#include "suricata-common.h"#include "detect.h"#include "flow.h"#include "conf.h"#include "threads.h"#include "tm-threads.h"#include "threadvars.h"#include "util-debug.h"#include "util-unittest.h"#include "util-unittest-helper.h"#include "detect-parse.h"#include "detect-engine.h"#include "detect-engine-build.h"#include "detect-engine-mpm.h"#include "detect-reference.h"#include "util-classification-config.h"#include "output.h"#include "alert-fastlog.h"#include "util-privs.h"#include "util-print.h"#include "util-proto-name.h"#include "util-optimize.h"#include "util-logopenfile.h"#include "util-time.h"#include "action-globals.h"
Go to the source code of this file.
Data Structures | |
| struct | AlertFastLogThread_ |
Macros | |
| #define | DEFAULT_LOG_FILENAME "fast.log" |
| #define | MODULE_NAME "AlertFastLog" |
| #define | MAX_FASTLOG_ALERT_SIZE 2048 |
| #define | MAX_FASTLOG_BUFFER_SIZE (2 * MAX_FASTLOG_ALERT_SIZE) |
Typedefs | |
| typedef struct AlertFastLogThread_ | AlertFastLogThread |
Functions | |
| TmEcode | AlertFastLogThreadInit (ThreadVars *, const void *, void **) |
| TmEcode | AlertFastLogThreadDeinit (ThreadVars *, void *) |
| void | AlertFastLogRegisterTests (void) |
| This function registers unit tests for AlertFastLog API. More... | |
| int | AlertFastLogger (ThreadVars *tv, void *data, const Packet *p) |
| void | AlertFastLogRegister (void) |
| OutputInitResult | AlertFastLogInitCtx (ConfNode *conf) |
| Create a new LogFileCtx for "fast" output style. More... | |
Detailed Description
Logs alerts in a line based text format compatible to Snort's alert_fast format.
Definition in file alert-fastlog.c.
Macro Definition Documentation
◆ DEFAULT_LOG_FILENAME
| #define DEFAULT_LOG_FILENAME "fast.log" |
Definition at line 60 of file alert-fastlog.c.
◆ MAX_FASTLOG_ALERT_SIZE
| #define MAX_FASTLOG_ALERT_SIZE 2048 |
Definition at line 65 of file alert-fastlog.c.
◆ MAX_FASTLOG_BUFFER_SIZE
| #define MAX_FASTLOG_BUFFER_SIZE (2 * MAX_FASTLOG_ALERT_SIZE) |
Definition at line 68 of file alert-fastlog.c.
◆ MODULE_NAME
| #define MODULE_NAME "AlertFastLog" |
Definition at line 62 of file alert-fastlog.c.
Typedef Documentation
◆ AlertFastLogThread
| typedef struct AlertFastLogThread_ AlertFastLogThread |
Function Documentation
◆ AlertFastLogger()
| int AlertFastLogger | ( | ThreadVars * | tv, |
| void * | data, | ||
| const Packet * | p | ||
| ) |
Definition at line 102 of file alert-fastlog.c.
References CreateTimeString(), and Packet_::ts.
Referenced by AlertFastLogRegister().
◆ AlertFastLogInitCtx()
| OutputInitResult AlertFastLogInitCtx | ( | ConfNode * | conf | ) |
Create a new LogFileCtx for "fast" output style.
- Parameters
-
conf The configuration node for this output.
- Returns
- A LogFileCtx pointer on success, NULL on failure.
Definition at line 226 of file alert-fastlog.c.
References OutputCtx_::data, DEFAULT_LOG_FILENAME, OutputCtx_::DeInit, LogFileFreeCtx(), LogFileNewCtx(), SCCalloc, SCConfLogOpenGeneric(), SCLogDebug, and unlikely.
Referenced by AlertFastLogRegister().
◆ AlertFastLogRegister()
| void AlertFastLogRegister | ( | void | ) |
Definition at line 77 of file alert-fastlog.c.
References AlertFastLogger(), AlertFastLogInitCtx(), LOGGER_ALERT_FAST, MODULE_NAME, and OutputRegisterPacketModule().
Referenced by OutputRegisterLoggers().
◆ AlertFastLogRegisterTests()
| void AlertFastLogRegisterTests | ( | void | ) |
This function registers unit tests for AlertFastLog API.
Definition at line 352 of file alert-fastlog.c.
References UtRegisterTest().
◆ AlertFastLogThreadDeinit()
| TmEcode AlertFastLogThreadDeinit | ( | ThreadVars * | t, |
| void * | data | ||
| ) |
Definition at line 207 of file alert-fastlog.c.
References SCFree, and TM_ECODE_OK.
◆ AlertFastLogThreadInit()
| TmEcode AlertFastLogThreadInit | ( | ThreadVars * | t, |
| const void * | initdata, | ||
| void ** | data | ||
| ) |
Use the Output Context (file pointer and mutex)
Definition at line 189 of file alert-fastlog.c.
References AlertFastLogThread_::file_ctx, SCCalloc, SCFree, SCLogDebug, TM_ECODE_FAILED, TM_ECODE_OK, and unlikely.
