npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

log4js-qradar-syslog-appender

v2.1.2

Published

Node.js Log4js syslog appender for QRadar

Downloads

13,614

Readme

Build Status

IBM Bluemix DevOps Services - node-log4js-syslog-appender

This module is a qradar syslog appender for node-log4js.

Link to IBM Cloud DevOps Toolchains.

This is one of hundreds of IBM Open Source projects at GitHub.

License

The MIT License (MIT)

Contributing

Contributions are welcome via Pull Requests. Please submit your very first Pull Request against the Developer's Certificate of Origin, adding a line like the following to the end of the file... using your name and email address of course!

Note that all contributions must be submitted through pull requests and have to pass the Travis Status Checks in order for code to be merged into master.

Signed-off-by: John Doe [email protected]

Usage

Pre-requisites

You must be using log4js-node 3.x or higher, and must call log4js.configure('/path/to/log4js.json') somewhere in your code.

To upgrade

  • npm i log4js-qradar-syslog-appender@latest --save

To install

npm i log4js-qradar-syslog-appender --save

  • Set the following environment variable to true in order to enable the appender: export log4js_syslog_appender_enabled=true
  • The default behavior is all log messages will be send to syslog, you can override this behavior by specifying which loggers' log messages to send via the comma separated list env var export log4js_syslog_appender_whitelist=audit-logs
  • For local deveopment only: Add the following appender to your log4js.json file (note this is the minimal valid configuration):
{
        "type": "log4js-qradar-syslog-appender",
        "options": {
                "host": "syslog.prd.ccs.ibmcloud.com",
                "port": "6514",
                "product": "otc-api"
          }
}
  • For production environments (and in source), only push the following in the log4js.json file:
{
        "type": "log4js-qradar-syslog-appender",
        "options": {}
}
  • Set the following env vars (in pipeline - values depending on your setup/app):
export log4js_syslog_appender_enabled=true
export log4js_syslog_appender_whitelist=audit-logs,audit-logs-v2
export log4js_syslog_appender_host=syslog.prd.ccs.ibmcloud.com
export log4js_syslog_appender_port=6514
export log4js_syslog_appender_product=otc-api
export log4js_syslog_appender_url=devops.ng.bluemix.net

Use with default syslog

You can use this appender with any default UDP syslog in unencrypted mode. The environment setup is very similar to above:

export log4js_syslog_appender_enabled=true
export log4js_syslog_appender_useUdpSyslog=true
export log4js_syslog_appender_whitelist=audit-logs,audit-logs-v2
export log4js_syslog_appender_host=localhost
export log4js_syslog_appender_port=514
export log4js_syslog_appender_product=otc-api
export log4js_syslog_appender_url=devops.ng.bluemix.net

Setting Certificates

There are two ways of setting the certs, either through a path (meaning you have to check the certs into source control - so not ideal) or preferably, by setting the base64 encoded values as env vars.

Option 1: Checking them into source control, then specifying the path to them

export log4js_syslog_appender_certificatePath=keys/IDS-crt.pem
export log4js_syslog_appender_privateKeyPath=keys/IDS-key.pem
export log4js_syslog_appender_caPath=keys/ca.pem

Option 2: A more secure way is actually setting the cert itself as env vars.

Note: To shorten the length, we use the base64 encoded values of the certs.

export log4js_syslog_appender_certificateBase64=zeaalkjsdfkalsdjfkrlasdjflkasjdlfkjsdfKLJFLSKDJF9f34...
export log4js_syslog_appender_privateKeyBase64=pop4545FDSFalkjsdfrkalsdjfklasdjflkasjdlfkjsdfKLJFLSKDJF9f34...
export log4js_syslog_appender_caBase64=ee3rr435F43alkjsdfkalsdjfklasdjflkasjdlfkjsdfKLJFLSKDJF9f34...

Allow connections to servers with self signed certs. By default, these connections will fail.

export log4js_syslog_appender_rejectUnauthorized=false