aboutsummaryrefslogtreecommitdiffstats
path: root/VES5.0/evel/evel-library/code/evel_library/evel_syslog.c
diff options
context:
space:
mode:
Diffstat (limited to 'VES5.0/evel/evel-library/code/evel_library/evel_syslog.c')
-rw-r--r--VES5.0/evel/evel-library/code/evel_library/evel_syslog.c514
1 files changed, 514 insertions, 0 deletions
diff --git a/VES5.0/evel/evel-library/code/evel_library/evel_syslog.c b/VES5.0/evel/evel-library/code/evel_library/evel_syslog.c
new file mode 100644
index 00000000..b1267065
--- /dev/null
+++ b/VES5.0/evel/evel-library/code/evel_library/evel_syslog.c
@@ -0,0 +1,514 @@
+/**************************************************************************//**
+ * @file
+ * Implementation of EVEL functions relating to the Syslog.
+ *
+ * License
+ * -------
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement: This product includes
+ * software developed by the AT&T.
+ * 4. Neither the name of AT&T nor the names of its contributors may be used to
+ * endorse or promote products derived from this software without specific
+ * prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY AT&T INTELLECTUAL PROPERTY ''AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL AT&T INTELLECTUAL PROPERTY BE LIABLE FOR ANY
+ * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *****************************************************************************/
+
+#include <string.h>
+#include <assert.h>
+#include <stdlib.h>
+
+#include "evel_throttle.h"
+
+/**************************************************************************//**
+ * Create a new Syslog event.
+ *
+ * @note The mandatory fields on the Syslog must be supplied to this factory
+ * function and are immutable once set. Optional fields have explicit
+ * setter functions, but again values may only be set once so that the
+ * Syslog has immutable properties.
+ * @param event_source_type The type of Syslog event source.
+ * @param syslog_msg The Syslog event message.
+ * @param syslog_tag The messgaeId identifying the type of message.
+ * @returns pointer to the newly manufactured ::EVENT_SYSLOG. If the event is
+ * not used (i.e. posted) it must be released using
+ * ::evel_free_syslog.
+ * @retval NULL Failed to create the event.
+ *****************************************************************************/
+EVENT_SYSLOG * evel_new_syslog(EVEL_SOURCE_TYPES event_source_type,
+ const char * const syslog_msg,
+ const char * const syslog_tag)
+{
+ EVENT_SYSLOG * syslog = NULL;
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(event_source_type < EVEL_MAX_SOURCE_TYPES);
+ assert(syslog_msg != NULL);
+ assert(syslog_tag != NULL);
+
+ /***************************************************************************/
+ /* Allocate the Syslog. */
+ /***************************************************************************/
+ syslog = malloc(sizeof(EVENT_SYSLOG));
+ if (syslog == NULL)
+ {
+ log_error_state("Out of memory");
+ goto exit_label;
+ }
+ memset(syslog, 0, sizeof(EVENT_SYSLOG));
+ EVEL_DEBUG("New Syslog is at %lp", syslog);
+
+ /***************************************************************************/
+ /* Initialize the header & the Syslog fields. Optional string values are */
+ /* uninitialized (NULL). */
+ /***************************************************************************/
+ evel_init_header(&syslog->header,"Syslog");
+ syslog->header.event_domain = EVEL_DOMAIN_SYSLOG;
+ syslog->major_version = EVEL_SYSLOG_MAJOR_VERSION;
+ syslog->minor_version = EVEL_SYSLOG_MINOR_VERSION;
+ syslog->event_source_type = event_source_type;
+ syslog->syslog_msg = strdup(syslog_msg);
+ syslog->syslog_tag = strdup(syslog_tag);
+ evel_init_option_int(&syslog->syslog_facility);
+ evel_init_option_int(&syslog->syslog_proc_id);
+ evel_init_option_int(&syslog->syslog_ver);
+ evel_init_option_string(&syslog->additional_filters);
+ evel_init_option_string(&syslog->event_source_host);
+ evel_init_option_string(&syslog->syslog_proc);
+ evel_init_option_string(&syslog->syslog_s_data);
+ evel_init_option_string(&syslog->syslog_sdid);
+ evel_init_option_string(&syslog->syslog_severity);
+
+exit_label:
+ EVEL_EXIT();
+ return syslog;
+}
+
+/**************************************************************************//**
+ * Set the Event Type property of the Syslog.
+ *
+ * @note The property is treated as immutable: it is only valid to call
+ * the setter once. However, we don't assert if the caller tries to
+ * overwrite, just ignoring the update instead.
+ *
+ * @param syslog Pointer to the syslog.
+ * @param type The Event Type to be set. ASCIIZ string. The caller
+ * does not need to preserve the value once the function
+ * returns.
+ *****************************************************************************/
+void evel_syslog_type_set(EVENT_SYSLOG * syslog,
+ const char * const type)
+{
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions and call evel_header_type_set. */
+ /***************************************************************************/
+ assert(syslog != NULL);
+ assert(syslog->header.event_domain == EVEL_DOMAIN_SYSLOG);
+ evel_header_type_set(&syslog->header, type);
+
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Add an additional value name/value pair to the Syslog.
+ *
+ * The name and value are null delimited ASCII strings. The library takes
+ * a copy so the caller does not have to preserve values after the function
+ * returns.
+ *
+ * @param syslog Pointer to the syslog.
+ * @param name ASCIIZ string with the attribute's name. The caller
+ * does not need to preserve the value once the function
+ * returns.
+ * @param value ASCIIZ string with the attribute's value. The caller
+ * does not need to preserve the value once the function
+ * returns.
+ *****************************************************************************/
+void evel_syslog_addl_filter_set(EVENT_SYSLOG * syslog,
+ char * filter)
+{
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(syslog != NULL);
+ assert(syslog->header.event_domain == EVEL_DOMAIN_SYSLOG);
+ assert(filter != NULL);
+
+ evel_set_option_string(&syslog->additional_filters,
+ filter,
+ "Syslog filter string");
+
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Set the Event Source Host property of the Syslog.
+ *
+ * @note The property is treated as immutable: it is only valid to call
+ * the setter once. However, we don't assert if the caller tries to
+ * overwrite, just ignoring the update instead.
+ *
+ * @param syslog Pointer to the Syslog.
+ * @param host The Event Source Host to be set. ASCIIZ string. The caller
+ * does not need to preserve the value once the function
+ * returns.
+ *****************************************************************************/
+void evel_syslog_event_source_host_set(EVENT_SYSLOG * syslog,
+ const char * const host)
+{
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(syslog != NULL);
+ assert(syslog->header.event_domain == EVEL_DOMAIN_SYSLOG);
+ assert(host != NULL);
+
+ evel_set_option_string(&syslog->event_source_host,
+ host,
+ "Event Source Host");
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Set the Facility property of the Syslog.
+ *
+ * @note The property is treated as immutable: it is only valid to call
+ * the setter once. However, we don't assert if the caller tries to
+ * overwrite, just ignoring the update instead.
+ *
+ * @param syslog Pointer to the Syslog.
+ * @param facility The Syslog Facility to be set. ASCIIZ string. The caller
+ * does not need to preserve the value once the function
+ * returns.
+ *****************************************************************************/
+void evel_syslog_facility_set(EVENT_SYSLOG * syslog,
+ EVEL_SYSLOG_FACILITIES facility)
+{
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(syslog != NULL);
+ assert(syslog->header.event_domain == EVEL_DOMAIN_SYSLOG);
+ assert(facility < EVEL_MAX_SYSLOG_FACILITIES);
+
+ evel_set_option_int(&syslog->syslog_facility,
+ facility,
+ "Facility");
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Set the Process property of the Syslog.
+ *
+ * @note The property is treated as immutable: it is only valid to call
+ * the setter once. However, we don't assert if the caller tries to
+ * overwrite, just ignoring the update instead.
+ *
+ * @param syslog Pointer to the Syslog.
+ * @param proc The Process to be set. ASCIIZ string. The caller does not
+ * need to preserve the value once the function returns.
+ *****************************************************************************/
+void evel_syslog_proc_set(EVENT_SYSLOG * syslog, const char * const proc)
+{
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(syslog != NULL);
+ assert(syslog->header.event_domain == EVEL_DOMAIN_SYSLOG);
+ assert(proc != NULL);
+
+ evel_set_option_string(&syslog->syslog_proc, proc, "Process");
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Set the Process ID property of the Syslog.
+ *
+ * @note The property is treated as immutable: it is only valid to call
+ * the setter once. However, we don't assert if the caller tries to
+ * overwrite, just ignoring the update instead.
+ *
+ * @param syslog Pointer to the Syslog.
+ * @param proc_id The Process ID to be set. ASCIIZ string. The caller does
+ * not need to preserve the value once the function returns.
+ *****************************************************************************/
+void evel_syslog_proc_id_set(EVENT_SYSLOG * syslog, int proc_id)
+{
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(syslog != NULL);
+ assert(syslog->header.event_domain == EVEL_DOMAIN_SYSLOG);
+ assert(proc_id > 0);
+
+ evel_set_option_int(&syslog->syslog_proc_id,
+ proc_id,
+ "Process ID");
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Set the Version property of the Syslog.
+ *
+ * @note The property is treated as immutable: it is only valid to call
+ * the setter once. However, we don't assert if the caller tries to
+ * overwrite, just ignoring the update instead.
+ *
+ * @param syslog Pointer to the Syslog.
+ * @param version The Version to be set. ASCIIZ string. The caller does not
+ * need to preserve the value once the function returns.
+ *****************************************************************************/
+void evel_syslog_version_set(EVENT_SYSLOG * syslog, int version)
+{
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(syslog != NULL);
+ assert(syslog->header.event_domain == EVEL_DOMAIN_SYSLOG);
+ assert(version >= 0);
+
+ evel_set_option_int(&syslog->syslog_ver,
+ version,
+ "Version");
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Set the Structured Data property of the Syslog.
+ *
+ * @note The property is treated as immutable: it is only valid to call
+ * the setter once. However, we don't assert if the caller tries to
+ * overwrite, just ignoring the update instead.
+ *
+ * @param syslog Pointer to the Syslog.
+ * @param s_data The Structured Data to be set. ASCIIZ string. The caller
+ * does not need to preserve the value once the function
+ * returns.
+ *****************************************************************************/
+void evel_syslog_s_data_set(EVENT_SYSLOG * syslog, const char * const s_data)
+{
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(syslog != NULL);
+ assert(syslog->header.event_domain == EVEL_DOMAIN_SYSLOG);
+ assert(s_data != NULL);
+
+ evel_set_option_string(&syslog->syslog_s_data,
+ s_data,
+ "Structured Data");
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Set the Structured SDID property of the Syslog.
+ *
+ * @note The property is treated as immutable: it is only valid to call
+ * the setter once. However, we don't assert if the caller tries to
+ * overwrite, just ignoring the update instead.
+ *
+ * @param syslog Pointer to the Syslog.
+ * @param sdid The Structured Data to be set. ASCIIZ string. name@number
+ * Caller does not need to preserve the value once the function
+ * returns.
+ *****************************************************************************/
+void evel_syslog_sdid_set(EVENT_SYSLOG * syslog, const char * const sdid)
+{
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(syslog != NULL);
+ assert(syslog->header.event_domain == EVEL_DOMAIN_SYSLOG);
+ assert(sdid != NULL);
+
+ evel_set_option_string(&syslog->syslog_sdid,
+ sdid,
+ "SdId set");
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Set the Structured Severity property of the Syslog.
+ *
+ * @note The property is treated as immutable: it is only valid to call
+ * the setter once. However, we don't assert if the caller tries to
+ * overwrite, just ignoring the update instead.
+ *
+ * @param syslog Pointer to the Syslog.
+ * @param sdid The Structured Data to be set. ASCIIZ string.
+ * Caller does not need to preserve the value once the function
+ * returns.
+ *****************************************************************************/
+void evel_syslog_severity_set(EVENT_SYSLOG * syslog, const char * const severty)
+{
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(syslog != NULL);
+ assert(syslog->header.event_domain == EVEL_DOMAIN_SYSLOG);
+ assert(severty != NULL);
+
+ if( !strcmp(severty,"Alert") || !strcmp(severty,"Critical") || !strcmp(severty,"Debug") ||
+ !strcmp(severty,"Emergency") || !strcmp(severty,"Error") || !strcmp(severty,"Info") ||
+ !strcmp(severty,"Notice") || !strcmp(severty,"Warning") )
+ {
+ evel_set_option_string(&syslog->syslog_severity,
+ severty,
+ "Severity set");
+ }
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Encode the Syslog in JSON according to AT&T's schema for the event type.
+ *
+ * @param jbuf Pointer to the ::EVEL_JSON_BUFFER to encode into.
+ * @param event Pointer to the ::EVENT_HEADER to encode.
+ *****************************************************************************/
+void evel_json_encode_syslog(EVEL_JSON_BUFFER * jbuf,
+ EVENT_SYSLOG * event)
+{
+ char * event_source_type;
+
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. */
+ /***************************************************************************/
+ assert(event != NULL);
+ assert(event->header.event_domain == EVEL_DOMAIN_SYSLOG);
+
+ event_source_type = evel_source_type(event->event_source_type);
+
+ evel_json_encode_header(jbuf, &event->header);
+ evel_json_open_named_object(jbuf, "syslogFields");
+
+ evel_enc_kv_opt_string(jbuf, "additionalFields", &event->additional_filters);
+ /***************************************************************************/
+ /* Mandatory fields */
+ /***************************************************************************/
+ evel_enc_kv_string(jbuf, "eventSourceType", event_source_type);
+ evel_enc_kv_string(jbuf, "syslogMsg", event->syslog_msg);
+ evel_enc_kv_string(jbuf, "syslogTag", event->syslog_tag);
+ evel_enc_version(
+ jbuf, "syslogFieldsVersion", event->major_version, event->minor_version);
+
+ /***************************************************************************/
+ /* Optional fields */
+ /***************************************************************************/
+ evel_enc_kv_opt_string(jbuf, "eventSourceHost", &event->event_source_host);
+ evel_enc_kv_opt_int(jbuf, "syslogFacility", &event->syslog_facility);
+ evel_enc_kv_opt_int(jbuf, "syslogPri", &event->syslog_priority);
+ evel_enc_kv_opt_string(jbuf, "syslogProc", &event->syslog_proc);
+ evel_enc_kv_opt_int(jbuf, "syslogProcId", &event->syslog_proc_id);
+ evel_enc_kv_opt_string(jbuf, "syslogSData", &event->syslog_s_data);
+ evel_enc_kv_opt_string(jbuf, "syslogSdId", &event->syslog_sdid);
+ evel_enc_kv_opt_string(jbuf, "syslogSev", &event->syslog_severity);
+ evel_enc_kv_opt_int(jbuf, "syslogVer", &event->syslog_ver);
+ evel_json_close_object(jbuf);
+
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_KERNEL == 0);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_USER == 1);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_MAIL == 2);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_SYSTEM_DAEMON == 3);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_SECURITY_AUTH == 4);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_INTERNAL == 5);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LINE_PRINTER == 6);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_NETWORK_NEWS == 7);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_UUCP == 8);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_CLOCK_DAEMON == 9);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_SECURITY_AUTH2 == 10);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_FTP_DAEMON == 11);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_NTP == 12);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LOG_AUDIT == 13);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LOG_ALERT == 14);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_CLOCK_DAEMON2 == 15);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LOCAL0 == 16);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LOCAL1 == 17);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LOCAL2 == 18);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LOCAL3 == 19);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LOCAL4 == 20);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LOCAL5 == 21);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LOCAL6 == 22);
+ EVEL_CT_ASSERT(EVEL_SYSLOG_FACILITY_LOCAL7 == 23);
+
+ EVEL_EXIT();
+}
+
+/**************************************************************************//**
+ * Free a Syslog.
+ *
+ * Free off the Syslog supplied. Will free all the contained allocated memory.
+ *
+ * @note It does not free the Syslog itself, since that may be part of a
+ * larger structure.
+ *****************************************************************************/
+void evel_free_syslog(EVENT_SYSLOG * event)
+{
+
+ EVEL_ENTER();
+
+ /***************************************************************************/
+ /* Check preconditions. As an internal API we don't allow freeing NULL */
+ /* events as we do on the public API. */
+ /***************************************************************************/
+ assert(event != NULL);
+ assert(event->header.event_domain == EVEL_DOMAIN_SYSLOG);
+
+ /***************************************************************************/
+ /* Free all internal strings then the header itself. */
+ /***************************************************************************/
+
+ evel_free_option_string(&event->additional_filters);
+ evel_free_option_string(&event->event_source_host);
+ free(event->syslog_msg);
+ evel_free_option_string(&event->syslog_proc);
+ evel_free_option_string(&event->syslog_s_data);
+ evel_free_option_string(&event->syslog_sdid);
+ evel_free_option_string(&event->syslog_severity);
+ free(event->syslog_tag);
+ evel_free_header(&event->header);
+
+ EVEL_EXIT();
+}