Esempio n. 1
0
static gboolean
log_db_parser_init(LogPipe *s)
{
  LogDBParser *self = (LogDBParser *) s;
  GlobalConfig *cfg = log_pipe_get_config(s);

  self->db = cfg_persist_config_fetch(cfg, log_db_parser_format_persist_name(self));
  if (self->db)
    {
      struct stat st;

      if (stat(self->db_file, &st) < 0)
        {
          msg_error("Error stating pattern database file, no automatic reload will be performed",
                    evt_tag_str("error", g_strerror(errno)),
                    NULL);
        }
      else if (self->db_file_inode != st.st_ino || self->db_file_mtime != st.st_mtime)
        {
          self->db = pattern_db_new();
          log_db_parser_reload_database(self);
          self->db_file_inode = st.st_ino;
          self->db_file_mtime = st.st_mtime;
        }
    }
  else
    {
      self->db = pattern_db_new();
      log_db_parser_reload_database(self);
    }
  if (self->db)
    pattern_db_set_emit_func(self->db, log_db_parser_emit, self);
  iv_validate_now();
  IV_TIMER_INIT(&self->tick);
  self->tick.cookie = self;
  self->tick.handler = log_db_parser_timer_tick;
  self->tick.expires = iv_now;
  self->tick.expires.tv_sec++;
  self->tick.expires.tv_nsec = 0;
  iv_timer_register(&self->tick);
  return self->db != NULL;
}
Esempio n. 2
0
void
test_patterndb_tags_outside_of_rule()
{
  patterndb = pattern_db_new();
  messages = NULL;

  g_file_open_tmp("patterndbXXXXXX.xml", &filename, NULL);
  g_file_set_contents(filename, tag_outside_of_rule_skeleton,
                      strlen(tag_outside_of_rule_skeleton), NULL);

  assert_false(pattern_db_reload_ruleset(patterndb, configuration, filename), "successfully loaded an invalid patterndb file");
  _destroy_pattern_db();
}
Esempio n. 3
0
static void
_load_pattern_db_from_string(gchar *pdb)
{
  patterndb = pattern_db_new();
  messages = g_ptr_array_new();

  pattern_db_set_emit_func(patterndb, _emit_func, NULL);

  g_file_open_tmp("patterndbXXXXXX.xml", &filename, NULL);
  g_file_set_contents(filename, pdb, strlen(pdb), NULL);

  assert_true(pattern_db_reload_ruleset(patterndb, configuration, filename), "Error loading ruleset [[[%s]]]", pdb);
  assert_string(pattern_db_get_ruleset_version(patterndb), "3", "Invalid version");
  assert_string(pattern_db_get_ruleset_pub_date(patterndb), "2010-02-22", "Invalid pubdate");
}
Esempio n. 4
0
void
test_patterndb_tags_outside_of_rule()
{
  patterndb = pattern_db_new();
  messages = NULL;

  g_file_open_tmp("patterndbXXXXXX.xml", &filename, NULL);
  g_file_set_contents(filename, tag_outside_of_rule_skeleton,
                      strlen(tag_outside_of_rule_skeleton), NULL);

  if (pattern_db_reload_ruleset(patterndb, configuration, filename))
    fail = TRUE;

  clean_pattern_db();
}
Esempio n. 5
0
static gboolean
log_db_parser_init(LogParser *s, GlobalConfig *cfg)
{
  LogDBParser *self = (LogDBParser *) s;

  if (self->initialized)
    {
      return TRUE;
    }
  self->initialized = TRUE;

  self->db = cfg_persist_config_fetch(cfg, log_db_parser_format_persist_name(self));
  if (self->db)
    {
      struct stat st;

      if (stat(self->db_file, &st) < 0)
        {
          msg_error("Error stating pattern database file, no automatic reload will be performed",
                    evt_tag_str("error", g_strerror(errno)),
                    NULL);
        }
      else
        {
          self->db_file_inode = st.st_ino;
          self->db_file_mtime = st.st_mtime;
        }
    }
  else
    {
      self->db = pattern_db_new();
      log_db_parser_reload_database(self);
    }

  if (self->db)
    pattern_db_set_emit_func(self->db, log_db_parser_emit, self);

#if GLIB_MAJOR_VERSION > 2 && GLIB_MINOR_VERSION > 13
  self->timer_tick_id = g_timeout_add_seconds(1, log_db_parser_timer_tick, self);
#else
  self->timer_tick_id = g_timeout_add(1000, log_db_parser_timer_tick, self);
#endif
  return self->db != NULL;
}
Esempio n. 6
0
void
create_pattern_db(gchar *pdb)
{
  patterndb = pattern_db_new();
  messages = g_ptr_array_new();

  pattern_db_set_emit_func(patterndb, test_emit_func, NULL);

  g_file_open_tmp("patterndbXXXXXX.xml", &filename, NULL);
  g_file_set_contents(filename, pdb, strlen(pdb), NULL);

  if (pattern_db_reload_ruleset(patterndb, configuration, filename))
    {
      if (!g_str_equal(pattern_db_get_ruleset_version(patterndb), "3"))
        test_fail("Invalid version '%s'\n", pattern_db_get_ruleset_version(patterndb));
      if (!g_str_equal(pattern_db_get_ruleset_pub_date(patterndb), "2010-02-22"))
        test_fail("Invalid pub_date '%s'\n", pattern_db_get_ruleset_pub_date(patterndb));
    }
  else
    {
      fail = TRUE;
    }
}