X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=src%2Fmonitord%2Freport.c;h=5d7547ae54abcf857e31c07af95793a91cba8b45;hp=0494132563bdc16a9ed7e52cb5b437c3c5934849;hb=6ef2f786c6c8ead94841b5f93baf9f43421f08c8;hpb=301048b51990573e58a30dc4a5bb4ec285cad554 diff --git a/src/monitord/report.c b/src/monitord/report.c index 0494132..5d7547a 100755 --- a/src/monitord/report.c +++ b/src/monitord/report.c @@ -1,4 +1,5 @@ -/* @(#) $Id$ */ +/* @(#) $Id: ./src/monitord/report.c, 2011/09/08 dcid Exp $ + */ /* Copyright (C) 2010 Trend Micro Inc. * All rights reserved. @@ -23,8 +24,13 @@ void report_help() printf("\t-f Filter the results.\n"); printf("\t-r Show related entries.\n"); printf("\t-n Creates a description for the report.\n"); + printf("\t-s Show the alert dump.\n"); + printf("\n"); + printf("\tFilters allowed: group, rule, level, location,\n"); + printf("\t user, srcip, filename\n"); + printf("\n"); printf("Examples:\n"); - printf("\t-f group authentication success (to filter on login success).\n"); + printf("\t-f group authentication_success (to filter on login success).\n"); printf("\t-f level 10 (to filter on level >= 10).\n"); printf("\t-f group authentication -r user srcip (to show the srcip for all users).\n"); exit(1); @@ -51,13 +57,15 @@ int main(int argc, char **argv) /* Setting the name */ OS_SetName(ARGV0); - + r_filter.group = NULL; r_filter.rule = NULL; r_filter.level = NULL; r_filter.location = NULL; r_filter.srcip = NULL; r_filter.user = NULL; + r_filter.files = NULL; + r_filter.show_alerts = 0; r_filter.related_group = 0; r_filter.related_rule = 0; @@ -65,10 +73,11 @@ int main(int argc, char **argv) r_filter.related_location = 0; r_filter.related_srcip = 0; r_filter.related_user = 0; - + r_filter.related_file = 0; + r_filter.report_name = NULL; - while((c = getopt(argc, argv, "Vdhtu:g:D:c:f:v:n:r:")) != -1) + while((c = getopt(argc, argv, "Vdhstu:g:D:c:f:v:n:r:")) != -1) { switch(c){ case 'V': @@ -87,8 +96,8 @@ int main(int argc, char **argv) break; case 'r': if(!optarg || !argv[optind]) - ErrorExit("%s: -r needs two argument",ARGV0); - related_of = optarg; + ErrorExit("%s: -r needs two argument",ARGV0); + related_of = optarg; related_values = argv[optind]; if(os_report_configfilter(related_of, related_values, @@ -104,7 +113,7 @@ int main(int argc, char **argv) filter_by = optarg; filter_value = argv[optind]; - if(os_report_configfilter(filter_by, filter_value, + if(os_report_configfilter(filter_by, filter_value, &r_filter, REPORT_FILTER) < 0) { ErrorExit(CONFIG_ERROR, ARGV0, "user argument"); @@ -125,13 +134,17 @@ int main(int argc, char **argv) if(!optarg) ErrorExit("%s: -D needs an argument",ARGV0); dir=optarg; + break; case 'c': if(!optarg) ErrorExit("%s: -c needs an argument",ARGV0); cfg = optarg; break; case 't': - test_config = 1; + test_config = 1; + break; + case 's': + r_filter.show_alerts = 1; break; default: report_help(); @@ -149,18 +162,18 @@ int main(int argc, char **argv) if((uid < 0)||(gid < 0)) ErrorExit(USER_ERROR,ARGV0,user,group); - + /* Exit here if test config is set */ if(test_config) exit(0); - + /* Privilege separation */ if(Privsep_SetGroup(gid) < 0) ErrorExit(SETGID_ERROR,ARGV0,group); - + /* chrooting */ if(Privsep_Chroot(dir) < 0) ErrorExit(CHROOT_ERROR,ARGV0,dir); @@ -168,8 +181,8 @@ int main(int argc, char **argv) nowChroot(); - - /* Changing user */ + + /* Changing user */ if(Privsep_SetUser(uid) < 0) ErrorExit(SETUID_ERROR,ARGV0,user); @@ -181,16 +194,15 @@ int main(int argc, char **argv) /* Signal manipulation */ StartSIG(ARGV0); - + /* Creating PID files */ if(CreatePID(ARGV0, getpid()) < 0) ErrorExit(PID_ERROR,ARGV0); - + /* Start up message */ verbose(STARTUP_MSG, ARGV0, (int)getpid()); - /* the real stuff now */ os_ReportdStart(&r_filter);