Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-15 04:58:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Working on the logging API exposed to scripts.

Browse source 
- Moving all functions into the Log::* namespace, using the recent
  bifcl updates. Moved logging-specific stuff to logging.bif.

- Log::create_stream() now takes a record Log::Stream as its second
  argument, which specifies columns and (optionally) the event.

- All the internal BiFs are now called "Log::__<something>", with
  script-level wrappers "Log::<something>". That first allows to add
  additional code at the script-level, and second makes things better
  comprehendible as now all relevant functionality is collected (and
  later documetned) in policy/logging.bro.

- New function Log::flush(id), which does the obvious assuming the
  writer supports it.

- add_default_filter() is now called implicitly with every
  create_stream(). Seems that we usually want that functionality, and
  when not, remove_default_filter() gets rid of it.

- The namespace of a stream's ID is now used as the default "path"
  (e.g., if the namespace is SSH, the default log file is "ssh.log").

- Updated policy/test-logging.bro as well as the btest tests according
  to these changes.
This commit is contained in:
Robin Sommer 2011-02-27 15:05:47 -08:00
parent e3b2748fa6
commit ab15437339
26 changed files with 337 additions and 451 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/LogMgr.h
View file

@ -55,11 +55,12 @@ public:
// These correspond to the BiFs visible on the scripting layer. The
// actual BiFs just forward here.
bool CreateStream(EnumVal* stream_id, RecordType* columns, EventHandlerPtr handler);
bool AddFilter(EnumVal* stream_id, RecordVal* filter);
bool RemoveFilter(EnumVal* stream_id, StringVal* filter);
bool Write(EnumVal* stream_id, RecordVal* columns);
bool SetBuf(EnumVal* stream_id, bool enabled); // Changes the state for all writers for that stream.
bool CreateStream(EnumVal* id, RecordVal* stream);
bool AddFilter(EnumVal* id, RecordVal* filter);
bool RemoveFilter(EnumVal* id, StringVal* filter);
bool Write(EnumVal* id, RecordVal* columns);
bool SetBuf(EnumVal* id, bool enabled); // Changes the state for all writers for that stream.
bool Flush(EnumVal* id); // Flushes all writers for the stream.
protected:
friend class LogWriter;
@ -75,7 +76,7 @@ private:
bool TraverseRecord(Filter* filter, RecordType* rt, TableVal* include, TableVal* exclude, string path, list<int> indices);
LogVal** RecordToFilterVals(Filter* filter, RecordVal* columns);
Stream* FindStream(EnumVal* stream_id);
Stream* FindStream(EnumVal* id);
void RemoveDisabledWriters(Stream* stream);
vector<Stream *> streams; // Indexed by stream enum.