1 /* @(#) $Id: ./src/monitord/report.c, 2011/09/08 dcid Exp $
4 /* Copyright (C) 2010 Trend Micro Inc.
7 * This program is a free software; you can redistribute it
8 * and/or modify it under the terms of the GNU General Public
9 * License (version 2) as published by the FSF - Free Software
18 /* ossec-reportd - Runs manual reports. */
21 printf("\nOSSEC HIDS %s: Generate reports (via stdin).\n", ARGV0);
22 printf("Available options:\n");
23 printf("\t-h This help message.\n");
24 printf("\t-f <filter> <value> Filter the results.\n");
25 printf("\t-r <filter> <value> Show related entries.\n");
26 printf("\t-n Creates a description for the report.\n");
27 printf("\t-s Show the alert dump.\n");
29 printf("\tFilters allowed: group, rule, level, location,\n");
30 printf("\t user, srcip, filename\n");
32 printf("Examples:\n");
33 printf("\t-f group authentication_success (to filter on login success).\n");
34 printf("\t-f level 10 (to filter on level >= 10).\n");
35 printf("\t-f group authentication -r user srcip (to show the srcip for all users).\n");
41 int main(int argc, char **argv)
43 int c, test_config = 0;
45 char *dir = DEFAULTDIR;
47 char *group = GROUPGLOBAL;
48 char *cfg = DEFAULTCPATH;
50 char *filter_by = NULL;
51 char *filter_value = NULL;
53 char *related_of = NULL;
54 char *related_values = NULL;
55 report_filter r_filter;
58 /* Setting the name */
61 r_filter.group = NULL;
63 r_filter.level = NULL;
64 r_filter.location = NULL;
65 r_filter.srcip = NULL;
67 r_filter.files = NULL;
68 r_filter.show_alerts = 0;
70 r_filter.related_group = 0;
71 r_filter.related_rule = 0;
72 r_filter.related_level = 0;
73 r_filter.related_location = 0;
74 r_filter.related_srcip = 0;
75 r_filter.related_user = 0;
76 r_filter.related_file = 0;
78 r_filter.report_name = NULL;
80 while((c = getopt(argc, argv, "Vdhstu:g:D:c:f:v:n:r:")) != -1)
94 ErrorExit("%s: -n needs an argument",ARGV0);
95 r_filter.report_name = optarg;
98 if(!optarg || !argv[optind])
99 ErrorExit("%s: -r needs two argument",ARGV0);
101 related_values = argv[optind];
103 if(os_report_configfilter(related_of, related_values,
104 &r_filter, REPORT_RELATED) < 0)
106 ErrorExit(CONFIG_ERROR, ARGV0, "user argument");
112 ErrorExit("%s: -f needs two argument",ARGV0);
114 filter_value = argv[optind];
116 if(os_report_configfilter(filter_by, filter_value,
117 &r_filter, REPORT_FILTER) < 0)
119 ErrorExit(CONFIG_ERROR, ARGV0, "user argument");
125 ErrorExit("%s: -u needs an argument",ARGV0);
130 ErrorExit("%s: -g needs an argument",ARGV0);
135 ErrorExit("%s: -D needs an argument",ARGV0);
140 ErrorExit("%s: -c needs an argument",ARGV0);
147 r_filter.show_alerts = 1;
156 /* Starting daemon */
157 debug1(STARTED_MSG,ARGV0);
159 /* Check if the user/group given are valid */
160 uid = Privsep_GetUser(user);
161 gid = Privsep_GetGroup(group);
162 if((uid < 0)||(gid < 0))
163 ErrorExit(USER_ERROR,ARGV0,user,group);
167 /* Exit here if test config is set */
172 /* Privilege separation */
173 if(Privsep_SetGroup(gid) < 0)
174 ErrorExit(SETGID_ERROR,ARGV0,group);
178 if(Privsep_Chroot(dir) < 0)
179 ErrorExit(CHROOT_ERROR,ARGV0,dir);
186 if(Privsep_SetUser(uid) < 0)
187 ErrorExit(SETUID_ERROR,ARGV0,user);
190 debug1(PRIVSEP_MSG,ARGV0,dir,user);
194 /* Signal manipulation */
199 /* Creating PID files */
200 if(CreatePID(ARGV0, getpid()) < 0)
201 ErrorExit(PID_ERROR,ARGV0);
204 /* Start up message */
205 verbose(STARTUP_MSG, ARGV0, (int)getpid());
207 /* the real stuff now */
208 os_ReportdStart(&r_filter);
projects / ossec-hids.git / blob