1 /* Copyright (C) 2009 Trend Micro Inc.
4 * This program is a free software; you can redistribute it
5 * and/or modify it under the terms of the GNU General Public
6 * License (version 2) as published by the FSF - Free Software
12 #include "os_net/os_net.h"
14 /* Global variables */
16 char __shost_long[512];
19 /* Monitor the alerts and send them via syslog
20 * Only return in case of error
22 void OS_CSyslogD(SyslogConfig **syslog_config)
31 /* Get current time before starting */
35 /* Initialize file queue to read the alerts */
36 os_calloc(1, sizeof(file_queue), fileq);
37 while ( (Init_FileQueue(fileq, p, 0) ) < 0 ) {
39 if ( tries > OS_CSYSLOGD_MAX_TRIES ) {
40 merror("%s: ERROR: Could not open queue after %d tries, exiting!",
47 debug1("%s: INFO: File queue connected.", ARGV0 );
49 /* Connect to syslog */
51 while (syslog_config[s]) {
52 syslog_config[s]->socket = OS_ConnectUDP(syslog_config[s]->port,
53 syslog_config[s]->server);
54 if (syslog_config[s]->socket < 0) {
55 merror(CONNS_ERROR, ARGV0, syslog_config[s]->server);
57 merror("%s: INFO: Forwarding alerts via syslog to: '%s:%s'.",
58 ARGV0, syslog_config[s]->server, syslog_config[s]->port);
64 /* Infinite loop reading the alerts and inserting them */
69 /* Get message if available (timeout of 5 seconds) */
70 al_data = Read_FileMon(fileq, p, 5);
77 while (syslog_config[s]) {
78 OS_Alert_SendSyslog(al_data, syslog_config[s]);
82 /* Clear the memory */
83 FreeAlertData(al_data);
87 /* Format Field for output */
88 int field_add_string(char *dest, size_t size, const char *format, const char *value )
90 char buffer[OS_SIZE_2048];
92 int dest_sz = size - strlen(dest);
94 /* Not enough room in the buffer? */
101 ((value[0] != '(') && (value[1] != 'n') && (value[2] != 'o')) ||
102 ((value[0] != '(') && (value[1] != 'u') && (value[2] != 'n')) ||
103 ((value[0] != 'u') && (value[1] != 'n') && (value[4] != 'k'))
106 len = snprintf(buffer, sizeof(buffer) - dest_sz - 1, format, value);
107 strncat(dest, buffer, dest_sz);
113 /* Add a field, but truncate if too long */
114 int field_add_truncated(char *dest, size_t size, const char *format, const char *value, int fmt_size )
116 char buffer[OS_SIZE_2048];
118 int available_sz = size - strlen(dest);
119 int total_sz = strlen(value) + strlen(format) - fmt_size;
120 int field_sz = available_sz - strlen(format) + fmt_size;
123 char trailer[] = "...";
124 char *truncated = NULL;
126 /* Not enough room in the buffer? */
127 if (available_sz <= 0 ) {
132 ((value[0] != '(') && (value[1] != 'n') && (value[2] != 'o')) ||
133 ((value[0] != '(') && (value[1] != 'u') && (value[2] != 'n')) ||
134 ((value[0] != 'u') && (value[1] != 'n') && (value[4] != 'k'))
137 if ( (truncated = (char *) malloc(field_sz + 1)) != NULL ) {
138 if ( total_sz > available_sz ) {
139 /* Truncate and add a trailer */
140 os_substr(truncated, value, 0, field_sz - strlen(trailer));
141 strcat(truncated, trailer);
143 strncpy(truncated, value, field_sz);
146 len = snprintf(buffer, available_sz, format, truncated);
147 strncat(dest, buffer, available_sz);
153 /* Free the temporary pointer */
159 /* Handle integers in the second position */
160 int field_add_int(char *dest, size_t size, const char *format, const int value )
164 int dest_sz = size - strlen(dest);
166 /* Not enough room in the buffer? */
172 len = snprintf(buffer, sizeof(buffer), format, value);
173 strncat(dest, buffer, dest_sz);