This section explains how to register events using Kaspersky Industrial CyberSecurity for Networks API RPC calls.
Overview
Events are messages generated by Kaspersky Industrial CyberSecurity for Networks in response to triggered event rules.
In addition to getting events from Kaspersky Industrial CyberSecurity for Networks, you can register your own events in Kaspersky Industrial CyberSecurity for Networks. Kaspersky Industrial CyberSecurity for Networks handles these events as it does any other events.
You can register events in Kaspersky Industrial CyberSecurity for Networks by using the EventRegistrar service methods. This service is defined in the event_registrar_service.proto file. Messages and enumerations are defined in the event_registrar_service and common.proto files.
The EventRegistrar service has the following method for registering events:
PostGenericEventsRegisters one or more events.
This is a request-streaming RPC. You can send events to Kaspersky Industrial CyberSecurity for Networks synchronously or asynchronously.
Registering events (example)
To register events, use the PostGenericEvents method. This method receives a stream of generic events.
In the following example, a stub sends three identical events to Kaspersky Industrial CyberSecurity for Networks synchronously and asynchronously. In response, the PostGenericEvents method returns an empty protocol buffer (protobuf).
registrarStub = event_registrar_service_pb2_grpc.EventRegistrarStub(channel)
#rpc PostGenericEvents(stream NewGenericEvent) returns(google.protobuf.Empty);
# create an event sample_event = event_registrar_pb2.NewGenericEvent( eventTypeId=57, occurred=google_dot_protobuf_dot_timestamp__pb2.Timestamp(), triggeredRule="test rule", extraParams= [ common_pb2.MessageParameter(name="Custom_string", stringVal="Custom value 100"), common_pb2.MessageParameter(name="Custom_int64", int64Val=100), ] ) # set time sample_event.occurred.GetCurrentTime() # append an extra parameter extra_param = sample_event.extraParams.add() extra_param.name = "Custom_bool" extra_param.boolVal=True
# create an iterator from a list of events request = iter([sample_event, sample_event, sample_event])
# synchronous RPC call response = registrarStub.PostGenericEvents(request) print("Response is:", response)
# asynchronous RPC call response_future = registrarStub.PostGenericEvents.future(request) response = response_future.result() print("Response is:", response) |