-/* @(#) $Id$ */
+/* @(#) $Id: ./src/monitord/report.c, 2011/09/08 dcid Exp $
+ */
/* Copyright (C) 2010 Trend Micro Inc.
* All rights reserved.
printf("\t-f <filter> <value> Filter the results.\n");
printf("\t-r <filter> <value> Show related entries.\n");
printf("\t-n Creates a description for the report.\n");
+ printf("\t-s Show the alert dump.\n");
+ printf("\n");
+ printf("\tFilters allowed: group, rule, level, location,\n");
+ printf("\t user, srcip, filename\n");
+ printf("\n");
printf("Examples:\n");
- printf("\t-f group authentication success (to filter on login success).\n");
+ printf("\t-f group authentication_success (to filter on login success).\n");
printf("\t-f level 10 (to filter on level >= 10).\n");
printf("\t-f group authentication -r user srcip (to show the srcip for all users).\n");
exit(1);
/* Setting the name */
OS_SetName(ARGV0);
-
+
r_filter.group = NULL;
r_filter.rule = NULL;
r_filter.level = NULL;
r_filter.location = NULL;
r_filter.srcip = NULL;
r_filter.user = NULL;
+ r_filter.files = NULL;
+ r_filter.show_alerts = 0;
r_filter.related_group = 0;
r_filter.related_rule = 0;
r_filter.related_location = 0;
r_filter.related_srcip = 0;
r_filter.related_user = 0;
-
+ r_filter.related_file = 0;
+
r_filter.report_name = NULL;
- while((c = getopt(argc, argv, "Vdhtu:g:D:c:f:v:n:r:")) != -1)
+ while((c = getopt(argc, argv, "Vdhstu:g:D:c:f:v:n:r:")) != -1)
{
switch(c){
case 'V':
break;
case 'r':
if(!optarg || !argv[optind])
- ErrorExit("%s: -r needs two argument",ARGV0);
- related_of = optarg;
+ ErrorExit("%s: -r needs two argument",ARGV0);
+ related_of = optarg;
related_values = argv[optind];
if(os_report_configfilter(related_of, related_values,
filter_by = optarg;
filter_value = argv[optind];
- if(os_report_configfilter(filter_by, filter_value,
+ if(os_report_configfilter(filter_by, filter_value,
&r_filter, REPORT_FILTER) < 0)
{
ErrorExit(CONFIG_ERROR, ARGV0, "user argument");
if(!optarg)
ErrorExit("%s: -D needs an argument",ARGV0);
dir=optarg;
+ break;
case 'c':
if(!optarg)
ErrorExit("%s: -c needs an argument",ARGV0);
cfg = optarg;
break;
case 't':
- test_config = 1;
+ test_config = 1;
+ break;
+ case 's':
+ r_filter.show_alerts = 1;
break;
default:
report_help();
if((uid < 0)||(gid < 0))
ErrorExit(USER_ERROR,ARGV0,user,group);
-
+
/* Exit here if test config is set */
if(test_config)
exit(0);
-
+
/* Privilege separation */
if(Privsep_SetGroup(gid) < 0)
ErrorExit(SETGID_ERROR,ARGV0,group);
-
+
/* chrooting */
if(Privsep_Chroot(dir) < 0)
ErrorExit(CHROOT_ERROR,ARGV0,dir);
nowChroot();
-
- /* Changing user */
+
+ /* Changing user */
if(Privsep_SetUser(uid) < 0)
ErrorExit(SETUID_ERROR,ARGV0,user);
/* Signal manipulation */
StartSIG(ARGV0);
-
+
/* Creating PID files */
if(CreatePID(ARGV0, getpid()) < 0)
ErrorExit(PID_ERROR,ARGV0);
-
+
/* Start up message */
verbose(STARTUP_MSG, ARGV0, (int)getpid());
-
/* the real stuff now */
os_ReportdStart(&r_filter);
projects / ossec-hids.git / blobdiff