mirror of
https://github.com/zeek/zeek.git
synced 2025-10-07 17:18:20 +00:00
Adapted for API similarity with Robin's logging framework code.
This commit is contained in:
Seth Hall
parent
ffa494e428
commit
fe85a3e4d2
3 changed files with 21 additions and 20 deletions
|
|
@ -1,4 +1,4 @@
|
|||
module Logging;
|
||||
module Log;
|
||||
|
||||
export {
|
||||
# The set of writers Bro provides.
|
||||
|
|
@ -67,7 +67,7 @@ export {
|
|||
|
||||
# Logs the record "rec" to the stream "id". The type of
|
||||
# "rec" must match the stream's "columns" field.
|
||||
global log: function(id: string, rec: any);
|
||||
global write: function(id: string, rec: any);
|
||||
#global log_ev: event(id: string, rec: any);
|
||||
|
||||
# Returns an existing filter previously installed for stream
|
||||
|
|
@ -75,6 +75,7 @@ export {
|
|||
# the record "NoSuchFilter" is returned.
|
||||
global get_filter: function(id: string, name: string) : Filter;
|
||||
|
||||
|
||||
global create_stream: function(id: string, log_record_type: string);
|
||||
global add_filter: function(id: string, filter: Filter);
|
||||
global remove_filter: function(id: string, filter: string): bool;
|
||||
|
|
@ -164,7 +165,7 @@ event file_opened(f: file) &priority=10
|
|||
}
|
||||
}
|
||||
|
||||
function log(id: string, rec: any)
|
||||
function write(id: string, rec: any)
|
||||
{
|
||||
logging_log(id, rec);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,10 +1,10 @@
|
|||
module SSH;
|
||||
module TEST_LOGGING;
|
||||
|
||||
@load logging
|
||||
|
||||
export {
|
||||
# Create a new ID for our log stream
|
||||
#redef enum Logging::ID += { LOG_SSH };
|
||||
redef enum Log::ID += { TEST_LOGGING };
|
||||
|
||||
# Define a record with all the columns the log file can have.
|
||||
# (I'm using a subset of fields from ssh-ext for demonstration.)
|
||||
|
|
@ -17,7 +17,7 @@ export {
|
|||
|
||||
# This is the prototype for the event that the logging framework tries
|
||||
# to generate if there is a handler for it.
|
||||
#global log: event(rec: Log);
|
||||
global log: event(rec: Log);
|
||||
}
|
||||
|
||||
event bro_init()
|
||||
|
|
@ -25,12 +25,12 @@ event bro_init()
|
|||
# Create the stream.
|
||||
# First argument is the ID for the stream.
|
||||
# Second argument is the log record type.
|
||||
Logging::create_stream("ssh", "SSH::Log");
|
||||
Log::create_stream("TEST_LOGGING", "TEST_LOGGING::Log");
|
||||
|
||||
# Add a default filter that simply logs everything to "ssh.log" using the default writer.
|
||||
# Log line event generation is autogenerated for now by checking for
|
||||
# handlers for MODULE_NAME::log (which isn't the right thing to do, but it will be dealt with later)
|
||||
Logging::add_default_filter("ssh");
|
||||
Log::add_default_filter("TEST_LOGGING");
|
||||
|
||||
# There is currently some problem with &optional values in the records
|
||||
# passed into the predicate. Maybe it's because I'm not really coercing
|
||||
|
|
@ -42,18 +42,18 @@ event bro_init()
|
|||
|
||||
# Printing headers for the filters doesn't work yet either and needs to
|
||||
# be considered in the final design. (based on the "select" set).
|
||||
#Logging::add_filter("ssh", [$name="successful logins",
|
||||
#Log::add_filter("ssh", [$name="successful logins",
|
||||
# #$pred(rec: Log) = { print rec$status; return T; },
|
||||
# $path="ssh-logins",
|
||||
# #$select=set("t"),
|
||||
# $writer=Logging::WRITER_CSV]);
|
||||
# $writer=Log::WRITER_CSV]);
|
||||
|
||||
# Log something.
|
||||
Logging::log("ssh", [$t=network_time(),$status="success"]);
|
||||
Logging::log("ssh", [$t=network_time(),$status="failure", $country="US"]);
|
||||
Logging::log("ssh", [$t=network_time(),$status="failure", $country="UK"]);
|
||||
Logging::log("ssh", [$t=network_time(),$status="success", $country="BR"]);
|
||||
Logging::log("ssh", [$t=network_time(),$status="failure", $country="MX"]);
|
||||
Log::write("TEST_LOGGING", [$t=network_time(),$status="success"]);
|
||||
Log::write("TEST_LOGGING", [$t=network_time(),$status="failure", $country="US"]);
|
||||
Log::write("TEST_LOGGING", [$t=network_time(),$status="failure", $country="UK"]);
|
||||
Log::write("TEST_LOGGING", [$t=network_time(),$status="success", $country="BR"]);
|
||||
Log::write("TEST_LOGGING", [$t=network_time(),$status="failure", $country="MX"]);
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
10
src/bro.bif
10
src/bro.bif
|
|
@ -367,7 +367,7 @@ function logging_log%(index: string, rec: any%): any
|
|||
RecordVal *recval = rec->AsRecordVal();
|
||||
|
||||
// Lookup the stream
|
||||
TableVal *streams = opt_internal_table("Logging::streams");
|
||||
TableVal *streams = opt_internal_table("Log::streams");
|
||||
VectorVal *columns;
|
||||
RecordVal *stream_record;
|
||||
if ( streams )
|
||||
|
|
@ -381,12 +381,12 @@ function logging_log%(index: string, rec: any%): any
|
|||
}
|
||||
else
|
||||
{
|
||||
printf("Logging framework is dead (Logging::streams not found).\n");
|
||||
printf("Logging framework is dead (Log::streams not found).\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
// Lookup all filters for stream
|
||||
TableVal *filters = opt_internal_table("Logging::filters");
|
||||
TableVal *filters = opt_internal_table("Log::filters");
|
||||
TableVal *stream_filters;
|
||||
if ( filters )
|
||||
{
|
||||
|
|
@ -396,7 +396,7 @@ function logging_log%(index: string, rec: any%): any
|
|||
}
|
||||
else
|
||||
{
|
||||
printf("Logging framework is dead (Logging::filters not found).\n");
|
||||
printf("Logging framework is dead (Log::filters not found).\n");
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
@ -448,7 +448,7 @@ function logging_log%(index: string, rec: any%): any
|
|||
|
||||
// Get the file with the "path" name found above for this filter.
|
||||
// Open a new file is one does not exist yet.
|
||||
TableVal *logging_files = opt_internal_table("Logging::files");
|
||||
TableVal *logging_files = opt_internal_table("Log::files");
|
||||
Val *ff = logging_files->Lookup(path);
|
||||
if ( !ff )
|
||||
{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue