static gboolean tf_geoip_maxminddb_prepare(LogTemplateFunction *self, gpointer s, LogTemplate *parent, gint argc, gchar *argv[], GError **error) { TFMaxMindDBState *state = (TFMaxMindDBState *) s; gchar *field = NULL; state->database_path = NULL; GOptionEntry maxminddb_options[] = { { "database", 'd', 0, G_OPTION_ARG_FILENAME, &state->database_path, "mmdb database location", NULL }, { "field", 'f', 0, G_OPTION_ARG_STRING, &field, "data path in database. For example: country.iso_code", NULL }, { NULL } }; GOptionContext *ctx = g_option_context_new("geoip2"); g_option_context_add_main_entries(ctx, maxminddb_options, NULL); if (!g_option_context_parse(ctx, &argc, &argv, error)) { g_option_context_free(ctx); return FALSE; } g_option_context_free(ctx); if (!state->database_path || argc != 2) { g_set_error(error, LOG_TEMPLATE_ERROR, LOG_TEMPLATE_ERROR_COMPILE, "geoip2: format must be: $(geoip2 --database <db.mmdb> [ --field path.child ] ${HOST})\n"); goto error; } if (field) state->entry_path = g_strsplit(field, ".", -1); else state->entry_path = g_strsplit("country.iso_code", ".", -1); if (!tf_simple_func_prepare(self, state, parent, argc, argv, error)) { g_set_error(error, LOG_TEMPLATE_ERROR, LOG_TEMPLATE_ERROR_COMPILE, "geoip2: prepare failed"); goto error; } if (!tf_maxminddb_init(state)) { g_set_error(error, LOG_TEMPLATE_ERROR, LOG_TEMPLATE_ERROR_COMPILE, "geoip2: could not init database"); goto error; } return TRUE; error: g_free(state->database_path); g_strfreev(state->entry_path); g_free(field); return FALSE; }
static gboolean tf_hash_prepare(LogTemplateFunction *self, gpointer s, LogTemplate *parent, gint argc, gchar *argv[], GError **error) { TFHashState *state = (TFHashState *) s; GOptionContext *ctx; gint length = 0; const EVP_MD *md; GOptionEntry hash_options[] = { { "length", 'l', 0, G_OPTION_ARG_INT, &length, NULL, NULL }, { NULL } }; ctx = g_option_context_new("hash"); g_option_context_add_main_entries(ctx, hash_options, NULL); if (!g_option_context_parse(ctx, &argc, &argv, error)) { g_option_context_free(ctx); return FALSE; } g_option_context_free(ctx); if (argc < 2) { g_set_error(error, LOG_TEMPLATE_ERROR, LOG_TEMPLATE_ERROR_COMPILE, "$(hash) parsing failed, invalid number of arguments"); return FALSE; } if (!tf_simple_func_prepare(self, state, parent, argc, argv, error)) { g_free(state); return FALSE; } state->length = length; md = EVP_get_digestbyname(strcmp(argv[0], "hash") == 0 ? "sha256" : argv[0]); if (!md) { g_set_error(error, LOG_TEMPLATE_ERROR, LOG_TEMPLATE_ERROR_COMPILE, "$(hash) parsing failed, unknown digest type"); return FALSE; } state->md = md; if ((state->length == 0) || (state->length > md->md_size * 2)) state->length = md->md_size * 2; return TRUE; }
gboolean tf_cond_prepare(LogTemplateFunction *self, gpointer s, LogTemplate *parent, gint argc, gchar *argv[], GError **error) { TFCondState *state = (TFCondState *) s; CfgLexer *lexer; g_return_val_if_fail(error == NULL || *error == NULL, FALSE); lexer = cfg_lexer_new_buffer(argv[1], strlen(argv[1])); if (!cfg_run_parser(parent->cfg, lexer, &filter_expr_parser, (gpointer *) &state->filter, NULL)) { g_set_error(error, LOG_TEMPLATE_ERROR, LOG_TEMPLATE_ERROR_COMPILE, "Error parsing conditional filter expression"); return FALSE; } memmove(&argv[1], &argv[2], sizeof(argv[0]) * (argc - 2)); if (!tf_simple_func_prepare(self, s, parent, argc - 1, argv, error)) return FALSE; return TRUE; }
static gboolean tf_sanitize_prepare(LogTemplateFunction *self, gpointer s, LogTemplate *parent, gint argc, gchar *argv[], GError **error) { TFSanitizeState *state = (TFSanitizeState *) s; gboolean ctrl_chars = TRUE; gchar *invalid_chars = "/"; gchar *replacement = "_"; GOptionContext *ctx; GOptionEntry stize_options[] = { { "ctrl-chars", 'c', 0, G_OPTION_ARG_NONE, &ctrl_chars, NULL, NULL }, { "no-ctrl-chars", 'C', G_OPTION_FLAG_REVERSE, G_OPTION_ARG_NONE, &ctrl_chars, NULL, NULL }, { "invalid-chars", 'i', 0, G_OPTION_ARG_STRING, &invalid_chars, NULL, NULL }, { "replacement", 'r', 0, G_OPTION_ARG_STRING, &replacement, NULL, NULL }, { NULL } }; ctx = g_option_context_new("sanitize-file"); g_option_context_add_main_entries(ctx, stize_options, NULL); if (!g_option_context_parse(ctx, &argc, &argv, error)) { g_option_context_free(ctx); g_free(argv); return FALSE; } g_option_context_free(ctx); if (!tf_simple_func_prepare(self, state, parent, argc, argv, error)) { g_free(state); return FALSE; } state->ctrl_chars = ctrl_chars; state->invalid_chars = g_strdup(invalid_chars); state->replacement = replacement[0]; return TRUE; }