File¶

This documentation provides details about the data that can be faked for Logs.

To retrieve generated/fake data for Logs see the following capabilities:

from socfaker import SocFaker

sc = SocFaker()

print(sc.logs.syslog())
print(sc.logs.windows)
print(sc.logs.windows.eventlog())
print(sc.logs.windows.sysmon())

SysLog Class¶

class socfaker.logstreamer.LogStreamer¶

The LogStreamer class will generate and stream logs in syslog format

generate(type='clean', count=10)¶

Generates either clean syslogs or sprinkles ransomware communications through out the log stream

Args:: type (str, optional): The type of logs to generate. Options are ransomware or clean. Defaults to ‘clean’. count (int, optional): How many log events are generated. Defaults to 10.
Returns:: list: Returns a list of syslog events

Windows Event Log Class¶

class socfaker.windowseventlog.WindowsEventLog(json=False)¶

get(count=1, computer_name=None, os_version='Windows')¶

Windows Symon Log Class¶

class socfaker.sysmon.SysMon¶

The SysMon class will generate fake sysmon logs for Microsoft Windows operating systems

Returns:: SysMon: Returns an object containing a get method to retrieve generated sysmon logs

get(count=1)¶

Returns a list of generated sysmon logs

Args:: count (int, optional): The number of sysmon logs to return. Defaults to 21.
Returns:: list: A list of generated sysmon logs

File¶

SysLog Class¶

Windows Event Log Class¶

Windows Symon Log Class¶

soc-faker

Navigation

Related Topics