File¶
This documentation provides details about the data that can be faked for Logs.
To retrieve generated/fake data for Logs see the following capabilities:
from socfaker import SocFaker
sc = SocFaker()
print(sc.logs.syslog())
print(sc.logs.windows)
print(sc.logs.windows.eventlog())
print(sc.logs.windows.sysmon())
SysLog Class¶
-
class
socfaker.logstreamer.
LogStreamer
¶ The LogStreamer class will generate and stream logs in syslog format
-
generate
(type='clean', count=10)¶ Generates either clean syslogs or sprinkles ransomware communications through out the log stream
- Args:
- type (str, optional): The type of logs to generate. Options are ransomware or clean. Defaults to ‘clean’. count (int, optional): How many log events are generated. Defaults to 10.
- Returns:
- list: Returns a list of syslog events
-
Windows Event Log Class¶
Windows Symon Log Class¶
-
class
socfaker.sysmon.
SysMon
¶ The SysMon class will generate fake sysmon logs for Microsoft Windows operating systems
- Returns:
- SysMon: Returns an object containing a get method to retrieve generated sysmon logs
-
get
(count=1)¶ Returns a list of generated sysmon logs
- Args:
- count (int, optional): The number of sysmon logs to return. Defaults to 21.
- Returns:
- list: A list of generated sysmon logs