obrisane nepotrebne datoteke od zadnjeg builda
[ossec-hids.git] / alerts / getloglocation.c
1 /* @(#) $Id: ./src/analysisd/alerts/getloglocation.c, 2011/09/08 dcid Exp $
2  */
3
4 /* Copyright (C) 2009 Trend Micro Inc.
5  * All right reserved.
6  *
7  * This program is a free software; you can redistribute it
8  * and/or modify it under the terms of the GNU General Public
9  * License (version 2) as published by the FSF - Free Software
10  * Foundation
11  */
12
13
14 /* Get the log directory/file based on the day/month/year */
15
16
17 /* analysisd headers */
18 #include "getloglocation.h"
19
20 int __crt_day;
21 char __elogfile[OS_FLSIZE+1];
22 char __alogfile[OS_FLSIZE+1];
23 char __flogfile[OS_FLSIZE+1];
24         
25 /* OS_InitLog */
26 void OS_InitLog()
27 {
28     OS_InitFwLog();
29
30     __crt_day = 0;
31
32     /* alerts and events log file */
33     memset(__alogfile,'\0',OS_FLSIZE +1);
34     memset(__elogfile,'\0',OS_FLSIZE +1);
35     memset(__flogfile,'\0',OS_FLSIZE +1);
36
37     _eflog = NULL;
38     _aflog = NULL;
39     _fflog = NULL;
40
41     /* Setting the umask */
42     umask(0027);
43 }
44
45
46 /* gzips a log file
47 int OS_CompressLog(int yesterday, char *prev_month, int prev_year)
48
49   -- moved to monitord. 
50 */
51
52
53
54
55 /* OS_GetLogLocation: v0.1, 2005/04/25 */
56 int OS_GetLogLocation(Eventinfo *lf)
57 {
58     /* Checking what directories to create
59      * Checking if the year directory is there.
60      * If not, create it. Same for the month directory.
61      */
62
63     /* For the events */
64     if(_eflog)
65     {
66         if(ftell(_eflog) == 0)
67             unlink(__elogfile);
68         fclose(_eflog);
69         _eflog = NULL;
70     }
71
72     snprintf(__elogfile,OS_FLSIZE,"%s/%d/", EVENTS, lf->year);
73     if(IsDir(__elogfile) == -1)
74         if(mkdir(__elogfile,0770) == -1)
75         {
76             ErrorExit(MKDIR_ERROR,ARGV0,__elogfile);
77         }
78
79     snprintf(__elogfile,OS_FLSIZE,"%s/%d/%s", EVENTS, lf->year,lf->mon);
80
81     if(IsDir(__elogfile) == -1)
82         if(mkdir(__elogfile,0770) == -1)
83         {
84             ErrorExit(MKDIR_ERROR,ARGV0,__elogfile);
85         }
86
87
88     /* Creating the logfile name */
89     snprintf(__elogfile,OS_FLSIZE,"%s/%d/%s/ossec-%s-%02d.log",
90             EVENTS,
91             lf->year,
92             lf->mon,
93             "archive",
94             lf->day);
95
96
97     _eflog = fopen(__elogfile,"a");
98     if(!_eflog)
99         ErrorExit("%s: Error opening logfile: '%s'",ARGV0,__elogfile);
100
101     /* Creating a symlink */
102     unlink(EVENTS_DAILY);
103     link(__elogfile, EVENTS_DAILY);
104
105
106     /* for the alerts logs */
107     if(_aflog)
108     {
109         if(ftell(_aflog) == 0)
110             unlink(__alogfile);
111         fclose(_aflog);
112         _aflog = NULL;
113     }
114
115     snprintf(__alogfile,OS_FLSIZE,"%s/%d/", ALERTS, lf->year);
116     if(IsDir(__alogfile) == -1)
117         if(mkdir(__alogfile,0770) == -1)
118         {
119             ErrorExit(MKDIR_ERROR,ARGV0,__alogfile);
120         }
121
122     snprintf(__alogfile,OS_FLSIZE,"%s/%d/%s", ALERTS, lf->year,lf->mon);
123
124     if(IsDir(__alogfile) == -1)
125         if(mkdir(__alogfile,0770) == -1)
126         {
127             ErrorExit(MKDIR_ERROR,ARGV0,__alogfile);
128         }
129
130
131     /* Creating the logfile name */
132     snprintf(__alogfile,OS_FLSIZE,"%s/%d/%s/ossec-%s-%02d.log",
133             ALERTS,
134             lf->year,
135             lf->mon,
136             "alerts",
137             lf->day);
138
139     _aflog = fopen(__alogfile,"a");
140
141     if(!_aflog)
142         ErrorExit("%s: Error opening logfile: '%s'",ARGV0,__alogfile);
143
144     /* Creating a symlink */
145     unlink(ALERTS_DAILY);
146     link(__alogfile, ALERTS_DAILY);
147
148
149     /* For the firewall events */
150     if(_fflog)
151     {
152         if(ftell(_fflog) == 0)
153             unlink(__flogfile);
154         fclose(_fflog);
155         _fflog = NULL;
156     }
157
158     snprintf(__flogfile,OS_FLSIZE,"%s/%d/", FWLOGS, lf->year);
159     if(IsDir(__flogfile) == -1)
160         if(mkdir(__flogfile,0770) == -1)
161         {
162             ErrorExit(MKDIR_ERROR,ARGV0,__flogfile);
163         }
164
165     snprintf(__flogfile,OS_FLSIZE,"%s/%d/%s", FWLOGS, lf->year,lf->mon);
166
167     if(IsDir(__flogfile) == -1)
168         if(mkdir(__flogfile,0770) == -1)
169         {
170             ErrorExit(MKDIR_ERROR,ARGV0,__flogfile);
171         }
172
173
174     /* Creating the logfile name */
175     snprintf(__flogfile,OS_FLSIZE,"%s/%d/%s/ossec-%s-%02d.log",
176             FWLOGS,
177             lf->year,
178             lf->mon,
179             "firewall",
180             lf->day);
181
182     _fflog = fopen(__flogfile,"a");
183
184     if(!_fflog)
185         ErrorExit("%s: Error opening logfile: '%s'",ARGV0,__flogfile);
186
187
188     /* Creating a symlink */
189     unlink(FWLOGS_DAILY);
190     link(__flogfile, FWLOGS_DAILY);
191
192
193     /* Setting the new day */
194     __crt_day = lf->day;
195
196     return(0);
197 }
198
199 /* EOF */