UNPKG

glossy

Version:

Syslog parser and producer

105 lines (86 loc) 3.4 kB
var syslogParser = require('../lib/glossy/parse.js'), syslogGenerator = require('../lib/glossy/produce.js'), assert = require('assert'); assert.ok(syslogParser, 'parser loaded'); var gen = new syslogGenerator({type: 'bsd'}); var doubleSpaced = "<13>Feb 5 17:32:18 10.0.0.99 Use the BFG!"; syslogParser.parse(doubleSpaced, function(parsedMessage){ var msg = gen.produce(parsedMessage); assert.equal(doubleSpaced, msg); var expectedData = { originalMessage: doubleSpaced, prival: 13, facilityID: 1, severityID: 5, facility: 'user', severity: 'notice', type: 'RFC3164', host: '10.0.0.99', message: 'Use the BFG!' }; delete parsedMessage.date; delete parsedMessage.time; delete parsedMessage.timestamp; assert.deepEqual(parsedMessage, expectedData); }); var withCommand = "<34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8"; syslogParser.parse(withCommand, function(parsedMessage){ var expectedData = { originalMessage: withCommand, prival: 34, facilityID: 4, severityID: 2, facility: 'auth', severity: 'crit', type: 'RFC3164', host: 'mymachine', message: "su: 'su root' failed for lonvick on /dev/pts/8" }; var parsedDate = parsedMessage.time; delete parsedMessage.time; assert.equal(parsedDate.getUTCMonth(), 9); assert.equal(parsedDate.getUTCHours(), 20); assert.deepEqual(parsedMessage, expectedData); }); var withDifficultTime = "<191>94103: 51w2d: DHCPD: assigned IP address 10.10.1.94 to client 0100.01c4.21d3.b3"; syslogParser.parse(withDifficultTime, function(parsedMessage){ var expectedData = { originalMessage: withDifficultTime, prival: 191, facilityID: 23, severityID: 7, facility: 'local7', severity: 'debug', type: 'RFC3164', time: undefined, message: '51w2d: DHCPD: assigned IP address 10.10.1.94 to client 0100.01c4.21d3.b3'}; assert.deepEqual(parsedMessage, expectedData); }); var withYear = "<32>Mar 05 2011 22:21:02: %ASA-6-302013: Built inbound TCP connection 401 for outside:123.123.123.123/4413 (123.123.123.123/4413) to net:BOX/25 (BOX/25)"; syslogParser.parse(withYear, function(parsedMessage){ var expectedData = { originalMessage: withYear, prival: 32, facilityID: 4, severityID: 0, facility: 'auth', severity: 'emerg', type: 'RFC3164', time: undefined, host: '22:21:02:', message: '%ASA-6-302013: Built inbound TCP connection 401 for outside:123.123.123.123/4413 (123.123.123.123/4413) to net:BOX/25 (BOX/25)' }; assert.deepEqual(parsedMessage, expectedData); }); var withSpaces = "<13>Mar 15 11:22:40 myhost.com 0 11,03/15/12,11:22:38,§ó·s,10.10.10.171,,40C6A91373B6,"; syslogParser.parse(withSpaces, function(parsedMessage){ var expectedData = { originalMessage: withSpaces, prival: 13, facilityID: 1, severityID: 5, facility: 'user', severity: 'notice', type: 'RFC3164', host: 'myhost.com', message: ' 0 11,03/15/12,11:22:38,§ó·s,10.10.10.171,,40C6A91373B6,' }; delete parsedMessage.time; assert.deepEqual(parsedMessage, expectedData); });