NAME
BuzzSaw::Filter::SSH - A BuzzSaw event filter for SSH log entries
VERSION
This documentation refers to BuzzSaw::Filter::SSH version 0.11.0
SYNOPSIS
my $filter = BuzzSaw::Filter::SSH->new();
while ( defined( my $line = $fh->getline ) ) {
my %event = $parser->parse_line($line);
my ( $accept, @tags ) = $filter->check(\%event);
if ($accept) {
# store log entry in DB
}
}
DESCRIPTION
This is a Moose class which provides a filter which implements the BuzzSaw::Filter role. It is used to filter log entries and find those associated with the SSH daemon. An event will be accepted for storage if it is related to a login being accepted or failed. When an event is accepted by the SSH filter module it returns ssh
and auth
tags along with one of auth_success
or auth_failure
.
The BuzzSaw project provides a suite of tools for processing log file entries. Entries in files are parsed and filtered into a set of events of interest which are stored in a database. A report generation framework is also available which makes it easy to generate regular reports regarding the events discovered.
ATTRIBUTES
- name
-
The short name of the module. The default is to use the final part of the Perl module name lower-cased (e.g. the name of
BuzzSaw::Filter::SSH
isssh
).
SUBROUTINES/METHODS
-
This method checks for log entries which are associated with SSH daemon logins which have either been accepted or failed.
DEPENDENCIES
This module is powered by Moose. This module implements the BuzzSaw::Filter Moose role.
SEE ALSO
PLATFORMS
This is the list of platforms on which we have tested this software. We expect this software to work on any Unix-like platform which is supported by Perl.
ScientificLinux6
BUGS AND LIMITATIONS
Please report any bugs or problems (or praise!) to bugs@lcfg.org, feedback and patches are also always very welcome.
AUTHOR
Stephen Quinney <squinney@inf.ed.ac.uk>
LICENSE AND COPYRIGHT
Copyright (C) 2012 University of Edinburgh. All rights reserved.
This library is free software; you can redistribute it and/or modify it under the terms of the GPL, version 2 or later.