NAME

Net::Nmsg::Msg - Perl interface for messages from the NMSG library

SYNOPSIS

use Net::Nmsg::Output;
use Net::Nmsg::Input;
use Net::Nmsg::Msg;

# Each message type (vendor/msgtype) gets its own subclass with
# methods specific to the fields for that type. For example:

my $o = Net::Nmsg::Output->open('127.0.0.1/9430');
my $m = Net::Nmsg::Msg::base::ipconn->new();
for my $i (0 .. 99) {
  $m->set_srcip("127.0.0.$i");
  $m->set_dstip("127.1.0.$i");
  $m->set_srcport($i);
  $m->set_dstport(65535 - $i);
  $o->write($m);
}

my $c = 0;
my $i = Net::Nmsg::Input->open('input.nmsg');
while (my $m = $i->read) {
  print "message $c vendor ", $m->vendor, " type ", $m->type, "\n"
  print $m->as_str, "\n";
  ++$c;
}

DESCRIPTION

Net::Nmsg::Msg is the base class for NMSG messages. Each vendor/msgtype has a tailored subclass for handling fields particular to that type.

METHODS

modules()

Returns a list of all message module classes installed on the system.

vendor()

The name of the vendor of this message module.

type()

The message type of this message module.

source([source])

Return or set the source ID of this nmsg message.

operator([operator])

Return or set the operator ID of this nmsg message.

group([group])

Return or set the group of this nmsg message.

time([time_sec, time_nsec])

Return or set the timestamp of this nmsg message. Accepts and returns two integer values representing seconds and nanoseconds.

fields()

A list of possible fields defined for this message module.

fields_present()

A list of fields actually defined for a message module.

headers_as_str()

Renders the headers of a message (vendor, type, source, operator, group) as a string.

as_str()

Renders the entire message, headers plus fields and their values as a string.

ACCESSORS

Each field of a message has several methods associated with it. Replace 'fieldname' with the actual name of the field:

get_fieldname()
get_raw_fieldname()

set_fieldname($val)
set_raw_fieldname($packed_val)

Fields that are 'repeated' accept multiple values in the setters and return (possibly) multiple values from the getters. Repeated fields have these additional methods associated with them which push values onto the list of existing values:

add_fieldname(@vals)
add_raw_fieldname(@packed_vals)

There is no difference between the plain and raw versions of these methods if the field is one of the following data types:

NMSG_FT_BYTES
NMSG_FT_STRING
NMSG_FT_MLSTRING
NMSG_FT_UINT16
NMSG_FT_UINT32
NMSG_FT_INT16
NMSG_FT_INT32
NMSG_FT_DOUBLE
NMSG_FT_BOOL

The following field types behave differently since there are no native perl types for them:

field           mode  type   returns/accepts
-------------------------------------------------------------
NMSG_FT_IP      get          IPv4/IPv6 strings
NMSG_FT_IP      set          IPv4/IPv6 strings
NMSG_FT_IP      get   raw    IPv4/IPv6 packed network order
NMSG_FT_IP      set   raw    IPv4/IPv6 packed network order

NMSG_FT_INT64   get          Math::Int64
NMSG_FT_INT64   set          Math::Int64 or string
NMSG_FT_INT64   get   raw    64-bit integer packed native
NMSG_FT_INT64   set   raw    64-bit integer packed native

NMSG_FT_UINT64  *     *      same as above but unsigned

NMSG_FT_ENUM    get          string
NMSG_FT_ENUM    set          string
NMSG_FT_ENUM    get   raw    int
NMSG_FT_ENUM    set   raw    int

SEE ALSO

Net::Nmsg::IO, Net::Nmsg::Input, Net::Nmsg::Output, Net::WDNS, nmsgtool(1)

AUTHOR

Matthew Sisk, <sisk@cert.org>

COPYRIGHT & LICENSE

Copyright (C) 2010-2015 by Carnegie Mellon University

Use of the Net-Silk library and related source code is subject to the terms of the following licenses:

GNU Public License (GPL) Rights pursuant to Version 2, June 1991 Government Purpose License Rights (GPLR) pursuant to DFARS 252.227.7013

NO WARRANTY

See GPL.txt and LICENSE.txt for more details.