source: trunk/include/sh_log_evalrule.h@ 312

Last change on this file since 312 was 272, checked in by katerina, 15 years ago

Fixes tickets #190, #191, #192, #193, and #194.

File size: 1.4 KB
RevLine 
[183]1#ifndef SH_EVALRULE_H
2#define SH_EVALRULE_H
3
4/* Clean up everything.
5 */
6void sh_eval_cleanup();
7
8/* Define a new reporting queue, str := label:interval:(report|sum):severity
9 */
10int sh_eval_qadd (const char * str);
11
12/* Add a new rule, str := queue:regex
13 * If there is an open group, add it to its rules.
14 * ..else, add it to the currently open host (open the
15 * default host, if there is no open one)
16 */
17int sh_eval_radd (const char * str);
18
19/* Open a new host group definition.
20 */
21int sh_eval_hadd (const char * str);
22/*
23 * End the host definition
24 */
25int sh_eval_hend (const char * str);
26
27
28/* Open a new group definition. If a host is currently open,
29 * the new group will automatically be added to that host.
30 */
31int sh_eval_gadd (const char * str);
32/*
33 * End the group definition
34 */
35int sh_eval_gend (const char * str);
36
[260]37/* Process a single log record
38 */
[183]39int sh_eval_process_msg(struct sh_logrecord * record);
[260]40
[265]41enum policies {
42 EVAL_REPORT,
43 EVAL_SUM
44};
[260]45
[265]46struct sh_qeval /* Queue with definitions */
47{
48 sh_string * label;
49 enum policies policy;
50 int severity;
[272]51 sh_string * alias;
[265]52 time_t interval; /* if EVAL_SUM, interval */
53 struct sh_qeval * next;
54};
55
56struct sh_qeval * sh_log_find_queue(const char * str);
57
58int sh_log_lookup_severity(const char * str);
[272]59sh_string * sh_log_lookup_alias(const char * str);
[265]60
[183]61#endif
Note: See TracBrowser for help on using the repository browser.