1 /* @(#) $Id: ./src/analysisd/picviz.c, 2011/09/08 dcid Exp $
4 /* Copyright (C) 2009 Sebastien Tricaud
5 * Copyright (C) 2009 Trend Micro Inc.
8 * This program is a free software; you can redistribute it
9 * and/or modify it under the terms of the GNU General Public
10 * License (version 2) as published by the FSF - Free Software
15 #include "eventinfo.h"
17 static FILE *picviz_fp;
19 static char *(ossec2picviz[])={"blue","blue","blue","blue",
20 "green","green","green","green",
21 "orange", "orange", "orange", "orange",
22 "red", "red", "red", "red", "red"};
25 void OS_PicvizOpen(char *socket)
27 picviz_fp = fopen(socket, "a");
30 merror("%s: Unable to open picviz socket file '%s'.",
35 void OS_PicvizLog(Eventinfo *lf)
37 char *color = (lf->generated_rule->level > 15) ? "red" : ossec2picviz[lf->generated_rule->level];
52 hostname = lf->hostname ? lf->hostname : "";
53 location = lf->location ? lf->location : "";
54 srcip = lf->srcip ? lf->srcip : "";
55 dstip = lf->dstip ? lf->dstip : "";
56 srcuser = lf->srcuser ? lf->srcuser : "";
57 dstuser = lf->dstuser ? lf->dstuser : "";
58 prgname = lf->program_name ? lf->program_name : "";
59 comment = lf->generated_rule->comment ? lf->generated_rule->comment : "";
62 "time=\"%s\", host=\"%s\", file=\"%s\", sip=\"%s\", dip=\"%s\""
63 ", srcuser=\"%s\", dstuser=\"%s\", prgnme=\"%s\", alert=\"%s\" [color=\"%s\"];\n",
65 hostname, location, srcip, dstip, srcuser, dstuser, prgname, comment, color);
71 void OS_PicvizClose(void)