-/* @(#) $Id: eventinfo.h,v 1.37 2009/07/24 18:34:11 dcid Exp $ */
+/* @(#) $Id: ./src/analysisd/eventinfo.h, 2011/09/08 dcid Exp $
+ */
/* Copyright (C) 2009 Trend Micro Inc.
* All right reserved.
*
* This program is a free software; you can redistribute it
* and/or modify it under the terms of the GNU General Public
- * License (version 3) as published by the FSF - Free Software
+ * License (version 2) as published by the FSF - Free Software
* Foundation
*/
/* Other internal variables */
short int matched;
-
+
int time;
int day;
int year;
- char hour[9];
+ char hour[10];
char mon[4];
+
+ /* SYSCHECK Results variables */
+ char *filename;
+ int perm_before;
+ int perm_after;
+ char *md5_before;
+ char *md5_after;
+ char *sha1_before;
+ char *sha1_after;
+ char *size_before;
+ char *size_after;
+ char *owner_before;
+ char *owner_after;
+ char *gowner_before;
+ char *gowner_after;
}Eventinfo;
+/* For test rule only. */
+#ifdef TESTRULE
+int full_output;
+int alert_only;
+#endif
+
+
/** Types of events (from decoders) **/
#define UNKNOWN 0 /* Unkown */
#define SYSLOG 1 /* syslog messages */
#define FIREWALL 3 /* Firewall events */
#define WEBLOG 7 /* Apache logs */
#define SQUID 8 /* Squid logs */
-#define WINDOWS 9 /* Windows logs */
+#define DECODER_WINDOWS 9 /* Windows logs */
#define HOST_INFO 10 /* Host information logs (from nmap or similar) */
#define OSSEC_RL 11 /* Ossec rules */
#define OSSEC_ALERT 12 /* Ossec Alerts */