source: trunk/src/sh_log_parse_generic.c @ 362

Last change on this file since 362 was 362, checked in by katerina, 10 years ago

Fix for ticket #267 (Multiple compiler warnings with gcc 4.6.1).

File size: 2.2 KB
Line 
1/**************************************
2 **
3 ** PARSER RULES
4 **
5 ** (a) must set record->host
6 **     (eventually to dummy value)
7 **
8 ** (b) must set record->prefix
9 **     (itoa(status))
10 **
11 **
12 **************************************/
13
14#include "config_xor.h"
15
16#ifdef USE_LOGFILE_MONITOR
17
18#undef  FIL__
19#define FIL__  _("sh_log_parse_apache.c")
20
21#include <string.h>
22#include <time.h>
23
24/* Debian/Ubuntu: libpcre3-dev */
25#ifdef HAVE_PCRE_PCRE_H
26#include <pcre/pcre.h>
27#else
28#include <pcre.h>
29#endif
30
31#include "samhain.h"
32#include "sh_log_check.h"
33#include "sh_string.h"
34
35struct sh_fileinfo_generic {
36  pcre * line_regex;
37  int  * line_ovector;         /* captured substrings     */
38  int    line_ovecnum;         /* how many captured       */
39 
40  int    pos_host;
41  int    pos_status;
42  int    pos_time;
43  char * format_time;
44};
45
46static void default_time (struct sh_logrecord * record)
47{
48  struct tm ts;
49  char   tmp[80];
50  size_t len;
51
52  record->timestamp = time(NULL);
53 
54#if defined(HAVE_PTHREAD) && defined (_POSIX_THREAD_SAFE_FUNCTIONS) && defined(HAVE_LOCALTIME_R)
55  localtime_r (&(record->timestamp), &ts);
56#else
57  memcpy(&ts, localtime(&(record->timestamp)), sizeof(struct tm));
58#endif
59  len = strftime(tmp, sizeof(tmp), _("%Y-%m-%dT%H:%M:%S"), &ts);
60
61  record->timestr   = sh_string_new_from_lchar(tmp, len);
62
63  return;
64}
65
66static void default_host (struct sh_logrecord * record)
67{
68  record->host      = sh_string_new_from_lchar(sh.host.name, strlen(sh.host.name));
69  return;
70}
71
72sh_string * sh_read_shell (sh_string * record, struct sh_logfile * logfile)
73{
74  return sh_command_reader (record, logfile);
75}
76
77struct sh_logrecord * sh_parse_shell (sh_string * logline, void * fileinfo)
78{
79  (void) fileinfo;
80
81  if (logline)
82    {
83      struct sh_logrecord * record = SH_ALLOC(sizeof(struct sh_logrecord));
84
85      default_time(record);
86      default_host(record);
87
88      record->message   = sh_string_new_from_lchar(sh_string_str(logline), 
89                                                   sh_string_len(logline));
90      record->pid       = PID_INVALID;
91      return record;
92    }
93  return NULL;
94}
95
96void * sh_eval_fileinfo_generic(char * str)
97{
98  (void) str;
99
100  return NULL;
101}
102
103struct sh_logrecord * sh_parse_generic (sh_string * logline, void * fileinfo)
104{
105  (void) logline;
106  (void) fileinfo;
107
108  return NULL;
109}
110
111#endif
Note: See TracBrowser for help on using the repository browser.