prelude-lml 1.0.0-5.3 / usr / include / prelude-lml / prelude-lml.h

This file is indexed.

/usr/include/prelude-lml/prelude-lml.h is in prelude-lml 1.0.0-5.3.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below. 

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
/*****
*
* Copyright (C) 2005 PreludeIDS Technologies. All Rights Reserved.
* Author: Yoann Vandoorselaere <yoann.v@prelude-ids.com>
*
* This file is part of the Prelude-LML program.
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; see the file COPYING.  If not, write to
* the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
*
*****/

#ifndef _PRELUDE_LML_H
#define _PRELUDE_LML_H

#include <libprelude/prelude.h>
#include <libprelude/prelude-log.h>

typedef struct lml_log_entry lml_log_entry_t;
typedef struct lml_log_source lml_log_source_t;


typedef struct {
        PRELUDE_PLUGIN_GENERIC;
        void (*run)(prelude_plugin_instance_t *pi, const lml_log_source_t *ls, lml_log_entry_t *log);
} lml_log_plugin_t;


void lml_log_entry_destroy(lml_log_entry_t *lc);

lml_log_entry_t *lml_log_entry_ref(lml_log_entry_t *log_entry);


const char *lml_log_entry_get_message(const lml_log_entry_t *log_entry);

const char *lml_log_entry_get_original_log(const lml_log_entry_t *log_entry);

size_t lml_log_entry_get_message_len(const lml_log_entry_t *log_entry);

size_t lml_log_entry_get_original_log_len(const lml_log_entry_t *log_entry);

const struct timeval *lml_log_entry_get_timeval(const lml_log_entry_t *log_entry);

const char *lml_log_entry_get_target_hostname(const lml_log_entry_t *log_entry);

const char *lml_log_entry_get_target_process(const lml_log_entry_t *log_entry);

const char *lml_log_entry_get_target_process_pid(const lml_log_entry_t *log_entry);


/*
 * Alert emission
 */
int lml_alert_set_infos(idmef_message_t *message, const lml_log_entry_t *log);

void lml_alert_emit(const lml_log_source_t *ls, const lml_log_entry_t *log, idmef_message_t *msg);

int lml_alert_prepare(idmef_message_t *message, const lml_log_source_t *ls, const lml_log_entry_t *log);

int lml_additional_data_prepare(prelude_list_t *adlist, const lml_log_source_t *ls, const lml_log_entry_t *log);
#endif

APT Browse - Built by Thomas Orozco.