1 /* @(#) $Id: decoder.h,v 1.20 2009/06/24 17:06:23 dcid Exp $ */
3 /* Copyright (C) 2009 Trend Micro Inc.
6 * This program is a free software; you can redistribute it
7 * and/or modify it under the terms of the GNU General Public
8 * License (version 3) as published by the FSF - Free Software
11 * License details at the LICENSE file included with OSSEC or
12 * online at: http://www.ossec.net/en/licensing.html
21 /* We need the eventinfo and os_regex in here */
23 #include "os_regex/os_regex.h"
25 #define AFTER_PARENT 0x001 /* 1 */
26 #define AFTER_PREMATCH 0x002 /* 2 */
27 #define AFTER_PREVREGEX 0x004 /* 4 */
28 #define AFTER_ERROR 0x010
32 /* Decoder structure */
37 u_int8_t use_own_name;
40 u_int16_t regex_offset;
41 u_int16_t prematch_offset;
50 OSMatch *program_name;
52 void (*plugindecoder)(void *lf);
53 void (**order)(void *lf, char *field);
57 typedef struct _OSDecoderNode
59 struct _OSDecoderNode *next;
60 struct _OSDecoderNode *child;
61 OSDecoderInfo *osdecoder;
66 /* Functions to Create the list, Add a osdecoder to the
67 * list and to get the first osdecoder.
69 void OS_CreateOSDecoderList();
70 int OS_AddOSDecoder(OSDecoderInfo *pi);
71 OSDecoderNode *OS_GetFirstOSDecoder(char *pname);
72 int getDecoderfromlist(char *name);