1 /* Copyright (C) 2009 Trend Micro Inc.
4 * This program is a free software; you can redistribute it
5 * and/or modify it under the terms of the GNU General Public
6 * License (version 2) as published by the FSF - Free Software
14 #define ARGV0 "ossec-logcollector"
18 #include "config/localfile-config.h"
19 #include "config/config.h"
21 /*** Function prototypes ***/
23 /* Read logcollector config */
24 int LogCollectorConfig(const char *cfgfile, int accept_remote);
26 /* Start log collector daemon */
27 void LogCollectorStart(void) __attribute__((noreturn));
30 int handle_file(int i, int do_fseek, int do_log);
32 /* Read syslog file */
33 void *read_syslog(int pos, int *rc, int drop_it);
35 /* Read snort full file */
36 void *read_snortfull(int pos, int *rc, int drop_it);
38 /* Read ossec alert file */
39 void *read_ossecalert(int pos, int *rc, int drop_it);
41 /* Read nmap grepable format */
42 void *read_nmapg(int pos, int *rc, int drop_it);
44 /* Read mysql log format */
45 void *read_mysql_log(int pos, int *rc, int drop_it);
47 /* Read mysql log format */
48 void *read_mssql_log(int pos, int *rc, int drop_it);
50 /* Read postgresql log format */
51 void *read_postgresql_log(int pos, int *rc, int drop_it);
53 /* read multi line logs */
54 void *read_multiline(int pos, int *rc, int drop_it);
56 /* Read DJB multilog format */
57 /* Initializes multilog */
58 int init_djbmultilog(int pos);
59 void *read_djbmultilog(int pos, int *rc, int drop_it);
61 /* Read events from output of command */
62 void *read_command(int pos, int *rc, int drop_it);
63 void *read_fullcommand(int pos, int *rc, int drop_it);
65 /* Read auditd events */
66 void *read_audit(int pos, int *rc, int drop_it);
71 void win_read_vista_sec();
72 void win_start_event_channel(char *evt_log, char future, char *query);
73 void win_format_event_string(char *string);
76 /*** Global variables ***/
77 extern int loop_timeout;
78 extern int logr_queue;
79 extern int open_file_attempts;
80 extern logreader *logff;
82 #endif /* __LOGREADER_H */