static void afprogram_dd_kill_child(AFProgramDestDriver *self) { if (self->pid != -1) { pid_t pgid; msg_verbose("Sending destination program a TERM signal", evt_tag_str("cmdline", self->cmdline->str), evt_tag_int("child_pid", self->pid), NULL); _terminate_process_group_by_pid(self->pid); self->pid = -1; } }
static gboolean __load_object(JavaLogMessageProxy *self) { JNIEnv *java_env = NULL; java_env = java_machine_get_env(self->java_machine, &java_env); self->loaded_class = java_machine_load_class(self->java_machine, LOG_MESSAGE, NULL); if (!self->loaded_class) { msg_error("Can't find class", evt_tag_str("class_name", LOG_MESSAGE), NULL); return FALSE; } self->mi_constructor = CALL_JAVA_FUNCTION(java_env, GetMethodID, self->loaded_class, "<init>", "(J)V"); if (!self->mi_constructor) { msg_error("Can't find default constructor for class", evt_tag_str("class_name", LOG_MESSAGE), NULL); return FALSE; } return TRUE; }
gboolean log_threaded_dest_driver_start(LogPipe *s) { LogThrDestDriver *self = (LogThrDestDriver *)s; GlobalConfig *cfg = log_pipe_get_config(s); if (cfg && self->time_reopen == -1) self->time_reopen = cfg->time_reopen; self->queue = log_dest_driver_acquire_queue(&self->super, self->format.persist_name(self)); if (self->queue == NULL) { return FALSE; } if (self->retries.max <= 0) { msg_warning("Wrong value for retries(), setting to default", evt_tag_int("value", self->retries.max), evt_tag_int("default", MAX_RETRIES_OF_FAILED_INSERT_DEFAULT), evt_tag_str("driver", self->super.super.id), NULL); self->retries.max = MAX_RETRIES_OF_FAILED_INSERT_DEFAULT; } stats_lock(); stats_register_counter(0, self->stats_source | SCS_DESTINATION, self->super.super.id, self->format.stats_instance(self), SC_TYPE_STORED, &self->stored_messages); stats_register_counter(0, self->stats_source | SCS_DESTINATION, self->super.super.id, self->format.stats_instance(self), SC_TYPE_DROPPED, &self->dropped_messages); stats_register_counter(0, self->stats_source | SCS_DESTINATION, self->super.super.id, self->format.stats_instance(self), SC_TYPE_PROCESSED, &self->processed_messages); stats_unlock(); log_queue_set_counters(self->queue, self->stored_messages, self->dropped_messages); self->seq_num = GPOINTER_TO_INT(cfg_persist_config_fetch(cfg, log_threaded_dest_driver_format_seqnum_for_persist(self))); if (!self->seq_num) init_sequence_number(&self->seq_num); log_threaded_dest_driver_start_thread(self); return TRUE; }
static inline gboolean _seek_to_saved_state(JournalReader *self) { JournalReaderState *state = persist_state_map_entry(self->persist_state, self->persist_handle); gint rc = journald_seek_cursor(self->journal, state->cursor); persist_state_unmap_entry(self->persist_state, self->persist_handle); if (rc != 0) { msg_warning("Failed to seek journal to the saved cursor position", evt_tag_str("cursor", state->cursor), evt_tag_errno("error", errno), NULL); return _seek_to_head(self); } else { msg_debug("Seeking the journal to the last cursor position", evt_tag_str("cursor", state->cursor), NULL); } journald_next(self->journal); return TRUE; }
static void afmongodb_worker_retry_over_message(LogThrDestDriver *s, LogMessage *msg) { MongoDBDestDriver *self = (MongoDBDestDriver *)s; msg_error("Multiple failures while inserting this record into the database, " "message dropped", evt_tag_str("driver", self->super.super.super.id), evt_tag_int("number_of_retries", s->retries.max), evt_tag_value_pairs("message", self->vp, msg, self->super.seq_num, LTZ_SEND, &self->template_options), NULL); }
int stomp_connect(stomp_connection **connection_ref, char *hostname, int port) { stomp_connection *conn; conn = g_new0(stomp_connection, 1); conn->socket = socket(AF_INET, SOCK_STREAM, 0); if (conn->socket == -1) { msg_error("Failed to create socket!", NULL); return FALSE; } if (!resolve_hostname_to_sockaddr(&conn->remote_sa, AF_INET, hostname)) { msg_error("Failed to resolve hostname in stomp driver", evt_tag_str("hostname", hostname), NULL); return FALSE; } g_sockaddr_set_port(conn->remote_sa, port); if (!g_connect(conn->socket, conn->remote_sa)) { msg_error("Stomp connection failed", evt_tag_str("host", hostname), NULL); _stomp_connection_free(conn); return FALSE; } (*connection_ref) = conn; return TRUE; };
gboolean affile_open_file(gchar *name, FileOpenOptions *open_opts, FilePermOptions *perm_opts, gint *fd) { cap_t saved_caps; if (_path_is_spurious(name, spurious_paths)) { msg_error("Spurious path, logfile not created", evt_tag_str("path", name), NULL); return FALSE; } saved_caps = g_process_cap_save(); if (!_obtain_capabilities(name, open_opts, perm_opts, &saved_caps)) { g_process_cap_restore(saved_caps); return FALSE; } _validate_file_type(name, open_opts); *fd = _open_fd(name, open_opts, perm_opts); if (!is_file_device(name)) _set_fd_permission(perm_opts, *fd); g_process_cap_restore(saved_caps); msg_trace("affile_open_file", evt_tag_str("path", name), evt_tag_int("fd", *fd), NULL); return (*fd != -1); }
gint cfg_ls_hfo_format_value(gchar *format) { if (strcmp(format, "sha1") == 0) return LS_HFO_SHA1; else if (strcmp(format, "md5") == 0) return LS_HFO_MD5; else { msg_error("Invalid ls_hfo_format() value", evt_tag_str("value", format), NULL); return LS_HFO_SHA1; } }
void _handler_directory_deleted(WildcardSourceDriver *self, const DirectoryMonitorEvent *event) { gchar *key; DirectoryMonitor *monitor; gboolean found = g_hash_table_lookup_extended(self->directory_monitors, event->full_path, (gpointer *)&key, (gpointer *)&monitor); if (found) { msg_debug("Monitored directory is deleted", evt_tag_str("dir", event->full_path)); g_hash_table_steal(self->directory_monitors, event->full_path); g_free(key); directory_monitor_schedule_destroy(monitor); } }
static void log_db_parser_reload_database(LogDBParser *self) { struct stat st; GlobalConfig *cfg = log_pipe_get_config(&self->super.super); if (stat(self->db_file, &st) < 0) { msg_error("Error stating pattern database file, no automatic reload will be performed", evt_tag_str("error", g_strerror(errno)), NULL); return; } if ((self->db_file_inode == st.st_ino && self->db_file_mtime == st.st_mtime)) { return; } self->db_file_inode = st.st_ino; self->db_file_mtime = st.st_mtime; if (!pattern_db_reload_ruleset(self->db, cfg, self->db_file)) { msg_error("Error reloading pattern database, no automatic reload will be performed", NULL); } else { /* free the old database if the new was loaded successfully */ msg_notice("Log pattern database reloaded", evt_tag_str("file", self->db_file), evt_tag_str("version", pattern_db_get_ruleset_version(self->db)), evt_tag_str("pub_date", pattern_db_get_ruleset_pub_date(self->db)), NULL); } }
gpointer r_parser_pcre_compile_state(const gchar *expr) { RParserPCREState *self = g_new0(RParserPCREState, 1); const gchar *errptr; gint erroffset; gint rc; self->re = pcre_compile2(expr, PCRE_ANCHORED, &rc, &errptr, &erroffset, NULL); if (!self->re) { msg_error("Error while compiling regular expression", evt_tag_str("regular_expression", expr), evt_tag_str("error_at", &expr[erroffset]), evt_tag_int("error_offset", erroffset), evt_tag_str("error_message", errptr), evt_tag_int("error_code", rc), NULL); g_free(self); return NULL; } self->extra = pcre_study(self->re, 0, &errptr); if (errptr) { msg_error("Error while optimizing regular expression", evt_tag_str("regular_expression", expr), evt_tag_str("error_message", errptr), NULL); pcre_free(self->re); if (self->extra) pcre_free(self->extra); g_free(self); return NULL; } return (gpointer) self; }
static void _perl_thread_init(LogThrDestDriver *d) { PerlDestDriver *self = (PerlDestDriver *)d; PerlInterpreter *my_perl; char *argv[] = { "syslog-ng", self->filename }; self->perl = perl_alloc(); perl_construct(self->perl); my_perl = self->perl; PL_exit_flags |= PERL_EXIT_DESTRUCT_END; perl_parse(self->perl, xs_init, 2, (char **)argv, NULL); if (!self->queue_func_name) self->queue_func_name = g_strdup("queue"); if (self->init_func_name) _call_perl_function_with_no_arguments(self, self->init_func_name); msg_verbose("Initializing Perl destination", evt_tag_str("driver", self->super.super.super.id), evt_tag_str("script", self->filename), NULL); }
void tls_log_certificate_validation_progress(int ok, X509_STORE_CTX *ctx) { X509 *xs; GString *subject_name, *issuer_name; xs = X509_STORE_CTX_get_current_cert(ctx); subject_name = g_string_sized_new(128); issuer_name = g_string_sized_new(128); tls_x509_format_dn(X509_get_subject_name(xs), subject_name); tls_x509_format_dn(X509_get_issuer_name(xs), issuer_name); if (ok) { msg_debug("Certificate validation progress", evt_tag_str("subject", subject_name->str), evt_tag_str("issuer", issuer_name->str), NULL); } else { gint errnum, errdepth; errnum = X509_STORE_CTX_get_error(ctx); errdepth = X509_STORE_CTX_get_error_depth(ctx); msg_error("Certificate validation failed", evt_tag_str("subject", subject_name->str), evt_tag_str("issuer", issuer_name->str), evt_tag_str("error", X509_verify_cert_error_string(errnum)), evt_tag_int("depth", errdepth), NULL); } g_string_free(subject_name, TRUE); g_string_free(issuer_name, TRUE); }
static void afsocket_sd_close_connection(AFSocketSourceDriver *self, AFSocketSourceConnection *sc) { gchar buf1[MAX_SOCKADDR_STRING], buf2[MAX_SOCKADDR_STRING]; if (service_flag) { if (sc->peer_addr->sa.sa_family != AF_UNIX) msg_notice("Syslog connection closed", evt_tag_int("fd", sc->sock), evt_tag_str("client", g_sockaddr_format(sc->peer_addr, buf1, sizeof(buf1), GSA_FULL)), evt_tag_str("local", g_sockaddr_format(self->bind_addr, buf2, sizeof(buf2), GSA_FULL)), NULL); else msg_verbose("Syslog connection closed", evt_tag_int("fd", sc->sock), evt_tag_str("client", g_sockaddr_format(sc->peer_addr, buf1, sizeof(buf1), GSA_FULL)), evt_tag_str("local", g_sockaddr_format(self->bind_addr, buf2, sizeof(buf2), GSA_FULL)), NULL); } log_pipe_deinit(&sc->super); log_pipe_unref(&sc->super); self->num_connections--; }
static gboolean file_exists(const gchar *fname) { if (!fname) return FALSE; if (access(fname, R_OK) < 0) { msg_error("Error opening TLS file", evt_tag_str("filename", fname), evt_tag_errno("error", errno), NULL); return FALSE; } return TRUE; }
int main(void) { EVTCONTEXT *ctx; EVTREC *e; char *es; ctx = evt_ctx_init("evtfmt", LOG_AUTH); e = evt_rec_init(ctx, LOG_INFO, "Test message with an embedded ';' in it. It also contains an <XML> like tag."); evt_rec_add_tags(e, evt_tag_str("test:tag", "'value'"), evt_tag_str("test:tag2", "\n\n\n\n"), evt_tag_int("test:fd", fileno(stderr)), evt_tag_errno("test:error", EAGAIN), evt_tag_printf("test:printf", "%d %d", 5, 6), NULL); es = evt_format(e); printf("%s\n", es); free(es); evt_log(e); return 0; }
/* * NOTE: the channel is not in nonblocking mode, thus the control channel * may block syslog-ng completely. */ static gboolean control_channel_input(GIOChannel *channel, GIOCondition cond, gpointer user_data) { GString *command = g_string_sized_new(32); gsize command_len = 0; GError *error = NULL; gint cmd; GIOStatus status; status = g_io_channel_read_line_string(channel, command, &command_len, &error); if (status == G_IO_STATUS_ERROR) { msg_error("Error reading command on control channel, closing control channel", evt_tag_str("error", error->message), NULL); g_clear_error(&error); return FALSE; } else if (status != G_IO_STATUS_NORMAL) { /* EAGAIN or EOF */ msg_verbose("EOF or EAGAIN on control channel, closing control channel", NULL); return FALSE; } /* strip EOL */ g_string_truncate(command, command_len); for (cmd = 0; commands[cmd].func; cmd++) { if (strncmp(commands[cmd].command, command->str, strlen(commands[cmd].command)) == 0) return commands[cmd].func(channel, command); } msg_error("Unknown command read on control channel, closing control channel", evt_tag_str("command", command->str), NULL); return FALSE; }
static gboolean afsocket_dd_setup_proto_factory(AFSocketDestDriver *self) { GlobalConfig *cfg = log_pipe_get_config(&self->super.super.super); self->proto_factory = log_proto_client_get_factory(cfg, self->transport_mapper->logproto); if (!self->proto_factory) { msg_error("Unknown value specified in the transport() option, no such LogProto plugin found", evt_tag_str("transport", self->transport_mapper->logproto), NULL); return FALSE; } return TRUE; }
static void redis_worker_thread_init(LogThrDestDriver *d) { RedisDriver *self = (RedisDriver *)d; msg_debug("Worker thread started", evt_tag_str("driver", self->super.super.super.id), NULL); self->key_str = g_string_sized_new(1024); self->param1_str = g_string_sized_new(1024); self->param2_str = g_string_sized_new(1024); redis_dd_connect(self, FALSE); }
void http_dd_set_method(LogDriver *d, const gchar *method) { HTTPDestinationDriver *self = (HTTPDestinationDriver *) d; if (g_ascii_strcasecmp(method, "POST") == 0) self->method_type = METHOD_TYPE_POST; else if (g_ascii_strcasecmp(method, "PUT") == 0) self->method_type = METHOD_TYPE_PUT; else { msg_warning("Unsupported method is set(Only POST and PUT are supported), default method POST will be used", evt_tag_str("method", method)); self->method_type = METHOD_TYPE_POST; } }
static PollEvents * affile_sd_construct_poll_events(AFFileSourceDriver *self, gint fd) { if (self->follow_freq > 0) return poll_file_changes_new(fd, self->filename->str, self->follow_freq, &self->super.super.super); else if (fd >= 0 && _is_fd_pollable(fd)) return poll_fd_events_new(fd); else { msg_error("Unable to determine how to monitor this file, follow_freq() unset and it is not possible to poll it with the current ivykis polling method. Set follow-freq() for regular files or change IV_EXCLUDE_POLL_METHOD environment variable to override the automatically selected polling method", evt_tag_str("filename", self->filename->str), evt_tag_int("fd", fd), NULL); return NULL; } }
static void affile_sd_recover_state(LogPipe *s, GlobalConfig *cfg, LogProtoServer *proto) { AFFileSourceDriver *self = (AFFileSourceDriver *) s; if (self->file_open_options.is_pipe || self->follow_freq <= 0) return; if (!log_proto_server_restart_with_state(proto, cfg->state, affile_sd_format_persist_name(self))) { msg_error("Error converting persistent state from on-disk format, losing file position information", evt_tag_str("filename", self->filename->str), NULL); return; } }
gboolean confgen_generate(CfgLexer *lexer, gint type, const gchar *name, CfgArgs *args, gpointer user_data) { gchar *value; gsize value_len = 0; FILE *out; gchar *exec = (gchar *) user_data; gsize res; gchar buf[256]; gboolean result; g_snprintf(buf, sizeof(buf), "%s confgen %s", cfg_lexer_lookup_context_name_by_type(type), name); if (!cfg_args_validate(args, NULL, buf)) { msg_error("confgen: confgen invocations do not process arguments, but your argument list is not empty", evt_tag_str("context", cfg_lexer_lookup_context_name_by_type(type)), evt_tag_str("block", name)); return FALSE; } out = popen((gchar *) user_data, "r"); if (!out) { msg_error("confgen: Error executing generator program", evt_tag_str("context", cfg_lexer_lookup_context_name_by_type(type)), evt_tag_str("block", name), evt_tag_str("exec", exec), evt_tag_errno("error", errno)); return FALSE; } value = g_malloc(1024); while ((res = fread(value + value_len, 1, 1024, out)) > 0) { value_len += res; value = g_realloc(value, value_len + 1024); } res = pclose(out); if (res != 0) { msg_error("confgen: Generator program returned with non-zero exit code", evt_tag_str("block", name), evt_tag_str("exec", exec), evt_tag_int("rc", res)); g_free(value); return FALSE; } result = cfg_lexer_include_buffer(lexer, buf, value, value_len); g_free(value); return result; }
static void afprogram_sd_exit(pid_t pid, int status, gpointer s) { AFProgramSourceDriver *self = (AFProgramSourceDriver *) s; /* Note: self->process_info.pid being -1 means that deinit was called, thus we don't * need to restart the command. self->process_info.pid might change due to EPIPE * handling restarting the command before this handler is run. */ if (self->process_info.pid != -1 && self->process_info.pid == pid) { msg_verbose("Child program exited", evt_tag_str("cmdline", self->process_info.cmdline->str), evt_tag_int("status", status)); self->process_info.pid = -1; } }
static gboolean control_channel_message_log(GIOChannel *channel, GString *command) { gchar **cmds = g_strsplit(command->str, " ", 3); gboolean on; int *type = NULL; if (!cmds[1]) { control_channel_send_reply(channel, g_string_new("Invalid arguments received")); goto exit; } if (g_str_equal(cmds[1], "DEBUG")) type = &debug_flag; else if (g_str_equal(cmds[1], "VERBOSE")) type = &verbose_flag; else if (g_str_equal(cmds[1], "TRACE")) type = &trace_flag; if (type) { if (cmds[2]) { on = g_str_equal(cmds[2], "ON"); if (*type != on) { msg_info("Verbosity changed", evt_tag_str("type", cmds[1]), evt_tag_int("on", on), NULL); *type = on; } control_channel_send_reply(channel, g_string_new("OK")); } else { gchar buff[17]; snprintf(buff, 16, "%s=%d", cmds[1], *type); control_channel_send_reply(channel, g_string_new(buff)); } } else control_channel_send_reply(channel, g_string_new("Invalid arguments received")); exit: g_strfreev(cmds); return TRUE; }
static gboolean afprogram_sd_init(LogPipe *s) { AFProgramSourceDriver *self = (AFProgramSourceDriver *) s; GlobalConfig *cfg = log_pipe_get_config(s); gint fd; if (!log_src_driver_init_method(s)) return FALSE; if (cfg) log_reader_options_init(&self->reader_options, cfg, self->super.super.group); msg_verbose("Starting source program", evt_tag_str("cmdline", self->cmdline->str), NULL); if (!afprogram_popen(self->cmdline->str, G_IO_IN, &self->pid, &fd)) return FALSE; /* parent */ child_manager_register(self->pid, afprogram_sd_exit, log_pipe_ref(&self->super.super.super), (GDestroyNotify) log_pipe_unref); g_fd_set_nonblock(fd, TRUE); g_fd_set_cloexec(fd, TRUE); if (!self->reader) { LogTransport *transport; transport = log_transport_plain_new(fd, 0); transport->timeout = 10; self->reader = log_reader_new(log_proto_text_server_new(transport, self->reader_options.msg_size, 0)); log_reader_set_options(self->reader, s, &self->reader_options, 0, SCS_PROGRAM, self->super.super.id, self->cmdline->str); } log_pipe_append(self->reader, &self->super.super.super); if (!log_pipe_init(self->reader, NULL)) { msg_error("Error initializing program source, closing fd", evt_tag_int("fd", fd), NULL); log_pipe_unref(self->reader); self->reader = NULL; close(fd); return FALSE; } return TRUE; }
static gboolean _truncate_file(QDisk *self, gint64 new_size) { gboolean success = TRUE; if (ftruncate(self->fd, (glong)new_size) < 0) { success = FALSE; msg_error("Error truncating disk-queue file", evt_tag_errno("error", errno), evt_tag_str("filename", self->filename), evt_tag_int("newsize",self->hdr->write_head), evt_tag_int("fd",self->fd)); } return success; }
void main_loop_run(void) { msg_notice("syslog-ng starting up", evt_tag_str("version", SYSLOG_NG_VERSION)); /* main loop */ service_management_indicate_readiness(); service_management_clear_status(); if (interactive_mode) { plugin_load_module("python", current_configuration, NULL); debugger_start(current_configuration); } iv_main(); service_management_publish_status("Shutting down..."); }
static void main_loop_exit_initiate(void) { if (main_loop_is_terminating()) return; msg_notice("syslog-ng shutting down", evt_tag_str("version", SYSLOG_NG_VERSION)); IV_TIMER_INIT(&main_loop_exit_timer); iv_validate_now(); main_loop_exit_timer.expires = iv_now; main_loop_exit_timer.handler = main_loop_exit_timer_elapsed; timespec_add_msec(&main_loop_exit_timer.expires, 100); iv_timer_register(&main_loop_exit_timer); __main_loop_is_terminating = TRUE; }
static gboolean _call_perl_function_with_no_arguments(PerlDestDriver *self, const gchar *fname) { PerlInterpreter *my_perl = self->perl; char *args[] = { NULL }; dSP; int count, r = 0; ENTER; SAVETMPS; count = call_argv(fname, G_SCALAR | G_EVAL | G_NOARGS, args); SPAGAIN; if (SvTRUE(ERRSV)) { msg_error("Error while calling a Perl function", evt_tag_str("driver", self->super.super.super.id), evt_tag_str("script", self->filename), evt_tag_str("function", fname), evt_tag_str("error-message", SvPV_nolen(ERRSV)), NULL); (void) POPs; goto exit; } if (count != 1) { msg_error("Too many values returned by a Perl function", evt_tag_str("driver", self->super.super.super.id), evt_tag_str("script", self->filename), evt_tag_str("function", fname), evt_tag_int("returned-values", count), evt_tag_int("expected-values", 1), NULL); return FALSE; } r = POPi; exit: PUTBACK; FREETMPS; LEAVE; return (r != 0); }