com.mozilla.secops.parser

Class Alert

java.lang.Object

com.mozilla.secops.parser.PayloadBase

com.mozilla.secops.parser.Alert

All Implemented Interfaces:

Serializable

public class Alert
extends PayloadBase
implements Serializable

Payload parser for incoming alert events

This parser will process alerts that are generated by pipelines, permitting ingestion of alerts as part of feedback from other analysis components.

See Also:

Serialized Form

Constructor Summary

Constructors

Constructor and Description
Alert() Construct matcher object.
Alert(String input, Event e, com.mozilla.secops.parser.ParserState state) Construct parser object.

Method Summary

Modifier and Type	Method and Description
Alert	getAlert() Get alert object
Payload.PayloadType	getType() Get payload type.
Boolean	matcher(String input, com.mozilla.secops.parser.ParserState state) Apply matcher.

Methods inherited from class com.mozilla.secops.parser.PayloadBase

eventIntegerValue, eventStringValue

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Alert

public Alert()

Construct matcher object.

Alert

public Alert(String input,
             Event e,
             com.mozilla.secops.parser.ParserState state)

Construct parser object.

Parameters:

input - Input string.

e - Parent Event.

state - State

Method Detail

getAlert

public Alert getAlert()

Get alert object

Returns:

Alert

matcher

public Boolean matcher(String input,
                       com.mozilla.secops.parser.ParserState state)

Description copied from class: PayloadBase

Apply matcher.

Overrides:

matcher in class PayloadBase

Parameters:

input - Input string.

state - ParserState

Returns:

True if matcher matches.

getType

public Payload.PayloadType getType()

Description copied from class: PayloadBase

Get payload type.

Overrides:

getType in class PayloadBase

Returns:

Payload.PayloadType