573a9b942b --- /dev/null +++ b/types/syslog-pro/tsconfig.json @@ -0,0 +1,23 @@ +{ + "compilerOptions": { + "module": "commonjs", + "lib": [ + "es6" + ], + "noImplicitAny": true, + "noImplicitThis": true, + "strictFunctionTypes": true, + "strictNullChecks": true, + "baseUrl": "../", + "typeRoots": [ + "../" + ], + "types": [], + "noEmit": true, + "forceConsistentCasingInFileNames": true + }, + "files": [ + "index.d.ts", + "syslog-pro-tests.ts" + ] +} diff --git a/types/syslog-pro/tslint.json b/types/syslog-pro/tslint.json new file mode 100644 index 0000000000..794cb4bf3e --- /dev/null +++ b/types/syslog-pro/tslint.json @@ -0,0 +1 @@ +{ "extends": "@definitelytyped/dtslint/dt.json" }