X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?a=blobdiff_plain;f=src%2Fmonitord%2Freport.c;h=5d7547ae54abcf857e31c07af95793a91cba8b45;hb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;hp=bddeb89283ea799ce21b9381f250081f0967a5d6;hpb=914feba5d54f979cd5d7e69c349c3d01f630042a;p=ossec-hids.git diff --git a/src/monitord/report.c b/src/monitord/report.c index bddeb89..5d7547a 100755 --- a/src/monitord/report.c +++ b/src/monitord/report.c @@ -1,11 +1,12 @@ -/* @(#) $Id: report.c,v 1.4 2009/06/24 17:06:27 dcid Exp $ */ +/* @(#) $Id: ./src/monitord/report.c, 2011/09/08 dcid Exp $ + */ -/* Copyright (C) 2009 Trend Micro Inc. +/* Copyright (C) 2010 Trend Micro Inc. * All rights reserved. * * This program is a free software; you can redistribute it * and/or modify it under the terms of the GNU General Public - * License (version 3) as published by the FSF - Free Software + * License (version 2) as published by the FSF - Free Software * Foundation */ @@ -23,8 +24,13 @@ void report_help() printf("\t-f Filter the results.\n"); printf("\t-r Show related entries.\n"); printf("\t-n Creates a description for the report.\n"); + printf("\t-s Show the alert dump.\n"); + printf("\n"); + printf("\tFilters allowed: group, rule, level, location,\n"); + printf("\t user, srcip, filename\n"); + printf("\n"); printf("Examples:\n"); - printf("\t-f group authentication success (to filter on login success).\n"); + printf("\t-f group authentication_success (to filter on login success).\n"); printf("\t-f level 10 (to filter on level >= 10).\n"); printf("\t-f group authentication -r user srcip (to show the srcip for all users).\n"); exit(1); @@ -51,11 +57,15 @@ int main(int argc, char **argv) /* Setting the name */ OS_SetName(ARGV0); - + r_filter.group = NULL; r_filter.rule = NULL; r_filter.level = NULL; r_filter.location = NULL; + r_filter.srcip = NULL; + r_filter.user = NULL; + r_filter.files = NULL; + r_filter.show_alerts = 0; r_filter.related_group = 0; r_filter.related_rule = 0; @@ -63,17 +73,18 @@ int main(int argc, char **argv) r_filter.related_location = 0; r_filter.related_srcip = 0; r_filter.related_user = 0; - + r_filter.related_file = 0; + r_filter.report_name = NULL; - while((c = getopt(argc, argv, "Vdhtu:g:D:c:f:v:n:r:")) != -1) + while((c = getopt(argc, argv, "Vdhstu:g:D:c:f:v:n:r:")) != -1) { switch(c){ case 'V': print_version(); break; case 'h': - report_help(ARGV0); + report_help(); break; case 'd': nowDebug(); @@ -85,8 +96,8 @@ int main(int argc, char **argv) break; case 'r': if(!optarg || !argv[optind]) - ErrorExit("%s: -r needs two argument",ARGV0); - related_of = optarg; + ErrorExit("%s: -r needs two argument",ARGV0); + related_of = optarg; related_values = argv[optind]; if(os_report_configfilter(related_of, related_values, @@ -102,7 +113,7 @@ int main(int argc, char **argv) filter_by = optarg; filter_value = argv[optind]; - if(os_report_configfilter(filter_by, filter_value, + if(os_report_configfilter(filter_by, filter_value, &r_filter, REPORT_FILTER) < 0) { ErrorExit(CONFIG_ERROR, ARGV0, "user argument"); @@ -123,16 +134,20 @@ int main(int argc, char **argv) if(!optarg) ErrorExit("%s: -D needs an argument",ARGV0); dir=optarg; + break; case 'c': if(!optarg) ErrorExit("%s: -c needs an argument",ARGV0); cfg = optarg; break; case 't': - test_config = 1; + test_config = 1; + break; + case 's': + r_filter.show_alerts = 1; break; default: - report_help(ARGV0); + report_help(); break; } @@ -147,18 +162,18 @@ int main(int argc, char **argv) if((uid < 0)||(gid < 0)) ErrorExit(USER_ERROR,ARGV0,user,group); - + /* Exit here if test config is set */ if(test_config) exit(0); - + /* Privilege separation */ if(Privsep_SetGroup(gid) < 0) ErrorExit(SETGID_ERROR,ARGV0,group); - + /* chrooting */ if(Privsep_Chroot(dir) < 0) ErrorExit(CHROOT_ERROR,ARGV0,dir); @@ -166,8 +181,8 @@ int main(int argc, char **argv) nowChroot(); - - /* Changing user */ + + /* Changing user */ if(Privsep_SetUser(uid) < 0) ErrorExit(SETUID_ERROR,ARGV0,user); @@ -179,16 +194,15 @@ int main(int argc, char **argv) /* Signal manipulation */ StartSIG(ARGV0); - + /* Creating PID files */ if(CreatePID(ARGV0, getpid()) < 0) ErrorExit(PID_ERROR,ARGV0); - + /* Start up message */ verbose(STARTUP_MSG, ARGV0, (int)getpid()); - /* the real stuff now */ os_ReportdStart(&r_filter);