FString FDateTimeStructCustomization::ToDateTimeZoneString(const FDateTime& UTCDate)
{
	const int32 DisplayTimezone = GetLocalTimezone();
	const FDateTime LocalTime = ConvertTime(UTCDate, TIMEZONE_UTC, DisplayTimezone);
	return FString::Printf(TEXT("%s %s%0.4d"), *LocalTime.ToString(), (DisplayTimezone >= 0 ? TEXT("+") : TEXT("")), DisplayTimezone);

}
bool FDateTimeStructCustomization::ParseDateTimeZone(const FString& DateTimeZoneString, FDateTime& OutDateTime)
{
	static FString Delimiter = FString(TEXT(" "));

	// Split our DatetimeZone string into a date and a timezone marker
	FString DateString;
	FString TimezoneString;
	if (!DateTimeZoneString.Split(Delimiter, &DateString, &TimezoneString, ESearchCase::CaseSensitive, ESearchDir::FromEnd))
	{
		DateString = DateTimeZoneString;
	}

	// Trim surrounding whitespace
	DateString = DateString.TrimTrailing().Trim();
	TimezoneString = TimezoneString.TrimTrailing().Trim();

	// Validate date
	FDateTime LocalizedDate;
	if (DateString.IsEmpty() || !FDateTime::Parse(DateString, LocalizedDate))
	{
		return false;
	}

	// Validate timezone marker
	if (TimezoneString.IsEmpty())
	{
		// If no timezone is present, we assume the user's preferred timezone
		OutDateTime = ConvertTime(LocalizedDate, GetLocalTimezone(), TIMEZONE_UTC);
		return true;
	}

	// Fail if timezone string isn't numeric
	if (!TimezoneString.IsNumeric())
	{
		return false;
	}

	// Convert timezone into int
	int32 Timezone = FCString::Atoi(*TimezoneString);
	Timezone = ConvertShortTimezone(Timezone);

	// Check for timezones in the full-format HHMM, ex: -0500, +1345, etc
	const int32 TimezoneHour = Timezone / 100;
	const bool bHasValidMinuteOffset = ((FMath::Abs(Timezone) % 100) % 15 == 0);
	const bool bIsTimezoneHourValid = (TimezoneHour >= -12 && TimezoneHour <= 14);
	if (bHasValidMinuteOffset && bIsTimezoneHourValid)
	{
		OutDateTime = ConvertTime(LocalizedDate, Timezone, TIMEZONE_UTC);
		return true;
	}

	// Not a valid time
	return false;
}
Beispiel #3
0
/****************************************************************************
 *
 * Function: GetCurrentTimestamp()
 *
 * Purpose: Generate an ISO-8601 formatted timestamp for the current time.
 *
 * Arguments: none 
 *
 * Returns: char * -- You must free this char * when you are done with it.
 *
 ***************************************************************************/
char *GetCurrentTimestamp()
{
    struct tm *lt;
    struct timezone tz;
    struct timeval tv;
    struct timeval *tvp;
    char * buf;
    int tzone;

    buf = (char *)malloc(SMALLBUFFER);

    bzero((char *)&tz,sizeof(tz));
    gettimeofday(&tv,&tz);
    tvp = &tv;

    if(pv.use_utc == 1)
    {
        lt = gmtime((time_t *)&tvp->tv_sec);
        snprintf(buf, SMALLBUFFER, "%04i-%02i-%02i %02i:%02i:%02i", 
                1900 + lt->tm_year, lt->tm_mon + 1, lt->tm_mday, 
                lt->tm_hour, lt->tm_min, lt->tm_sec);
    }
    else
    {
        lt = localtime((time_t *)&tvp->tv_sec);

    	tzone = GetLocalTimezone();

        if(tzone < 0)
            snprintf(buf, SMALLBUFFER, 
                    "%04i-%02i-%02i %02i:%02i:%02i%03i", 
                    1900 + lt->tm_year, lt->tm_mon + 1, lt->tm_mday, 
                    lt->tm_hour, lt->tm_min, lt->tm_sec, tzone);
        else
            snprintf(buf, SMALLBUFFER, 
                    "%04i-%02i-%02i %02i:%02i:%02i+%02i", 
                    1900 + lt->tm_year, lt->tm_mon + 1, lt->tm_mday, 
                    lt->tm_hour, lt->tm_min, lt->tm_sec, tzone);
    }

    return buf;
}
Beispiel #4
0
static int Syslog_FormatTrigger(OpSyslog_Data *syslogData, Unified2EventCommon *pEvent,int opType) 
{
    
    char tSigBuf[256] = {0};
    char *timestamp_string = NULL;
    
    SigNode             *sn = NULL;
    ClassType           *cn = NULL;
    //ReferenceNode       *rn = NULL;
    
    if( (syslogData == NULL) ||
	(pEvent == NULL))
    {
	/* XXX */
	return 1;
    }
    
    switch(opType)
    {
	
    case 0:
	/* Alert */
	if( (syslogData->format_current_pos += snprintf(syslogData->formatBuffer,SYSLOG_MAX_QUERY_SIZE,"[SNORTIDS[ALERT]: [%s] }", syslogData->sensor_name)) >=  SYSLOG_MAX_QUERY_SIZE)
	{
	    /* XXX */
	    return 1;
	}
	break;
    case 1:
	/* Log */
	if( (syslogData->format_current_pos += snprintf(syslogData->formatBuffer,SYSLOG_MAX_QUERY_SIZE,"[SNORTIDS[LOG]: [%s] ]", syslogData->sensor_name)) >=  SYSLOG_MAX_QUERY_SIZE)
	{
	    /* XXX */
	    return 1;
	}
	break;
	
    default:
	/* XXX */
	LogMessage("Syslog_FormatTrigger(): Unknown [%d] operation mode \n",opType);
	return 1;
	break;
    }
    
    
    if( OpSyslog_Concat(syslogData))
    {
	/* XXX */
	FatalError("OpSyslog_Concat(): Failed \n");
    }

    
    if( (timestamp_string = GetTimestampByComponent(
	     ntohl(pEvent->event_second),
	     ntohl(pEvent->event_microsecond),
	     GetLocalTimezone())) == NULL)
    {
	/* XXX */
	/* Something went wrong ...we create a little string? */
	if( (timestamp_string = malloc(256)) == NULL)
	{
	    /* XXX */
	    return 1;
	}
	
	memset(timestamp_string,'\0',256);
	snprintf(timestamp_string,256,"sec:[%u] msec:[%u] Second away from UTC:[%u] ",
		 ntohl(pEvent->event_second),
		 ntohl(pEvent->event_microsecond),
		 GetLocalTimezone());
    }
    
    
    snprintf(tSigBuf,256,"Snort Alert [%u:%u:%u]",
	     ntohl(pEvent->generator_id),
	     ntohl(pEvent->signature_id),
	     ntohl(pEvent->signature_revision));
    
    sn = GetSigByGidSid(ntohl(pEvent->generator_id),
			ntohl(pEvent->signature_id));
    
    cn = ClassTypeLookupById(barnyard2_conf, 
			     ntohl(pEvent->classification_id));
    
    if( (syslogData->format_current_pos += snprintf(syslogData->formatBuffer,SYSLOG_MAX_QUERY_SIZE,"%s%c%u%c%s", 
						    timestamp_string,syslogData->field_separators,
						    ntohl(pEvent->priority_id),syslogData->field_separators,
						    sn != NULL ? sn->msg : tSigBuf)) >=  SYSLOG_MAX_QUERY_SIZE)
    {
	/* XXX */
	free(timestamp_string);
	return 1;
    }
    

    if( OpSyslog_Concat(syslogData))
    {
	/* XXX */
	FatalError("OpSyslog_Concat(): Failed \n");
    }
    
    if(cn)
    {
	if( (syslogData->format_current_pos += snprintf(syslogData->formatBuffer,SYSLOG_MAX_QUERY_SIZE,"%s", 
							cn->type)) >= SYSLOG_MAX_QUERY_SIZE)
	{
	    /* XXX */
	    free(timestamp_string);
	    return 1;
	}
    }
    else
    {
	if( ( syslogData->format_current_pos += snprintf(syslogData->formatBuffer,SYSLOG_MAX_QUERY_SIZE,"%s", 
							 "[Unknown Classification]") >= SYSLOG_MAX_QUERY_SIZE))
	{
	    /* XXX */
	    free(timestamp_string);
	    return 1;
	}
    }
    
    if( OpSyslog_Concat(syslogData))
    {
	/* XXX */
	FatalError("OpSyslog_Concat(): Failed \n");
    }
    
    /*CHECKME: -elz  Need to investigate */
    //Syslog_FormatReference(syslogData, sn->refs);
    
    free(timestamp_string);
    
    return 0;
}