+
+void OS_LogOutput(Eventinfo *lf)
+{
+#ifdef GEOIP
+ char geoip_msg_src[OS_SIZE_1024 +1];
+ char geoip_msg_dst[OS_SIZE_1024 +1];
+ geoip_msg_src[0] = '\0';
+ geoip_msg_dst[0] = '\0';
+ if (Config.loggeoip) {
+ if (lf->srcip) { strncpy(geoip_msg_src, GeoIPLookup(lf->srcip), OS_SIZE_1024); }
+ if (lf->dstip) { strncpy(geoip_msg_dst, GeoIPLookup(lf->dstip), OS_SIZE_1024); }
+ }
+#endif
+ printf(
+ "** Alert %d.%ld:%s - %s\n"
+ "%d %s %02d %s %s%s%s\nRule: %d (level %d) -> '%s'"
+ "%s%s%s%s%s%s%s%s%s%s%s%s%s%s\n%.1256s\n",
+ lf->time,
+ __crt_ftell,
+ lf->generated_rule->alert_opts & DO_MAILALERT?" mail ":"",
+ lf->generated_rule->group,
+ lf->year,
+ lf->mon,
+ lf->day,
+ lf->hour,
+ lf->hostname != lf->location?lf->hostname:"",
+ lf->hostname != lf->location?"->":"",
+ lf->location,
+ lf->generated_rule->sigid,
+ lf->generated_rule->level,
+ lf->generated_rule->comment,
+
+ lf->srcip == NULL?"":"\nSrc IP: ",
+ lf->srcip == NULL?"":lf->srcip,
+
+#ifdef GEOIP
+ (strlen(geoip_msg_src) == 0)?"":"\nSrc Location: ",
+ (strlen(geoip_msg_src) == 0)?"":geoip_msg_src,
+#else
+ "",
+ "",
+#endif
+
+ lf->srcport == NULL?"":"\nSrc Port: ",
+ lf->srcport == NULL?"":lf->srcport,
+
+ lf->dstip == NULL?"":"\nDst IP: ",
+ lf->dstip == NULL?"":lf->dstip,
+
+#ifdef GEOIP
+ (strlen(geoip_msg_dst) == 0)?"":"\nDst Location: ",
+ (strlen(geoip_msg_dst) == 0)?"":geoip_msg_dst,
+#else
+ "",
+ "",
+#endif
+
+ lf->dstport == NULL?"":"\nDst Port: ",
+ lf->dstport == NULL?"":lf->dstport,
+
+ lf->dstuser == NULL?"":"\nUser: ",
+ lf->dstuser == NULL?"":lf->dstuser,
+
+ lf->full_log);
+
+
+ /* Printing the last events if present */
+ if(lf->generated_rule->last_events)
+ {
+ char **lasts = lf->generated_rule->last_events;
+ while(*lasts)
+ {
+ printf("%.1256s\n",*lasts);
+ lasts++;
+ }
+ lf->generated_rule->last_events[0] = NULL;
+ }
+
+ printf("\n");
+
+ fflush(stdout);
+ return;
+}
+
+
+