projects
/
ossec-hids.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
dodan override za lintian
[ossec-hids.git]
/
src
/
monitord
/
report.c
diff --git
a/src/monitord/report.c
b/src/monitord/report.c
index
bddeb89
..
a47a51e
100755
(executable)
--- a/
src/monitord/report.c
+++ b/
src/monitord/report.c
@@
-1,11
+1,12
@@
-/* @(#) $Id: report.c,v 1.4 2009/06/24 17:06:27 dcid Exp $ */
+/* @(#) $Id: ./src/monitord/report.c, 2011/09/08 dcid Exp $
+ */
-/* Copyright (C) 2009 Trend Micro Inc.
+/* Copyright (C) 2010 Trend Micro Inc.
* All rights reserved.
*
* This program is a free software; you can redistribute it
* and/or modify it under the terms of the GNU General Public
* All rights reserved.
*
* This program is a free software; you can redistribute it
* and/or modify it under the terms of the GNU General Public
- * License (version 3) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software
* Foundation
*/
* Foundation
*/
@@
-23,8
+24,13
@@
void report_help()
printf("\t-f <filter> <value> Filter the results.\n");
printf("\t-r <filter> <value> Show related entries.\n");
printf("\t-n Creates a description for the report.\n");
printf("\t-f <filter> <value> Filter the results.\n");
printf("\t-r <filter> <value> Show related entries.\n");
printf("\t-n Creates a description for the report.\n");
+ printf("\t-s Show the alert dump.\n");
+ printf("\n");
+ printf("\tFilters allowed: group, rule, level, location,\n");
+ printf("\t user, srcip, filename\n");
+ printf("\n");
printf("Examples:\n");
printf("Examples:\n");
- printf("\t-f group authentication success (to filter on login success).\n");
+ printf("\t-f group authentication_success (to filter on login success).\n");
printf("\t-f level 10 (to filter on level >= 10).\n");
printf("\t-f group authentication -r user srcip (to show the srcip for all users).\n");
exit(1);
printf("\t-f level 10 (to filter on level >= 10).\n");
printf("\t-f group authentication -r user srcip (to show the srcip for all users).\n");
exit(1);
@@
-39,7
+45,8
@@
int main(int argc, char **argv)
char *dir = DEFAULTDIR;
char *user = USER;
char *group = GROUPGLOBAL;
char *dir = DEFAULTDIR;
char *user = USER;
char *group = GROUPGLOBAL;
- char *cfg = DEFAULTCPATH;
+ // TODO: delete or implement
+ char *cfg __attribute__((unused)) = DEFAULTCPATH;
char *filter_by = NULL;
char *filter_value = NULL;
char *filter_by = NULL;
char *filter_value = NULL;
@@
-51,11
+58,15
@@
int main(int argc, char **argv)
/* Setting the name */
OS_SetName(ARGV0);
/* Setting the name */
OS_SetName(ARGV0);
-
+
r_filter.group = NULL;
r_filter.rule = NULL;
r_filter.level = NULL;
r_filter.location = NULL;
r_filter.group = NULL;
r_filter.rule = NULL;
r_filter.level = NULL;
r_filter.location = NULL;
+ r_filter.srcip = NULL;
+ r_filter.user = NULL;
+ r_filter.files = NULL;
+ r_filter.show_alerts = 0;
r_filter.related_group = 0;
r_filter.related_rule = 0;
r_filter.related_group = 0;
r_filter.related_rule = 0;
@@
-63,17
+74,18
@@
int main(int argc, char **argv)
r_filter.related_location = 0;
r_filter.related_srcip = 0;
r_filter.related_user = 0;
r_filter.related_location = 0;
r_filter.related_srcip = 0;
r_filter.related_user = 0;
-
+ r_filter.related_file = 0;
+
r_filter.report_name = NULL;
r_filter.report_name = NULL;
- while((c = getopt(argc, argv, "Vdhtu:g:D:c:f:v:n:r:")) != -1)
+ while((c = getopt(argc, argv, "Vdhstu:g:D:c:f:v:n:r:")) != -1)
{
switch(c){
case 'V':
print_version();
break;
case 'h':
{
switch(c){
case 'V':
print_version();
break;
case 'h':
- report_help(ARGV0);
+ report_help();
break;
case 'd':
nowDebug();
break;
case 'd':
nowDebug();
@@
-85,8
+97,8
@@
int main(int argc, char **argv)
break;
case 'r':
if(!optarg || !argv[optind])
break;
case 'r':
if(!optarg || !argv[optind])
- ErrorExit("%s: -r needs two argument",ARGV0);
- related_of = optarg;
+ ErrorExit("%s: -r needs two argument",ARGV0);
+ related_of = optarg;
related_values = argv[optind];
if(os_report_configfilter(related_of, related_values,
related_values = argv[optind];
if(os_report_configfilter(related_of, related_values,
@@
-102,7
+114,7
@@
int main(int argc, char **argv)
filter_by = optarg;
filter_value = argv[optind];
filter_by = optarg;
filter_value = argv[optind];
- if(os_report_configfilter(filter_by, filter_value,
+ if(os_report_configfilter(filter_by, filter_value,
&r_filter, REPORT_FILTER) < 0)
{
ErrorExit(CONFIG_ERROR, ARGV0, "user argument");
&r_filter, REPORT_FILTER) < 0)
{
ErrorExit(CONFIG_ERROR, ARGV0, "user argument");
@@
-123,16
+135,20
@@
int main(int argc, char **argv)
if(!optarg)
ErrorExit("%s: -D needs an argument",ARGV0);
dir=optarg;
if(!optarg)
ErrorExit("%s: -D needs an argument",ARGV0);
dir=optarg;
+ break;
case 'c':
if(!optarg)
ErrorExit("%s: -c needs an argument",ARGV0);
cfg = optarg;
break;
case 't':
case 'c':
if(!optarg)
ErrorExit("%s: -c needs an argument",ARGV0);
cfg = optarg;
break;
case 't':
- test_config = 1;
+ test_config = 1;
+ break;
+ case 's':
+ r_filter.show_alerts = 1;
break;
default:
break;
default:
- report_help(ARGV0);
+ report_help();
break;
}
break;
}
@@
-147,18
+163,18
@@
int main(int argc, char **argv)
if((uid < 0)||(gid < 0))
ErrorExit(USER_ERROR,ARGV0,user,group);
if((uid < 0)||(gid < 0))
ErrorExit(USER_ERROR,ARGV0,user,group);
-
+
/* Exit here if test config is set */
if(test_config)
exit(0);
/* Exit here if test config is set */
if(test_config)
exit(0);
-
- /* Privilege separation */
+
+ /* Privilege separation */
if(Privsep_SetGroup(gid) < 0)
ErrorExit(SETGID_ERROR,ARGV0,group);
if(Privsep_SetGroup(gid) < 0)
ErrorExit(SETGID_ERROR,ARGV0,group);
-
+
/* chrooting */
if(Privsep_Chroot(dir) < 0)
ErrorExit(CHROOT_ERROR,ARGV0,dir);
/* chrooting */
if(Privsep_Chroot(dir) < 0)
ErrorExit(CHROOT_ERROR,ARGV0,dir);
@@
-166,8
+182,8
@@
int main(int argc, char **argv)
nowChroot();
nowChroot();
-
- /* Changing user */
+
+ /* Changing user */
if(Privsep_SetUser(uid) < 0)
ErrorExit(SETUID_ERROR,ARGV0,user);
if(Privsep_SetUser(uid) < 0)
ErrorExit(SETUID_ERROR,ARGV0,user);
@@
-179,18
+195,17
@@
int main(int argc, char **argv)
/* Signal manipulation */
StartSIG(ARGV0);
/* Signal manipulation */
StartSIG(ARGV0);
-
+
/* Creating PID files */
if(CreatePID(ARGV0, getpid()) < 0)
ErrorExit(PID_ERROR,ARGV0);
/* Creating PID files */
if(CreatePID(ARGV0, getpid()) < 0)
ErrorExit(PID_ERROR,ARGV0);
-
+
/* Start up message */
verbose(STARTUP_MSG, ARGV0, (int)getpid());
/* Start up message */
verbose(STARTUP_MSG, ARGV0, (int)getpid());
-
- /* the real stuff now */
+ /* the real stuff now */
os_ReportdStart(&r_filter);
exit(0);
}
os_ReportdStart(&r_filter);
exit(0);
}