`salo.events.suricata`

Submodules

Package Contents

Classes

`SuricataModel`	Mixin to provide __str__, __repr__, and __pretty__ methods. See #884 for more details.
`DNSModel`	Mixin to provide __str__, __repr__, and __pretty__ methods. See #884 for more details.
`HTTPModel`	Mixin to provide __str__, __repr__, and __pretty__ methods. See #884 for more details.

class salo.events.suricata.SuricataModel(__pydantic_self__, **data: Any)[source]

Bases: salo.SaloEventModel

Mixin to provide __str__, __repr__, and __pretty__ methods. See #884 for more details.

__pretty__ is used by [devtools](https://python-devtools.helpmanual.io/) to provide human readable representations of objects.

class Config[source]

json_encoders

timestamp :datetime.datetime

flow_id :Optional[int]

pcap_cnt :Optional[int]

event_type :Optional[str]

src_ip :Optional[pydantic.IPvAnyAddress]

src_port :Optional[int]

dest_ip :Optional[pydantic.IPvAnyAddress]

dest_port :Optional[int]

proto :Optional[str]

packet :Optional[str]

packet_info :Optional[Dict]

tx_id :Optional[int]

app_proto :Optional[str]

set_src_port(cls, v)[source]

set_dest_port(cls, v)[source]

generate(self, by_alias: bool = True, exclude_none: bool = True)[source]

class salo.events.suricata.DNSModel(__pydantic_self__, **data: Any)[source]

Bases: salo.events.suricata.base.SuricataModel

Mixin to provide __str__, __repr__, and __pretty__ methods. See #884 for more details.

__pretty__ is used by [devtools](https://python-devtools.helpmanual.io/) to provide human readable representations of objects.

_refs :List[str] = ['https://docs.zeek.org/en/master/logs/dns.html']

event_type :str

dest_port :int

dns :Optional[Union[DNSModelFull, Dict]]

set_values(cls, values)[source]

get_options(self, *args, **kwargs) → Dict[source]

class salo.events.suricata.HTTPModel(__pydantic_self__, **data: Any)[source]

Bases: salo.events.suricata.base.SuricataModel

Mixin to provide __str__, __repr__, and __pretty__ methods. See #884 for more details.

__pretty__ is used by [devtools](https://python-devtools.helpmanual.io/) to provide human readable representations of objects.

_refs :List[str] = ['https://suricata.readthedocs.io/en/suricata-6.0.0/output/eve/eve-json-format.html#event-type-http']

event_type :str

dest_port :int

http :Optional[Union[HTTPModelFull, Dict]]

set_values(cls, values)[source]

get_options(self, *args, **kwargs)[source]

salo.events.suricata

Submodules

Package Contents

Classes

`salo.events.suricata`