[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ossec-dev] [prelude support]: Improving compile stuff and fixes some idmef path errors
Hi folks,
The following patch improves:
* The prelude compilation system within Ossec
* IDMEF Additional data fixes
Coming next (tomorrow or the day after): more infos in the IDMEF message
Regards,
Sebastien.
? Config.OS
? prelude-compile_errors_idmef_path.0.partch
? addagent/manage_agents
? analysisd/Config.ANALYSISD
? analysisd/ossec-analysisd
? client-agent/ossec-agentd
? headers/zconf.h
? headers/zlib.h
? logcollector/ossec-logcollector
? monitord/ossec-monitord
? os_dbd/ossec-dbd
? os_execd/ossec-execd
? os_maild/ossec-maild
? remoted/ossec-remoted
? syscheckd/ossec-syscheckd
? util/clear_stats
? util/list_agents
? util/syscheck_update
Index: Config.Make
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/Config.Make,v
retrieving revision 1.8
diff -u -r1.8 Config.Make
--- Config.Make 18 Aug 2007 01:07:49 -0000 1.8
+++ Config.Make 10 Oct 2007 23:23:13 -0000
@@ -8,7 +8,7 @@
include ${PT}Config.OS
-CFLAGS = -g -Wall -I${PT} -I${PT}headers ${CPATH} ${CEXTRA} ${DEXTRA} ${EEXTRA} ${FEXTRA} ${GEXTRA} -DARGV0=\"${NAME}\" -DXML_VAR=\"var\" -DOSSECHIDS
+CFLAGS = -g -Wall -I${PT} -I${PT}headers ${CPATH} ${CEXTRA} ${DEXTRA} ${EEXTRA} ${FEXTRA} ${GEXTRA} -DARGV0=\"${NAME}\" -DXML_VAR=\"var\" -DOSSECHIDS -DPRELUDE -lprelude
SOURCES = *.c
OBJECTS = *.o
Index: LOCATION
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/LOCATION,v
retrieving revision 1.2
diff -u -r1.2 LOCATION
--- LOCATION 25 Oct 2005 16:18:50 -0000 1.2
+++ LOCATION 10 Oct 2007 23:23:13 -0000
@@ -1,2 +1,2 @@
-DIR="/var/ossec"
+DIR="/opt/ossec"
CC=gcc
Index: Makefile
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/Makefile,v
retrieving revision 1.8
diff -u -r1.8 Makefile
--- Makefile 24 Sep 2007 21:16:04 -0000 1.8
+++ Makefile 10 Oct 2007 23:23:13 -0000
@@ -41,7 +41,8 @@
@echo "CEXTRA=-DCLIENT" >> ./Config.OS
setprelude:
- @echo "CPRELUDE=-DPRELUDE `libprelude-config --cflags`" >> ./Config.OS
+ @echo "CPRELUDE=-DPRELUDE `libprelude-config --pthread-cflags`" >> ./analysisd/Config.ANALYSISD
+ @echo "LPRELUDE=`libprelude-config --libs`" >> ./analysisd/Config.ANALYSISD
setlocal:
@echo "CEXTRA=-DLOCAL" >> ./Config.OS
Index: analysisd/Makefile
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/analysisd/Makefile,v
retrieving revision 1.8
diff -u -r1.8 Makefile
--- analysisd/Makefile 24 Sep 2007 21:16:05 -0000 1.8
+++ analysisd/Makefile 10 Oct 2007 23:23:13 -0000
@@ -7,7 +7,7 @@
include ../Config.Make
-LOCAL= analysisd.c stats.c rules.c rules_list.c config.c fts.c eventinfo.c eventinfo_list.c cleanevent.c active-response.c prelude.c ${OS_CONFIG}
+LOCAL= analysisd.c stats.c rules.c rules_list.c config.c fts.c eventinfo.c eventinfo_list.c cleanevent.c active-response.c prelude.c ${OS_CONFIG} ${ANALYSISD_CONFIG}
PLUGINS = decoders/decoders.a
ALERTS = alerts/alerts.a
@@ -17,7 +17,7 @@
logaudit:
cd ./alerts; make
cd ./decoders; make
- $(CC) $(CFLAGS) -I./ ${loga_OBJS} -o ${NAME}
+ $(CC) $(CFLAGS) -I./ ${loga_OBJS} -o ${NAME} ${LPRELUDE}
clean:
cd ./alerts; make clean
Index: analysisd/prelude.c
===================================================================
RCS file: /usr/cvsroot/ossec-hids/src/analysisd/prelude.c,v
retrieving revision 1.3
diff -u -r1.3 prelude.c
--- analysisd/prelude.c 7 Oct 2007 01:42:46 -0000 1.3
+++ analysisd/prelude.c 10 Oct 2007 23:23:13 -0000
@@ -51,7 +51,9 @@
prelude_io_new(&pio);
prelude_io_set_file_io(pio, stderr);
idmef_message_print(idmef, pio);
+
prelude_io_destroy(pio);
+
}
@@ -86,7 +88,7 @@
ret = idmef_path_set(path, msg, val);
if(ret < 0)
{
- merror("%s: OSSEC2Prelude: IDMEF: Cannot add object '%s'", ARGV0, msg);
+ merror("%s: OSSEC2Prelude: IDMEF: Cannot add object '%s': %s", ARGV0, object, prelude_strerror(ret));
}
idmef_value_destroy(val);
@@ -157,7 +159,6 @@
return;
}
-
ret = setup_analyzer(prelude_client_get_analyzer(prelude_client));
if(ret < 0)
{
@@ -171,6 +172,12 @@
}
+ ret = prelude_client_set_flags(prelude_client,
+ prelude_client_get_flags(prelude_client) | PRELUDE_CLIENT_FLAGS_ASYNC_TIMER);
+ if (ret < 0)
+ merror("%s: %s: Unable to set prelude client flags: %s.",
+ ARGV0, prelude_strsource(ret), prelude_strerror(ret));
+
ret = prelude_client_start(prelude_client);
if (ret < 0)
{
@@ -237,22 +244,23 @@
/* Setting source file. */
- add_idmef_object(idmef, "alert.additional_data(1).type", "string");
- add_idmef_object(idmef, "alert.additional_data(1).meaning", "Source file");
- add_idmef_object(idmef, "alert.additional_data(1).data", lf->location);
+ add_idmef_object(idmef, "alert.additional_data(0).type", "string");
+ add_idmef_object(idmef, "alert.additional_data(0).meaning", "Source file");
+ add_idmef_object(idmef, "alert.additional_data(0).data", lf->location);
/* Setting full log. */
- add_idmef_object(idmef, "alert.additional_data(3).type", "string");
- add_idmef_object(idmef, "alert.additional_data(3).meaning", "Full Log");
- add_idmef_object(idmef, "alert.additional_data(3).data", lf->full_log);
+ add_idmef_object(idmef, "alert.additional_data(1).type", "string");
+ add_idmef_object(idmef, "alert.additional_data(1).meaning", "Full Log");
+ add_idmef_object(idmef, "alert.additional_data(1).data", lf->full_log);
idmef_alert_set_analyzer(idmef_message_get_alert(idmef),
- idmef_analyzer_ref
- (prelude_client_get_analyzer(prelude_client)),
+ idmef_analyzer_ref
+ (prelude_client_get_analyzer(prelude_client)),
IDMEF_LIST_PREPEND);
prelude_client_send_idmef(prelude_client, idmef);
+
idmef_message_destroy(idmef);
}
OSSEC home |
Main Index |
Thread Index
OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.