NAME

Net::Nmsg::IO - Net::Nmsg - Perl interface for the nmsg IO loop

SYNOPSIS

use Net::Nmsg::IO;

my $io = Net::Nmsg::IO->new();

my $c = 0;

my $cb = sub {
  my $msg = shift;
  print $msg->as_str, "\n";
};

$io->add_input('infile.nmsg');
$io->add_output('127.0.0.1/9430');
$io->add_output($cb);

$io->loop;

DESCRIPTION

Net::Nmsg::IO is a perl interface to the IO manager of the nmsg network data capture library.

CONSTRUCTOR

new(%options)

Creates a new Net::Nmsg::IO object. Valid options are:

mirrored: When enabled, mirrors input messages across all assigned outputs. The default is to stripe incoming messages across outputs.
count: Stop processing after having written count input messages to outputs (mirrored messages count as one message)
interval: Stop processing after interval seconds have passed.
filter_vendor
filter_msgtype: Filter messages for the specified message type. Both parameters are required. If set, all inputs and outputs will share this filter.
filter_source: Specify a source filter for all inputs.
filter_operator: Specify an operator filter for all inputs.
filter_group: Specify a group filter for all inputs.

ACCESSORS

set_mirrored($bool)
get_mirrored()
set_count($int)
get_count()
set_interval($secs)
get_interval()
set_filter_msgtype($vendor, $msgtype)
get_filter_msgtype()
set_filter_source($source)
get_filter_source()
set_filter_operator($operator)
get_filter_operator()
set_filter_group($group)
get_filter_group()

METHODS

loop()

Initiate processing on the assigned inputs and outputs. Processing ceases when either the inputs are exausted or until breakloop() is called from within a callback.

breakloop()

When invoked from a callback, causes the processing loop to halt.

add_input($spec, %options)

Add an input to the IO loop. A reasonable attempt is made to determine whether the specification is a file name (nmsg, pcap, pres), file handle (nmsg), channel alias or socket specification (nmsg), network device name (pcap), or reference to a Net::Nmsg::Input object, and is opened accordingly. If for some reason this reasonable guess is not so reasonable, use one of the specific input methods detailed below.

See Net::Nmsg::Input for details on valid options.

add_output($spec, %options)

Add an output to the IO loop. A reasonable attempt is made to determine whether the output specification is a socket specification (nmsg), callback reference (per message), file name/handle (nmsg), or reference to a Net::Nmsg::Output object. For other output types (such as presentation format), use one of the specific output methods detailed below.

See Net::Nmsg::Output for details on valid options.

add_input_channel($channel, %opt)

Add input sockets associated with the given channel alias as defined by the local nmsgtool installation.

add_input_file($file, %opt)

Add a NMSG formatted file as an input, specified either as a file name or file handle.

add_input_sock($socket, %opt) =item add_input_sock($host, $port, %opt)

Add a NMSG socket as an input, specified either as a socket specification, socket handle, or host/port pair.

add_input_pres($file, vendor => $v, msgtype => $m, %opt)

Add a file in presentation format as an input, specified either as a file name or handle. The vendor and msgtype parameters are required.

add_input_pcap($file, vendor => $v, msgtype => $m, %opt)

Add a file in pcap format as an input, specefied as a file name. The vendor and msgtype parameters are required.

add_input_iface($interface, vendor => $v, msgtype => $m, %opt)

Add a network interface (live pcap) as an input, specified as a network device name. The vendor and msgtype parameters are required.

add_output_channel($channel, %opt)

Add output sockets assosicated with the given channel alias as defined by the local nmsgtool installation.

add_output_file($file, %opt)

Add a NMSG formatted file as an output, specified either as a file name or handle.

add_output_sock($socket, %opt)

add_output_sock($host, $pair, %opt)

Add an output socket for NMSG formatted data, specified either as a socket specification, socket handle, or host/port pair.

add_output_pres($file, %opt)

Add a file in presentation format as an output, specified either as a file name or handle.

add_output_cb($code_ref, %opt)

Add the given callback reference as an output. The callback is passed a reference to a message object for each message that makes it through the filters. The process loop can be stopped by calling the loop() method on the IO object. See Net::Nmsg::Msg for more details on message objects.

AUTHOR

Matthew Sisk, <sisk@cert.org>

COPYRIGHT AND LICENSE

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License, as published by the Free Software Foundation, under the terms pursuant to Version 2, June 1991.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

To install Net::Nmsg, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Net::Nmsg

CPAN shell

perl -MCPAN -e shell
install Net::Nmsg

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)