NAME
Net::Nmsg::Msg - Perl interface for messages from the NMSG library
SYNOPSIS
use Net::Nmsg::Output;
use Net::Nmsg::Input;
use Net::Nmsg::Msg;
# Each message type (vendor/msgtype) gets its own subclass with
# methods specific to the fields for that type. For example:
my $o = Net::Nmsg::Output->open('127.0.0.1/9430');
my $m = Net::Nmsg::Msg::base::ipconn->new();
for my $i (0 .. 99) {
$m->set_srcip("127.0.0.$i");
$m->set_dstip("127.1.0.$i");
$m->set_srcport($i);
$m->set_dstport(65535 - $i);
$o->write($m);
}
my $c = 0;
my $i = Net::Nmsg::Input->open('input.nmsg');
while (my $m = $i->read) {
print "message $c vendor ", $m->vendor, " type ", $m->type, "\n"
print $m->as_str, "\n";
++$c;
}
DESCRIPTION
Net::Nmsg::Msg is the base class for NMSG messages. Each vendor/msgtype has a tailored subclass for handling fields particular to that type.
METHODS
- modules()
-
Returns a list of all message module classes installed on the system.
- vendor()
-
The name of the vendor of this message module.
- type()
-
The message type of this message module.
- source([source])
-
Return or set the source ID of this nmsg message.
- operator([operator])
-
Return or set the operator ID of this nmsg message.
- group([group])
-
Return or set the group of this nmsg message.
- time([time_sec, time_nsec])
-
Return or set the timestamp of this nmsg message. Accepts and returns two integer values representing seconds and nanoseconds.
- fields()
-
A list of possible fields defined for this message module.
- fields_present()
-
A list of fields actually defined for a message module.
- headers_as_str()
-
Renders the headers of a message (vendor, type, source, operator, group) as a string.
- as_str()
-
Renders the entire message, headers plus fields and their values as a string.
ACCESSORS
Each field of a message has several methods associated with it. Replace 'fieldname' with the actual name of the field:
get_fieldname()
get_raw_fieldname()
set_fieldname($val)
set_raw_fieldname($packed_val)
Fields that are 'repeated' accept multiple values in the setters and return (possibly) multiple values from the getters. Repeated fields have these additional methods associated with them which push values onto the list of existing values:
add_fieldname(@vals)
add_raw_fieldname(@packed_vals)
There is no difference between the plain and raw versions of these methods if the field is one of the following data types:
NMSG_FT_BYTES
NMSG_FT_STRING
NMSG_FT_MLSTRING
NMSG_FT_UINT16
NMSG_FT_UINT32
NMSG_FT_INT16
NMSG_FT_INT32
NMSG_FT_DOUBLE
NMSG_FT_BOOL
The following field types behave differently since there are no native perl types for them:
field mode type returns/accepts
-------------------------------------------------------------
NMSG_FT_IP get IPv4/IPv6 strings
NMSG_FT_IP set IPv4/IPv6 strings
NMSG_FT_IP get raw IPv4/IPv6 packed network order
NMSG_FT_IP set raw IPv4/IPv6 packed network order
NMSG_FT_INT64 get Math::Int64
NMSG_FT_INT64 set Math::Int64 or string
NMSG_FT_INT64 get raw 64-bit integer packed native
NMSG_FT_INT64 set raw 64-bit integer packed native
NMSG_FT_UINT64 * * same as above but unsigned
NMSG_FT_ENUM get string
NMSG_FT_ENUM set string
NMSG_FT_ENUM get raw int
NMSG_FT_ENUM set raw int
SEE ALSO
Net::Nmsg::IO, Net::Nmsg::Input, Net::Nmsg::Output, Net::WDNS, nmsgtool(1)
AUTHOR
Matthew Sisk, <sisk@cert.org>
COPYRIGHT & LICENSE
Copyright (C) 2010-2015 by Carnegie Mellon University
Use of the Net-Silk library and related source code is subject to the terms of the following licenses:
GNU Public License (GPL) Rights pursuant to Version 2, June 1991 Government Purpose License Rights (GPLR) pursuant to DFARS 252.227.7013
NO WARRANTY
See GPL.txt and LICENSE.txt for more details.