[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ossec-dev] ossec-hids: eventinfo.c (HEAD) eventinfo.h (HEAD) fts.c (HEAD) [dcid]
- To: dancid@xxxxxxxxxxxxxxx
- Subject: [ossec-dev] ossec-hids: eventinfo.c (HEAD) eventinfo.h (HEAD) fts.c (HEAD) [dcid]
- From: OSSEC CVS <cvs-commit@xxxxxxxxx>
- Date: Thu, 7 Sep 2006 20:19:06 -0300 (ADT)
- Content-transfer-encoding: 8bit
Module name: ossec-hids
Changes by: dcid 06/09/07 20:19:04
Modified files:
eventinfo.c eventinfo.h fts.c
Log message:
Description: Multiple windows fixes. Porting the agent/server changes to windows.
Reviewed by: dcid
Bug:
Index: eventinfo.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/analysisd/eventinfo.c,v
diff -u -r1.24 -r1.25
--- eventinfo.c 3 Aug 2006 21:51:20 -0000 1.24
+++ eventinfo.c 7 Sep 2006 23:19:03 -0000 1.25
@@ -280,6 +280,7 @@
lf->command = NULL;
lf->url = NULL;
lf->data = NULL;
+ lf->systemname = NULL;
lf->fts = 0;
lf->type = SYSLOG; /* default type is syslog */
@@ -333,6 +334,8 @@
free(lf->url);
if(lf->data)
free(lf->data);
+ if(lf->systemname)
+ free(lf->systemname);
if(lf->hour)
free(lf->hour);
Index: eventinfo.h
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/analysisd/eventinfo.h,v
diff -u -r1.22 -r1.23
--- eventinfo.h 3 Aug 2006 21:51:20 -0000 1.22
+++ eventinfo.h 7 Sep 2006 23:19:03 -0000 1.23
@@ -47,6 +47,8 @@
char *command;
char *url;
char *data;
+ char *systemname;
+
/* FTS fields */
int fts;
@@ -94,14 +96,15 @@
/* FTS allowed values */
-#define FTS_NAME 001000
-#define FTS_USER 002000
-#define FTS_DSTUSER 004000
-#define FTS_SRCIP 000100
-#define FTS_DSTIP 000200
-#define FTS_LOCATION 000400
-#define FTS_ID 000010
-#define FTS_DATA 000020
+#define FTS_NAME 001000
+#define FTS_USER 002000
+#define FTS_DSTUSER 004000
+#define FTS_SRCIP 000100
+#define FTS_DSTIP 000200
+#define FTS_LOCATION 000400
+#define FTS_ID 000010
+#define FTS_DATA 000020
+#define FTS_SYSTEMNAME 000040
/** Functions for events **/
Index: fts.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/analysisd/fts.c,v
diff -u -r1.21 -r1.22
--- fts.c 3 Aug 2006 21:51:20 -0000 1.21
+++ fts.c 7 Sep 2006 23:19:03 -0000 1.22
@@ -115,6 +115,8 @@
lf->dstip:"",
(lf->data && (lf->generated_rule->ignore & FTS_DATA))?
lf->data:"",
+ (lf->systemname && (lf->generated_rule->ignore & FTS_SYSTEMNAME))?
+ lf->systemname:"",
(lf->generated_rule->ignore & FTS_LOCATION)?lf->location:"");
fseek(fp_ignore, 0, SEEK_END);
@@ -149,7 +151,9 @@
(lf->dstip && (lf->generated_rule->ckignore & FTS_DSTIP))?
lf->dstip:"",
(lf->data && (lf->generated_rule->ignore & FTS_DATA))?
- lf->data:"",
+ lf->data:"",
+ (lf->systemname && (lf->generated_rule->ignore & FTS_SYSTEMNAME))?
+ lf->systemname:"",
(lf->generated_rule->ckignore & FTS_LOCATION)?lf->location:"");
_fline[OS_FLSIZE] = '\0';
@@ -199,6 +203,7 @@
(lf->srcip && (lf->fts & FTS_SRCIP))?lf->srcip:"",
(lf->dstip && (lf->fts & FTS_DSTIP))?lf->dstip:"",
(lf->data && (lf->fts & FTS_DATA))?lf->data:"",
+ (lf->systemname && (lf->fts & FTS_SYSTEMNAME))?lf->systemname:"",
(lf->fts & FTS_LOCATION)?lf->location:"");
OSSEC home |
Main Index |
Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.