3 /* Copyright (C) 2009 Trend Micro Inc.
6 * This program is a free software; you can redistribute it
7 * and/or modify it under the terms of the GNU General Public
8 * License (version 2) as published by the FSF - Free Software
11 * License details at the LICENSE file included with OSSEC or
12 * online at: http://www.ossec.net/en/licensing.html
15 /* Read PostgreSQL logs */
19 #include "logcollector.h"
23 /* Send pgsql message and check the return code.
25 void __send_pgsql_msg(int pos, int drop_it, char *buffer)
27 debug2("%s: DEBUG: Reading PostgreSQL message: '%s'", ARGV0, buffer);
30 if(SendMSG(logr_queue, buffer, logff[pos].file, POSTGRESQL_MQ) < 0)
32 merror(QUEUE_SEND, ARGV0);
33 if((logr_queue = StartMQ(DEFAULTQPATH,WRITE)) < 0)
35 ErrorExit(QUEUE_FATAL, ARGV0, DEFAULTQPATH);
43 /* Read PostgreSQL log files */
44 void *read_postgresql_log(int pos, int *rc, int drop_it)
49 char str[OS_MAXSTR + 1];
50 char buffer[OS_MAXSTR + 1];
53 /* Zeroing buffer and str */
55 buffer[OS_MAXSTR] = '\0';
60 /* Getting new entry */
61 while(fgets(str, OS_MAXSTR - OS_LOG_HEADER, logff[pos].fp) != NULL)
64 /* Getting buffer size */
65 str_len = strlen(str);
68 /* Checking str_len size. Very useless, but just to make sure.. */
69 if(str_len >= sizeof(buffer) -2)
71 str_len = sizeof(buffer) -10;
75 /* Getting the last occurence of \n */
76 if ((p = strrchr(str, '\n')) != NULL)
80 /* If need clear is set, we just get the line and ignore it. */
94 if ((p = strrchr(str, '\r')) != NULL)
100 /* Looking for empty string (only on windows) */
107 /* Windows can have comment on their logs */
116 /* PostgreSQL messages have the following format:
117 * [2007-08-31 19:17:32.186 ADT] 192.168.2.99:db_name
126 isdigit((int)str[1]) &&
127 isdigit((int)str[12]))
130 /* If the saved message is empty, set it and continue. */
131 if(buffer[0] == '\0')
133 strncpy(buffer, str, str_len + 2);
137 /* If not, send the saved one and store the new one for later */
140 __send_pgsql_msg(pos, drop_it, buffer);
143 /* Storing current one at the buffer */
144 strncpy(buffer, str, str_len + 2);
149 /* Query logs can be in multiple lines.
150 * They always start with a tab in the additional ones.
152 else if((str_len > 2) && (buffer[0] != '\0') &&
155 /* Size of the buffer */
156 int buffer_len = strlen(buffer);
160 /* Removing extra spaces and tabs */
161 while(*p == ' ' || *p == '\t')
167 /* Adding additional message to the saved buffer. */
168 if(sizeof(buffer) - buffer_len > str_len +256)
170 /* Here we make sure that the size of the buffer
171 * minus what was used (strlen) is greater than
172 * the length of the received message.
174 buffer[buffer_len] = ' ';
175 buffer[buffer_len +1] = '\0';
176 strncat(buffer, str, str_len +3);
184 /* Send whatever is stored. */
185 if(buffer[0] != '\0')
187 __send_pgsql_msg(pos, drop_it, buffer);