1 /* Copyright (C) 2009 Trend Micro Inc.
4 * This program is a free software; you can redistribute it
5 * and/or modify it under the terms of the GNU General Public
6 * License (version 2) as published by the FSF - Free Software
13 static const char *(months[]) = {"Jan", "Feb", "Mar", "Apr", "May", "Jun",
14 "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
18 void manage_files(int cday, int cmon, int cyear)
27 char elogfile[OS_FLSIZE + 1];
28 char elogfile_old[OS_FLSIZE + 1];
30 char alogfile[OS_FLSIZE + 1];
31 char alogfile_old[OS_FLSIZE + 1];
33 char ajlogfile[OS_FLSIZE + 1];
34 char ajlogfile_old[OS_FLSIZE + 1];
36 char flogfile[OS_FLSIZE + 1];
37 char flogfile_old[OS_FLSIZE + 1];
39 char ejlogfile[OS_FLSIZE + 1];
40 char ejlogfile_old[OS_FLSIZE + 1];
42 /* Get time from the day before (for log signing) */
46 pp_old = localtime_r(&tm_old, &p_old);
48 pp_old = localtime(&tm_old);
51 memset(elogfile, '\0', OS_FLSIZE + 1);
52 memset(elogfile_old, '\0', OS_FLSIZE + 1);
53 memset(alogfile, '\0', OS_FLSIZE + 1);
54 memset(alogfile_old, '\0', OS_FLSIZE + 1);
55 memset(ajlogfile, '\0', OS_FLSIZE + 1);
56 memset(ajlogfile_old, '\0', OS_FLSIZE + 1);
57 memset(flogfile, '\0', OS_FLSIZE + 1);
58 memset(flogfile_old, '\0', OS_FLSIZE + 1);
59 memset(ejlogfile, '\0', OS_FLSIZE + 1);
60 memset(ejlogfile_old, '\0', OS_FLSIZE + 1);
61 /* When the day changes, we wait up to day_wait before compressing the file */
65 snprintf(elogfile, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.log",
71 /* Event log file old */
72 snprintf(elogfile_old, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.log",
74 pp_old->tm_year + 1900,
75 months[pp_old->tm_mon],
78 OS_SignLog(elogfile, elogfile_old, 0);
79 OS_CompressLog(elogfile);
81 /* JSON Event logfile */
82 snprintf(ejlogfile, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.json",
88 /* JSON Event log file old */
89 snprintf(ejlogfile_old, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.json",
91 pp_old->tm_year + 1900,
92 months[pp_old->tm_mon],
96 int exists_json_events = 0;
97 FILE *fopnetestjsonevents;
99 if ((fopnetestjsonevents = fopen(ejlogfile, "r"))) {
100 exists_json_events = 1;
101 fclose(fopnetestjsonevents);
104 if ((fopnetestjsonevents = fopen(ejlogfile_old, "r"))) {
105 exists_json_events = 1;
106 fclose(fopnetestjsonevents);
109 if (exists_json_events) {
110 /* Only if there is a file to operate on. */
111 OS_SignLog(ejlogfile, ejlogfile_old, 0);
112 OS_CompressLog(ejlogfile);
117 snprintf(alogfile, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.log",
123 /* alert logfile old */
124 snprintf(alogfile_old, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.log",
126 pp_old->tm_year + 1900,
127 months[pp_old->tm_mon],
130 OS_SignLog(alogfile, alogfile_old, 1);
131 OS_CompressLog(alogfile);
134 snprintf(ajlogfile, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.json",
140 /* alert logfile old */
141 snprintf(ajlogfile_old, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.json",
143 pp_old->tm_year + 1900,
144 months[pp_old->tm_mon],
151 if ((fopnetest = fopen(ajlogfile, "r"))) {
156 if ((fopnetest = fopen(ajlogfile_old, "r"))) {
162 /* Only if there is a file to operate on. */
163 OS_SignLog(ajlogfile, ajlogfile_old, 1);
164 OS_CompressLog(ajlogfile);
167 /* firewall events */
168 snprintf(flogfile, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.log",
174 /* firewall events old */
175 snprintf(flogfile_old, OS_FLSIZE, "%s/%d/%s/ossec-%s-%02d.log",
177 pp_old->tm_year + 1900,
178 months[pp_old->tm_mon],
181 OS_SignLog(flogfile, flogfile_old, 0);
182 OS_CompressLog(flogfile);