#include "prelude.h"
#endif
+#ifdef ZEROMQ_OUTPUT
+#include "zeromq_output.h"
+#endif
/** Global data **/
#endif
{
int c = 0, m_queue = 0, test_config = 0,run_foreground = 0;
+ int debug_level = 0;
char *dir = DEFAULTDIR;
char *user = USER;
char *group = GROUPGLOBAL;
break;
case 'd':
nowDebug();
+ debug_level = 1;
break;
case 'f':
run_foreground = 1;
}
+ /* Check current debug_level
+ * Command line setting takes precedence
+ */
+ if (debug_level == 0)
+ {
+ /* Getting debug level */
+ debug_level = getDefine_Int("analysisd", "debug", 0, 2);
+ while(debug_level != 0)
+ {
+ nowDebug();
+ debug_level--;
+ }
+ }
+
/* Starting daemon */
debug1(STARTED_MSG,ARGV0);
}
#endif
+ /* Starting zeromq */
+ #ifdef ZEROMQ_OUTPUT
+ if(Config.zeromq_output)
+ {
+ zeromq_output_start(Config.zeromq_output_uri, argc, argv);
+ }
+ #endif
/* Opening the Picviz socket */
if(Config.picviz)
debug1("%s: DEBUG: Startup completed. Waiting for new messages..",ARGV0);
+ if(Config.custom_alert_output)
+ debug1("%s: INFO: Custom output found.!",ARGV0);
/* Daemon loop */
while(1)
if(stats_rule->alert_opts & DO_LOGALERT)
{
__crt_ftell = ftell(_aflog);
- OS_Log(lf);
+ if(Config.custom_alert_output)
+ {
+ OS_CustomLog(lf,Config.custom_alert_output_format);
+ }
+ else
+ {
+ OS_Log(lf);
+ }
+
}
if(currently_rule->alert_opts & DO_LOGALERT)
{
__crt_ftell = ftell(_aflog);
- OS_Log(lf);
+
+ if(Config.custom_alert_output)
+ {
+ OS_CustomLog(lf,Config.custom_alert_output_format);
+ }
+ else
+ {
+ OS_Log(lf);
+ }
}
}
#endif
+ /* Log to zeromq */
+ #ifdef ZEROMQ_OUTPUT
+ if(Config.zeromq_output)
+ {
+ zeromq_output_event(lf);
+ }
+ #endif
+
/* Log to Picviz */
if (Config.picviz)
do_ar = 0;
}
}
+ if((*rule_ar)->ar_cmd->expect & FILENAME)
+ {
+ if(!lf->filename)
+ {
+ do_ar = 0;
+ }
+ }
if(do_ar)
{
projects / ossec-hids.git / blobdiff