new upstream release (3.3.0); modify package compatibility for Stretch

[ossec-hids.git] / src / analysisd / format / json_extended.h

diff --git a/src/analysisd/format/json_extended.h b/src/analysisd/format/json_extended.h
new file mode 100644 (file)
index 0000000..0edcce5
--- /dev/null
+++ b/src/analysisd/format/json_extended.h
@@ -0,0 +1,45 @@
+/* Copyright (C) 2015 Wazuh Inc\r
+ * All rights reserved.\r
+ * \r
+ */\r
+ \r
+#ifndef __JSON_EXTENDED_H__\r
+#define __JSON_EXTENDED_H__\r
+\r
+#include "eventinfo.h"\r
+#include "cJSON.h"\r
+#include <regex.h>\r
+\r
+#define MAX_MATCHES 10\r
+\r
+// Main function, call the others parsers.\r
+void W_ParseJSON(cJSON *root, const Eventinfo *lf);\r
+// Parse hostname\r
+void W_JSON_ParseHostname(cJSON *root, char *hostname);\r
+// Parse Timestamp\r
+void W_JSON_ParseTimestamp(cJSON *root, const Eventinfo *lf);\r
+// Parse AgentIP\r
+void W_JSON_ParseAgentIP(cJSON *root, const Eventinfo *lf);\r
+// Parse Location\r
+void W_JSON_ParseLocation(cJSON *root, const Eventinfo *lf, int archives);\r
+// Parse Groups\r
+void W_JSON_ParseGroups(cJSON *root, const Eventinfo *lf, int nested);\r
+// Parse Groups Compliance \r
+void W_JSON_ParseGroupsCompliance(cJSON *root, int nested);\r
+// Parse Rootcheck compliance\r
+void W_JSON_ParseRootcheck(cJSON *root, const Eventinfo *lf, int nested);\r
+// Detecting if an alert comes from rootcheck\r
+int W_isRootcheck(cJSON *root, int nested);\r
+// Parsing PCI Compliance groups^M\r
+int add_groupPCI(cJSON *rule, char * group, int firstPCI);\r
+// Parsing CIS Compliance groups^M\r
+int add_groupCIS(cJSON *rule, char * group, int firstCIS);\r
+// Aux functions\r
+int str_cut(char *str, int begin, int len);\r
+int compile_regex (regex_t * r, const char * regex_text);\r
+int match_regex (regex_t * r, const char * to_match, char * results[MAX_MATCHES]);\r
+void trim(char * s);\r
+void removeChar( char * string, char letter );\r
+int startsWith(const char *pre, const char *str);\r
+\r
+#endif\r