/usr/lib/python3/dist-packages/pycadf/eventfactory.py is in python3-pycadf 2.2.0-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 | # Copyright 2013 IBM Corp.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may not
# use this file except in compliance with the License. You may obtain a copy of
# the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations under
# the License.
from pycadf import cadftype
from pycadf import event
ERROR_UNKNOWN_EVENTTYPE = 'Unknown CADF EventType requested on factory method'
class EventFactory(object):
"""Factory class to create different required attributes for
the following CADF event types:
'activity': for tracking any interesting system activities for audit
'monitor': Events that carry Metrics and Measurements and support
standards such as NIST
'control': For audit events that are based upon (security) policies
and reflect some policy decision.
"""
def new_event(self, eventType=cadftype.EVENTTYPE_ACTIVITY, **kwargs):
"""Create new event
:param eventType: eventType of event. Defaults to 'activity'
"""
# for now, construct a base ('activity') event as the default
event_val = event.Event(**kwargs)
if not cadftype.is_valid_eventType(eventType):
raise ValueError(ERROR_UNKNOWN_EVENTTYPE)
event_val.eventType = eventType
# TODO(mrutkows): CADF is only being used for basic
# 'activity' auditing (on APIs). An IF-ELIF will
# become more meaningful as we add support for other
# event types.
# elif eventType == cadftype.EVENTTYPE_MONITOR:
# # TODO(mrutkows): If we add support for standard (NIST)
# # monitoring messages, we will would have a "monitor"
# # subclass of the CADF Event type and create it here
# event_val.set_eventType(cadftype.EVENTTYPE_MONITOR)
# elif eventType == cadftype.EVENTTYPE_CONTROL:
# # TODO(mrutkows): If we add support for standard (NIST)
# # monitoring messages, we will would have a "control"
# # subclass of the CADF Event type and create it here
# event_val.set_eventType(cadftype.EVENTTYPE_CONTROL)
return event_val
|